183788c3e832a43ab07bfb39679a91e2_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

183788c3e832a43ab07bfb39679a91e2_JaffaCakes118
Size

57KB
MD5

183788c3e832a43ab07bfb39679a91e2
SHA1

ce036a4bdafeec5dfc8d8e05b8f1d4724f180cc9
SHA256

b0fbf0b1aa2186806dd3b797e8bb906eac7d5395a689ce1e4a1ab5b07b74ee7f
SHA512

ff46dc9c1a8b7290980e9ff657be2cdfe284e3d9281cc86b82b75bc96a458d5119be4a23bc8c82103a4cd66bb8cdd220d7c524786a02c0b91628c11c43349832
SSDEEP

768:dT+YqJIQni4fsaiK/0DHuwWH1qm+X+rD5iQ0f6ps46AIr6Yb39PmyoSavGSg:drqmv7OwWVqmQfL46pB39PMlGS

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
183788c3e832a43ab07bfb39679a91e2_JaffaCakes118

Files

183788c3e832a43ab07bfb39679a91e2_JaffaCakes118
.exe windows:5 windows x86 arch:x86

7f43c9190888fb6bcd636d6df72e824c

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

C:\DhwrhEpn\RwluWbx\xvAdcutCt\OLlBsIWUouc.pdb

Imports

gdi32

GetTextAlign
FillRgn
BeginPath
EndPath
RectVisible
SetBitmapDimensionEx
CreateCompatibleBitmap
GetNearestPaletteIndex
PathToRegion
ExtTextOutA
CreateICW
CreatePolygonRgn
SelectObject
GetCharWidth32W
GetTextExtentPoint32W
GetTextCharsetInfo
CreateDIBitmap
ScaleViewportExtEx
SetDIBitsToDevice
GetRgnBox
CreateCompatibleDC
StretchBlt
TextOutW
TextOutA
IntersectClipRect
CreateHalftonePalette
EnumFontFamiliesExW
StartPage
CreateDCW
CreateFontIndirectW
ScaleWindowExtEx
SaveDC
GetLayout
CreateBitmap
CreateHatchBrush
GetDIBColorTable
SetPixel
GetFontData
SetTextColor
EndPage
SetBkColor
CreateDIBSection
GetSystemPaletteUse
ExtFloodFill
DPtoLP
CreateFontIndirectA
SetWindowOrgEx
LPtoDP
RoundRect
CreateRoundRectRgn

kernel32

FindCloseChangeNotification
FileTimeToLocalFileTime
GetLocaleInfoW
CreateMailslotW
VirtualQuery
EscapeCommFunction
SetThreadPriority
LoadLibraryW
GetComputerNameA
SetFileAttributesW
GetLocaleInfoA
VerSetConditionMask
GetFileTime
SetCurrentDirectoryA
FormatMessageA
GetCommState
FlushViewOfFile
lstrcpynW
CreatePipe
LoadLibraryExA
SetCommMask
IsDBCSLeadByteEx
GlobalUnlock
ConvertDefaultLocale
SetCommTimeouts
lstrlenW
FindFirstChangeNotificationW
HeapFree
CreateRemoteThread
lstrcatW
IsValidLanguageGroup
GetAtomNameW
WaitForMultipleObjects
GetModuleHandleA
TlsFree
GetSystemDirectoryA
GetAtomNameA
TransactNamedPipe
CreateEventA
DeleteFileA
GetCurrentThread
SetMailslotInfo
CreateThread
FreeLibrary
OpenEventW
GlobalHandle
QueryPerformanceCounter
LocalSize
FreeResource
GlobalGetAtomNameA
GetModuleFileNameW
GetFullPathNameA
CallNamedPipeW
LCMapStringA
HeapSize
CopyFileA
GetTimeZoneInformation

