0f0783958005bcba7031bd80053bcbc4_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

0f0783958005bcba7031bd80053bcbc4_JaffaCakes118
Size

748KB
MD5

0f0783958005bcba7031bd80053bcbc4
SHA1

c9904849d67733daf1d7c57dc1f0d1f7c374e155
SHA256

65ffd68d55f955cc80cd77c5762627906b6fe3b1a36fd69ee7e4de6a027e75dd
SHA512

27ac2dd1d95c95b0acf41567d65bde710b91de4b2b148c41f2db998d165cdf7efc6e905cfdfe8fb7a4af797e258c5021805bd3a7fed59ea28423c0d1d05872b9
SSDEEP

12288:V6d44kwoCESlQ8qpjCAlvOpUwP8L6QgsxLpk2tyKMJN4/TCZv7M:0d44hoCzZqVrv8a6Qgs/k2tP0NOG9M

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0f0783958005bcba7031bd80053bcbc4_JaffaCakes118

Files

0f0783958005bcba7031bd80053bcbc4_JaffaCakes118
.dll windows:5 windows x86 arch:x86

79fed0afcb8712aad1eb455f18025848

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

R:\fjgCBaDgqhOeg\lfOZCcmr\qVGyepoptYkq\ufsJtqiyust\IJgkFhgkexq.pdb

Imports

comctl32

InitCommonControlsEx
ImageList_LoadImageW
ImageList_ReplaceIcon
ImageList_Read
ImageList_Create
CreatePropertySheetPageW

kernel32

HeapSize
HeapAlloc
GetSystemDefaultLangID
GetCommConfig
CopyFileA
GetVersionExW
SetThreadPriority
GetAtomNameA
GetStdHandle
GlobalLock
CreateMutexA
GetSystemTimeAdjustment
CreateEventA
GetComputerNameExW
ResumeThread
GetCompressedFileSizeW
FlushFileBuffers
EnumResourceLanguagesA
GetProcessHeap
SetEndOfFile
LocalLock
OpenFileMappingA
WaitForSingleObject
HeapFree
SetFileAttributesW
SetLocalTime
GetWindowsDirectoryA
FindFirstFileW
GetTimeZoneInformation
FindCloseChangeNotification
SetNamedPipeHandleState
FindFirstChangeNotificationW
GetStringTypeExW
DuplicateHandle
GetStartupInfoA
LockFile
SuspendThread
DeleteFileA
LockResource
FindResourceA
GetCommandLineA
lstrcpynW
GetTempFileNameA
SleepEx
GetModuleFileNameA
FindNextFileA
CreateFileMappingA
GetLastError
GetShortPathNameW
lstrcmpW
GetSystemWindowsDirectoryW
ExitThread
GetCurrentDirectoryW
RaiseException
QueryPerformanceCounter

user32

GetNextDlgGroupItem
BeginPaint
CreateIconIndirect
DrawAnimatedRects
RegisterHotKey
GetNextDlgTabItem
GetDlgItemTextW
TranslateAcceleratorA
CallWindowProcW
GetShellWindow
GetKeyboardLayout
GetMenuItemID
MapVirtualKeyA
RegisterClassExA
CheckRadioButton
InsertMenuW
SetWindowLongA
GetMenuCheckMarkDimensions
GetUserObjectInformationW
EndDialog
RegisterWindowMessageA
DragObject
SetWindowTextW
ExitWindowsEx
GetMenuStringA
SetUserObjectInformationW
OpenIcon
VkKeyScanW
SetActiveWindow
ToUnicodeEx
CheckMenuRadioItem
MessageBoxW
SetScrollRange
EnumChildWindows
MonitorFromRect
LoadCursorW
DefDlgProcA
GetFocus
InternalGetWindowText
EnumWindows
IsRectEmpty
DefWindowProcW
ShowCaret
HiliteMenuItem
ClipCursor
SetCursorPos
InvalidateRect
GetWindowPlacement
TabbedTextOutW
IsWindowVisible
CharToOemBuffA
LoadAcceleratorsW
DialogBoxIndirectParamW
InsertMenuA
IsZoomed
GetClassLongW
wvsprintfW
TranslateMessage
GetWindowLongW
ActivateKeyboardLayout
GetMessageExtraInfo
ScrollWindowEx
MessageBoxExW
GetClassNameW
GetAltTabInfoA
ScrollWindow
OpenInputDesktop
DrawTextA
SetMenuItemBitmaps
GetClassInfoA
AdjustWindowRectEx
CharNextW
HideCaret
SetMenuDefaultItem
SetScrollInfo
GetWindowRect
EnableScrollBar
DestroyCaret
GetCaretPos
CreatePopupMenu
AppendMenuA
MapVirtualKeyExW
CharLowerA
SendNotifyMessageW
LookupIconIdFromDirectory
ShowOwnedPopups
UnloadKeyboardLayout
GetScrollRange
ChildWindowFromPoint
SetWindowTextA
CreateDialogParamA
SystemParametersInfoW
WindowFromPoint
SetDlgItemTextW
ChangeMenuW
GetKeyState
FillRect
TrackPopupMenu
GetLastActivePopup
GetWindowLongA
IsCharUpperA
DialogBoxIndirectParamA
LoadBitmapA
IsDialogMessageW
ScreenToClient
SetTimer
GetPropW
GetTopWindow
MoveWindow
GetUserObjectInformationA
GetSysColorBrush
GetWindowTextA
FindWindowExA
IntersectRect
PeekMessageA
AttachThreadInput
DestroyMenu
DispatchMessageW

msvcrt

wcsstr
sscanf
strtol
_controlfp
wcstol
strpbrk
__set_app_type
__p__fmode
puts
iswctype
__p__commode
strstr
_amsg_exit
_initterm
_ismbblead
_XcptFilter
toupper
_exit
isprint
wcsrchr
wcscspn
vswprintf
tolower
strchr
isxdigit
memset
_cexit
isalnum
setvbuf
srand
towlower
strcoll
setlocale
time
iswxdigit
strncmp
putchar
wcscpy
clock
__setusermatherr
getc
mbtowc
gets
iswspace
atol
fwrite
__getmainargs
isupper

shlwapi

StrToIntA

comdlg32

PrintDlgW
PrintDlgExW
ChooseColorW
GetOpenFileNameW

Exports

Exports

showtit[D
?InsertRawPointDyXBc@@YGKHGE[D

Sections

.text
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 21KB - Virtual size: 1.3MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 716KB - Virtual size: 715KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

79fed0afcb8712aad1eb455f18025848

Headers

File Characteristics

PDB Paths

Imports

comctl32

kernel32

user32

msvcrt

shlwapi

comdlg32

Exports

Exports

Sections

.text Size: 8KB - Virtual size: 8KB

.data Size: 21KB - Virtual size: 1.3MB

.rsrc Size: 716KB - Virtual size: 715KB

.reloc Size: 2KB - Virtual size: 2KB

.text
Size: 8KB - Virtual size: 8KB

.data
Size: 21KB - Virtual size: 1.3MB

.rsrc
Size: 716KB - Virtual size: 715KB

.reloc
Size: 2KB - Virtual size: 2KB