150f3c1178fae0c5d82905c957a07f7d_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

150f3c1178fae0c5d82905c957a07f7d_JaffaCakes118
Size

150KB
MD5

150f3c1178fae0c5d82905c957a07f7d
SHA1

5f3c4dd8cc11a24966e6405bee0c097c1dee52d5
SHA256

06c9f5e351c164e649a39a594396aa79feb5afd3a029586143710cd5e6a37f45
SHA512

a45a4793f63cf5b43db0b1d214738dcf498f34bdeaddd980f7ce34a0789cffe924ab6db8218a366498fba0ff498235ae0f58a4606b1977b4b443ee2744c556ea
SSDEEP

3072:puxo6iF8zTJFKnSx2RMDP0WI+B1gYDR6WtgO/Yum49:giF8zjKnSx2mYWh1gYDR6WtbAum49

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
150f3c1178fae0c5d82905c957a07f7d_JaffaCakes118

Files

150f3c1178fae0c5d82905c957a07f7d_JaffaCakes118
.exe windows:5 windows x86 arch:x86

fe44b54b541239d22095e329a2ca1a27

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

T:\dcdnOalDdvso\ojnitPitkW\rrxzVqht\iEgfKCE\HafpMzBEwjuP.pdb

Imports

msvcrt

getenv
toupper
time
isspace
strncpy
strpbrk
strstr
_controlfp
islower
__set_app_type
realloc
srand
__p__fmode
strerror
qsort
__p__commode
swscanf
strcspn
clearerr
swprintf
fgets
atoi
towupper
fseek
_amsg_exit
fread
remove
wcscpy
fwrite
_initterm
_ismbblead
getc
strchr
_XcptFilter
towlower
fgetc
isdigit
_exit
_cexit
ungetc
mbtowc
fprintf
strtoul
__setusermatherr
free
__getmainargs
floor

kernel32

FindNextFileA
FileTimeToDosDateTime
HeapReAlloc
lstrcpynA
HeapAlloc
MoveFileA
WriteFile
InitializeCriticalSection
GetVersion
IsDBCSLeadByte
FindFirstFileA
WaitCommEvent
Sleep
VirtualQuery
GetFullPathNameW
GlobalAddAtomA
SetCurrentDirectoryA
IsValidLocale
GetUserDefaultLangID
GetACP
CreateSemaphoreW
FindResourceA
LoadLibraryExA
GetProcessHeap
SetEvent
GetHandleInformation
RemoveDirectoryA
GetModuleFileNameA
GetWindowsDirectoryW
VirtualFree
LockFile
GetTickCount
AreFileApisANSI
GetDateFormatA
GlobalGetAtomNameW
GetSystemDirectoryW
GetThreadTimes
SetUnhandledExceptionFilter
GlobalDeleteAtom
EnterCriticalSection
TerminateThread
QueryDosDeviceW
IsBadStringPtrW
CreateFileW
GetComputerNameExA
GetFileAttributesExW
OpenFile
CallNamedPipeW
HeapFree
SetCommState
CompareStringA
IsDBCSLeadByteEx
CancelIo
lstrlenW
GetModuleHandleA
lstrcmpA
GetWindowsDirectoryA
MulDiv

user32

PostQuitMessage
MapWindowPoints
CheckMenuRadioItem
mouse_event
RegisterClassA
GetScrollPos
SetWindowLongA
SetScrollRange
GetDialogBaseUnits
GetClassNameW
ShowOwnedPopups
InternalGetWindowText
SetUserObjectInformationW
TranslateAcceleratorA
CharNextW
CreateIconFromResource
GetLastActivePopup
MonitorFromPoint
GetWindowTextW
SetCursor
SendMessageTimeoutA
IsWindow
ClipCursor
EqualRect
LoadBitmapW
GetActiveWindow
CharPrevA
GetCaretPos
CopyRect
GetMessageW
IsWindowUnicode
AppendMenuW
keybd_event
RemovePropW
DeferWindowPos
GetWindowRect
ClientToScreen
SendInput
RedrawWindow
GetMenuStringA
LoadImageA
GetMonitorInfoW
LookupIconIdFromDirectory
SetMenuItemInfoW
RegisterClassExW
GetShellWindow
PostMessageW
GetGUIThreadInfo
SetRectEmpty
CreateMenu
EnumWindows
ActivateKeyboardLayout
FindWindowA
GetDlgItemInt
DrawAnimatedRects
DrawIcon
IsCharAlphaW
GetClipCursor
SetActiveWindow
DefWindowProcA
CreateDialogIndirectParamW
GetDlgItem
LockWindowUpdate
GetClassInfoExW
DefFrameProcW
SetPropW
VkKeyScanW
FindWindowExA
IsWindowVisible
EndDialog
SetFocus
AdjustWindowRect
ShowCursor
SetMenuItemBitmaps
OpenInputDesktop
ScrollWindow
OemToCharBuffA
GetUpdateRgn
OemToCharA
CharToOemBuffA
GetWindow
IsCharAlphaNumericW
InsertMenuW
GetUserObjectInformationW
GetMenuItemCount
SetCaretPos
MapDialogRect
GetCursorPos
CharUpperBuffW
ReleaseDC
ShowWindow
FindWindowExW
GetWindowTextA
ChildWindowFromPointEx
GetDoubleClickTime
IsIconic
IsCharAlphaA
PostThreadMessageW
TrackPopupMenuEx
IsRectEmpty
SendDlgItemMessageW
FrameRect
MoveWindow
CreateIconIndirect
SetMenu
LoadImageW
MapVirtualKeyW
LoadIconA
GetMenuItemID
ValidateRect
ShowCaret
EnableMenuItem
ShowWindowAsync
SendMessageA
IsDialogMessageW
CharUpperA
GetKeyboardLayoutNameW
DrawTextExW
SetClassLongW
SetWindowPlacement
GetForegroundWindow
KillTimer

Exports

Exports

?GenericOutputInfoYSUh@@YGK_KHE[D

Sections

.text
Size: 57KB - Virtual size: 56KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 14KB - Virtual size: 91KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 75KB - Virtual size: 75KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

fe44b54b541239d22095e329a2ca1a27

Headers

File Characteristics

PDB Paths

Imports

msvcrt

kernel32

user32

Exports

Exports

Sections

.text Size: 57KB - Virtual size: 56KB

.data Size: 14KB - Virtual size: 91KB

.rsrc Size: 75KB - Virtual size: 75KB

.reloc Size: 2KB - Virtual size: 1KB

.text
Size: 57KB - Virtual size: 56KB

.data
Size: 14KB - Virtual size: 91KB

.rsrc
Size: 75KB - Virtual size: 75KB

.reloc
Size: 2KB - Virtual size: 1KB