msvcrt

islower
swprintf
isalpha
wcschr
_controlfp
putchar
fputs
__set_app_type
calloc
setvbuf
strcspn
fseek
towupper
strtol
vsprintf
__p__fmode
wcsrchr
wcspbrk
__p__commode
wcstol
strspn
_amsg_exit
putc
_initterm
fprintf
sprintf
_acmdln
exit
remove
_ismbblead
gets
wcscpy
wcsstr
ungetc
fflush
isprint
_XcptFilter
iswspace
_exit
wcscspn
towlower
_cexit
wcslen
wcstod
isdigit
strcoll
clock
__setusermatherr
__getmainargs

user32

ExitWindowsEx
SendDlgItemMessageW
InvertRect
LoadBitmapA
RegisterHotKey
SetForegroundWindow
DrawFocusRect
GetSystemMenu
SetScrollRange
FindWindowA
DragObject
PostThreadMessageA
DefWindowProcA
GetDlgItemTextW
CharToOemA
ShowCaret
RegisterClassExA
CopyRect
GetScrollInfo
EnableWindow
SwitchToThisWindow
GetClassLongA
UnloadKeyboardLayout
FindWindowW
LoadStringW
MapVirtualKeyExW
CallWindowProcW
InflateRect
WindowFromPoint
EnumThreadWindows
GetAltTabInfoW
DestroyCursor
CopyImage
DialogBoxIndirectParamW
EnumWindows
CharUpperBuffW
GetClientRect
IsZoomed
IsDialogMessageA
ToUnicodeEx
ChildWindowFromPointEx
GetMenuItemRect
GetUpdateRgn
SetFocus
ScrollWindow
ClientToScreen
GetMenuState
LoadStringA
SendMessageA
MapVirtualKeyA
InternalGetWindowText
CloseDesktop
LoadMenuW
CreateCursor
GetAsyncKeyState
GetDlgItem
SendMessageTimeoutA
IsCharUpperA
SetClassLongW
LoadCursorA
OemToCharBuffA
MonitorFromPoint
MessageBoxA
IsWindowVisible
GetClassLongW
CheckRadioButton
SetPropW
AppendMenuW
SystemParametersInfoW
EnableMenuItem
VkKeyScanW
DialogBoxIndirectParamA
AttachThreadInput
ReplyMessage
TileWindows
SetWindowTextW
GetWindowRect
wvsprintfA
CharLowerBuffW
CheckDlgButton
GetMessageTime
wsprintfW
RemovePropW
IsCharAlphaW
MapWindowPoints
GetClipCursor
CopyAcceleratorTableW
GetWindowTextW
PostMessageW
IntersectRect
EqualRect
SendNotifyMessageW
TranslateAcceleratorA
CharLowerW
GetPropW
DeleteMenu
DrawEdge
GetMenu
GetMessageW
GetScrollPos
SetMenuItemInfoW
FrameRect
EndPaint
GetMessagePos
ValidateRect
CharPrevW
LoadMenuA
GetShellWindow
WaitForInputIdle
CharUpperBuffA
ClipCursor
GetDlgItemTextA
SetMenu
GetDC
CharPrevA
FindWindowExW
ChildWindowFromPoint
DeferWindowPos

comctl32

DestroyPropertySheetPage
InitCommonControlsEx
ImageList_Remove
CreatePropertySheetPageA
ImageList_LoadImageW
ImageList_GetIconSize

Exports

Exports

?IsNotExpressionW@@YGPAFIE]A
?SendDateTimeW@@YGPAJFPAH_N]A
?BitCounterArrayIdeDunAs@@YGKGE@Z

Sections

.text
Size: 21KB - Virtual size: 20KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 3KB - Virtual size: 52KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 29KB - Virtual size: 29KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

7f43c9190888fb6bcd636d6df72e824c

Headers

File Characteristics

PDB Paths

Imports

gdi32

kernel32

msvcrt

user32

comctl32

Exports

Exports

Sections

.text Size: 21KB - Virtual size: 20KB

.data Size: 3KB - Virtual size: 52KB

.rsrc Size: 29KB - Virtual size: 29KB

.reloc Size: 2KB - Virtual size: 1KB

.text
Size: 21KB - Virtual size: 20KB

.data
Size: 3KB - Virtual size: 52KB

.rsrc
Size: 29KB - Virtual size: 29KB

.reloc
Size: 2KB - Virtual size: 1KB