146f74c436496a7c3dbc03db5a99958e_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

146f74c436496a7c3dbc03db5a99958e_JaffaCakes118
Size

144KB
MD5

146f74c436496a7c3dbc03db5a99958e
SHA1

f204bbba7d60ef0f8b7266dfc3d51b61dc4eb4f0
SHA256

d94f83896151245e4db5028c62e085479f84485d7596cd0302218d3fa8622501
SHA512

9a307acb62a8f0ae91489ccc3a008ffb3b2d353753ef718e4c95576f8e69c431c84f0452025125d57ec74c235d17ea3003dd162e49bd97b68fab78df36a18b8c
SSDEEP

3072:BVb2RMf2h5/tSP7oUhELlDaDKmxg34jJ+VfG:Hb2mPPTwuDbAVfG

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
146f74c436496a7c3dbc03db5a99958e_JaffaCakes118

Files

146f74c436496a7c3dbc03db5a99958e_JaffaCakes118
.exe windows:5 windows x86 arch:x86

8f9222e4b429785e1da48bd5e764fc8a

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

G:\hsnbleQpRl\mxDZrIfJstbF\qjxGtZbdP.pdb

Imports

msvcrt

setlocale
_controlfp
isalpha
mbstowcs
__set_app_type
realloc
ftell
__p__fmode
getenv
system
wcsncmp
wcslen
putc
__p__commode
_amsg_exit
_initterm
rand
_ismbblead
fputs
fprintf
malloc
_XcptFilter
_exit
iswxdigit
wcsstr
iswalpha
islower
strpbrk
qsort
isspace
strcpy
fread
fclose
_cexit
__setusermatherr
localtime
__getmainargs
fflush
wcschr
fgets
memset
iswspace
sscanf
bsearch
perror
wcscmp
strstr
strncpy

shlwapi

StrToIntW

kernel32

DuplicateHandle
GetProcessHeap
GetSystemTimeAdjustment
EnumSystemLocalesA
SetSystemTime
VirtualProtect
LeaveCriticalSection
EnumResourceNamesA
TransactNamedPipe
EnterCriticalSection
TryEnterCriticalSection
DeleteCriticalSection
GetLastError
CreateMailslotW
GetUserDefaultUILanguage
LoadResource
OpenSemaphoreW
GlobalGetAtomNameW
SetEvent
lstrcmpiA
GetAtomNameA
SetTimerQueueTimer
HeapFree
FreeResource
GetUserDefaultLangID
OpenFileMappingA
GetBinaryTypeA
GlobalHandle
WaitForSingleObject
GlobalFindAtomW
GlobalFlags
GetFileTime
CreateEventA
SetErrorMode
SetThreadLocale
FindResourceExA
GetCurrentThreadId
CompareStringW
GetCommConfig
SetThreadContext
VerSetConditionMask
GetCommProperties
InitializeCriticalSection
IsBadWritePtr
FreeLibrary
TerminateThread
SetPriorityClass
SetThreadAffinityMask
WaitForMultipleObjects
GetVersion
MoveFileW
GetAtomNameW
CreateSemaphoreA
HeapAlloc
CreateFileMappingA
ReadFile
GetModuleFileNameW
GetModuleFileNameA

comdlg32

ChooseFontW
GetFileTitleW
PageSetupDlgW
GetSaveFileNameW

user32

CharUpperBuffA
ShowOwnedPopups
ShowCaret
IsRectEmpty
GetWindowTextA
SetPropW
SetDlgItemTextA
GetDlgItemTextW
EnumWindows
LoadIconW
GetKeyboardType
GetUpdateRgn
SetWindowPlacement
DestroyMenu
GetMenuStringA
GetDlgItemInt
GetFocus
GetDCEx
LoadImageA
ScreenToClient
RegisterWindowMessageA
CharLowerW
GetWindowRect
ArrangeIconicWindows
SetCursor
SystemParametersInfoA
GetClientRect
DrawAnimatedRects
ReplyMessage
SetScrollPos
IsChild
BeginPaint
RegisterClassExA
EndPaint
CreateCursor
GetDlgCtrlID
LoadIconA
ScrollWindow
DestroyCursor
AdjustWindowRectEx
InSendMessageEx
GetDlgItemTextA
InsertMenuW
GetNextDlgTabItem
SendNotifyMessageW
InvalidateRect
DrawEdge
DefDlgProcA
HiliteMenuItem
GetUserObjectInformationA
ShowScrollBar
ScrollWindowEx
DrawFrameControl
PostThreadMessageA
FindWindowExW
InflateRect
UpdateWindow
UnloadKeyboardLayout
KillTimer
IsDlgButtonChecked
GetMessagePos
GetLastActivePopup
mouse_event
GetKeyboardLayout
ShowWindow
DefFrameProcA
GetParent
SetCaretPos
GetScrollRange
RegisterClassExW
EnumThreadWindows
GetCaretBlinkTime
OpenIcon
GetMessageA
CreateCaret
DispatchMessageW
LoadMenuA
GetClassInfoExA
GetMessageW
OpenDesktopW
PeekMessageA
wsprintfA
SetScrollRange
CascadeWindows
SetUserObjectInformationW
CharToOemBuffA
RegisterClassW
SetForegroundWindow
LoadBitmapA
GetPropW
GetTopWindow
CreateWindowExA
MessageBoxW
EndDialog
MoveWindow
TabbedTextOutW
CharNextA
IsCharAlphaNumericW
CallWindowProcW
MonitorFromPoint
CloseDesktop
SetTimer
wvsprintfA
GetSysColor
AllowSetForegroundWindow
GetMenuItemID
PostQuitMessage
CharLowerBuffW
SetRect
GetGUIThreadInfo
SendDlgItemMessageA
MapVirtualKeyExW
CreateAcceleratorTableW
FindWindowW
SetActiveWindow
WindowFromPoint
LoadBitmapW
ShowCursor
GetWindowModuleFileNameW
WaitMessage
CopyImage
GetCaretPos
IsDialogMessageA
RegisterHotKey

Exports

Exports

?GenericOutputInfoYSUh@@YGK_KHE[D

Sections

.text
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 21KB - Virtual size: 145KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 111KB - Virtual size: 111KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

8f9222e4b429785e1da48bd5e764fc8a

Headers

File Characteristics

PDB Paths

Imports

msvcrt

shlwapi

kernel32

comdlg32

user32

Exports

Exports

Sections

.text Size: 8KB - Virtual size: 8KB

.data Size: 21KB - Virtual size: 145KB

.rsrc Size: 111KB - Virtual size: 111KB

.reloc Size: 2KB - Virtual size: 1KB

.text
Size: 8KB - Virtual size: 8KB

.data
Size: 21KB - Virtual size: 145KB

.rsrc
Size: 111KB - Virtual size: 111KB

.reloc
Size: 2KB - Virtual size: 1KB