095ba5eb674323d761ca2387c6a8473c_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

095ba5eb674323d761ca2387c6a8473c_JaffaCakes118
Size

204KB
MD5

095ba5eb674323d761ca2387c6a8473c
SHA1

508ccd842c67b154ed05c593b288873a4853e441
SHA256

1fe869efd3feea799cb0b458ef9f4eeb4b56d2838dc7480ede42b7a8c3ab45f4
SHA512

e93dfc6c61b228cddc4595e0814092066df3951291ef19fefc3200a4c2464b4b53b8f245e4bce492044e940fff3dced381d5caad5df1a0731f0cedbd8549d260
SSDEEP

3072:iOqMqgjrx4tmfL8P3csqjVYFWb/WiXJKXd14DmlIqWsvg4aTCWYcCXRjzK:iOb/rx58fJF0WMQXAyl+ug4a6cCXRq

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
095ba5eb674323d761ca2387c6a8473c_JaffaCakes118

Files

095ba5eb674323d761ca2387c6a8473c_JaffaCakes118
.exe windows:5 windows x86 arch:x86

ebd5b4d505164bff4b4269561a9fae32

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

U:\ozoCXZVqUsakO\LFCUpOWffs\byhSDyafbqfN\hqVszZihaxG.pdb

Imports

shlwapi

StrToIntA

user32

CreateDialogIndirectParamW
RedrawWindow
InsertMenuW
LoadImageA
FillRect
GetClipCursor
RegisterWindowMessageW
GetScrollPos
DrawTextExW
SendDlgItemMessageA
SetWindowLongW
GetKeyboardType
WaitForInputIdle
SystemParametersInfoW
GetSystemMenu
HiliteMenuItem
EnableMenuItem
InvalidateRgn
GetClientRect
SetSysColors
VkKeyScanW
FrameRect
GetWindowTextLengthW
SendMessageA
InSendMessage
PostQuitMessage
CheckMenuRadioItem
mouse_event
WaitMessage
GetMessageTime
MonitorFromRect
CloseDesktop
GetWindowLongW
DestroyIcon
GetKeyboardLayoutList
LoadIconA
GetShellWindow
DispatchMessageA
GetSystemMetrics
DrawFocusRect
ModifyMenuW
AppendMenuW
GetMenuItemID
EnableScrollBar
SetLastErrorEx
GetDoubleClickTime
LookupIconIdFromDirectory
MessageBoxExA
SetMenuDefaultItem
MapVirtualKeyExW
CharUpperW
CopyRect
CreateDialogParamW
LoadMenuW
DragObject
wvsprintfA
MapVirtualKeyA
SwitchToThisWindow
GetPropW
EndDialog
SetUserObjectInformationW
GetMenuCheckMarkDimensions
SetDlgItemTextW
DrawAnimatedRects
AllowSetForegroundWindow
GetNextDlgGroupItem
RegisterHotKey
DrawTextW
GetMenuItemRect
IsWindow
GetClassInfoA
GetAltTabInfoA
RegisterClassExA
AppendMenuA
GetCursorPos
IsWindowVisible
CharUpperA
ShowCursor
PostMessageW
LoadCursorA
PeekMessageA
GetDlgItemInt
KillTimer
MessageBoxA
TrackPopupMenu
OpenIcon
CharPrevA
EnumWindows
AttachThreadInput
DrawStateA
IsRectEmpty
CheckDlgButton
DrawStateW
IsCharLowerA
GetMenuItemCount
GetWindowPlacement
SetParent
TranslateMessage
SendMessageTimeoutW
GetCaretPos
ToUnicodeEx
GetUpdateRgn
LoadAcceleratorsW
TileWindows
DialogBoxParamW
DialogBoxParamA
SetActiveWindow
OemToCharBuffA
GetActiveWindow
GetSysColorBrush
SetMenu
CreateMenu
TranslateAcceleratorA
InsertMenuItemW
ShowCaret
GetDlgItemTextW
ShowWindowAsync
DialogBoxIndirectParamA

kernel32

RemoveDirectoryA
WaitForMultipleObjectsEx
GetOverlappedResult
GetModuleFileNameA
SystemTimeToFileTime
GetCompressedFileSizeW
VirtualAlloc
MulDiv
FindResourceExW
GetTempPathA
EnumResourceNamesW
FindResourceA
EnumResourceLanguagesA
TransactNamedPipe
GetFileInformationByHandle
lstrcpynW
LocalFree
TlsSetValue
GetProcessHeap
GetThreadContext
SetHandleInformation
CancelWaitableTimer
GetCommandLineA
RemoveDirectoryW
GetModuleHandleW
VerifyVersionInfoW
LocalAlloc
CreateWaitableTimerW
GlobalUnlock
TerminateThread
GetVersion
DeleteFileA
GetCommState
SetCurrentDirectoryA
VirtualQuery
GetTempFileNameA
LoadLibraryExA
SetSystemTimeAdjustment
GetComputerNameW
lstrcatA
CreateSemaphoreA
WinExec
RegisterWaitForSingleObject
SetWaitableTimer
GetVersionExW
GetCommTimeouts
GetBinaryTypeA
HeapAlloc
TryEnterCriticalSection
GetProcAddress
GetSystemWindowsDirectoryW
LockResource
GlobalFlags
HeapFree
CreateRemoteThread
SetLastError
SetSystemTime
EnumSystemLocalesA
IsValidLocale

msvcrt

free
calloc
strerror
putchar
iswdigit
fflush
wcscpy
_controlfp
fread
__set_app_type
time
isprint
strtol
__p__fmode
setlocale
rand
puts
__p__commode
_amsg_exit
iswprint
setvbuf
_initterm
_ismbblead
fputc
wcscmp
fwrite
vsprintf
strcoll
strncpy
strspn
iswspace
isxdigit
_XcptFilter
_exit
_cexit
__setusermatherr
isalnum
__getmainargs
fseek
towupper
getenv
gets
perror
swprintf
wcslen
memset
strncmp
bsearch

comctl32

ImageList_Read
PropertySheetA
ImageList_GetIconSize
ImageList_GetIcon
ImageList_ReplaceIcon
CreateStatusWindowW

Exports

Exports

?SetDrawMaterialOOpsw@@YGK_KHE[D

Sections

.text
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 21KB - Virtual size: 205KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 171KB - Virtual size: 171KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ebd5b4d505164bff4b4269561a9fae32

Headers

File Characteristics

PDB Paths

Imports

shlwapi

user32

kernel32

msvcrt

comctl32

Exports

Exports

Sections

.text Size: 8KB - Virtual size: 8KB

.data Size: 21KB - Virtual size: 205KB

.rsrc Size: 171KB - Virtual size: 171KB

.reloc Size: 1KB - Virtual size: 1KB

.text
Size: 8KB - Virtual size: 8KB

.data
Size: 21KB - Virtual size: 205KB

.rsrc
Size: 171KB - Virtual size: 171KB

.reloc
Size: 1KB - Virtual size: 1KB