18e8606b59d56d6268891a87eb5da272_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

18e8606b59d56d6268891a87eb5da272_JaffaCakes118
Size

146KB
MD5

18e8606b59d56d6268891a87eb5da272
SHA1

a6f00d1d6c4a118a4571980089a1ea416885ee49
SHA256

821ecb569c28edbf192784ee2ee527ce092aa30223d251507a7ffd042b036b94
SHA512

c0941464c3e705e304e4f15a709bdb4174fec3a30c7ce017003487929c5fa037fe44538b7687d316fd760d5e0707efe7cbc2c685d43d47c9f20af23b38465e4b
SSDEEP

3072:ZFSHID8avF1jO5fs9HquPivsWWwWrx+Vs5zb4fEvqxbzSQhpz6:XuIDH1i5fkKuSZWXt+V2zb4fEvqx/S06

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
18e8606b59d56d6268891a87eb5da272_JaffaCakes118

Files

18e8606b59d56d6268891a87eb5da272_JaffaCakes118
.exe windows:5 windows x86 arch:x86

28504119bd777cbfd6d4a567fb4d5098

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

M:\ltqhqZMjrgpyp\mzJzvjVHjrNTp\gytwwdvflD\xdlOZke.pdb

Imports

user32

ExitWindowsEx
GetSysColorBrush
WaitMessage
DefFrameProcW
SetFocus
SetForegroundWindow
OpenIcon
GetDoubleClickTime
HiliteMenuItem
CharPrevA
GetDlgItemTextA
WindowFromPoint
LoadImageA
GetKeyboardLayout
GetKeyState
EnableMenuItem
LockWindowUpdate
LoadIconA
CharNextA
SetCursorPos
CreateDialogParamA
IsDlgButtonChecked
FindWindowW
AdjustWindowRectEx
UnloadKeyboardLayout
MapDialogRect
SetLastErrorEx
CheckMenuItem
CharUpperW
PostMessageA
SendDlgItemMessageW
RegisterClassExW
BringWindowToTop
SetPropW
CreateDialogIndirectParamW
AppendMenuA
CreatePopupMenu
BeginPaint
SetRectEmpty
GetForegroundWindow
BeginDeferWindowPos
SetRect

msvcrt

_controlfp
__set_app_type
__p__fmode
__p__commode
_amsg_exit
wcstol
fflush
free
_initterm
toupper
wcsrchr
_acmdln
exit
atol
ungetc
localtime
_ismbblead
tolower
mbstowcs
swprintf
_XcptFilter
wcspbrk
_exit
_cexit
__setusermatherr
__getmainargs

kernel32

EnumSystemLocalesA
GetACP
FindClose
PulseEvent
CreateThread
GetModuleHandleA
GetModuleHandleW
TlsGetValue
GetTempPathW
DuplicateHandle
GetTimeZoneInformation
GlobalUnlock
FreeLibrary
FileTimeToLocalFileTime
LCMapStringW
FindFirstFileA
UnlockFile
GetSystemDirectoryA
GetTempFileNameW
IsValidLocale

comdlg32

GetSaveFileNameW
PrintDlgExW

comctl32

CreatePropertySheetPageA
ImageList_AddMasked
ImageList_GetImageCount
DestroyPropertySheetPage

gdi32

GetDIBColorTable
PolyBezier
CreateRoundRectRgn
CreateDiscardableBitmap
SetBkColor
RectInRegion
DeleteObject
GetWindowOrgEx
GetTextMetricsW
GetObjectW
SetBrushOrgEx
CreateCompatibleDC
CreateFontA
GetSystemPaletteUse
WidenPath
CreatePalette
Polyline

shlwapi

ChrCmpIA
StrToIntA
PathRemoveBlanksW

Exports

Exports

?GetFolderExW@@YG_NHPAD*Z
?CallDateOriginal@@YGGIPAJPAHE*Z
?IsAnchorNew@@YGPAJHNMPAM*Z
?IncrementFolder@@YGPAXGPAEPAF*Z
?IsValidProfileExA@@YGPAKIHE*Z
?HideObjectExW@@YGXPAKIPAI*Z
?DeleteStringOld@@YGF_NF*Z
?OnModuleExW@@YGMMPAG_NPAH*Z
?InvalidateFileA@@YGFGF*Z
?SendFolderPathW@@YGHGF*Z

Sections

.text
Size: 115KB - Virtual size: 114KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.ditxt
Size: 512B - Virtual size: 484B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.dimp
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.dbg
Size: 512B - Virtual size: 78B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.dvr
Size: 512B - Virtual size: 140B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.dpt
Size: 512B - Virtual size: 480B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.dcode
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 93KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.dbug
Size: 512B - Virtual size: 28B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

28504119bd777cbfd6d4a567fb4d5098

Headers

File Characteristics

PDB Paths

Imports

user32

msvcrt

kernel32

comdlg32

comctl32

gdi32

shlwapi

Exports

Exports

Sections

.text Size: 115KB - Virtual size: 114KB

.ditxt Size: 512B - Virtual size: 484B

.dimp Size: 3KB - Virtual size: 2KB

.dbg Size: 512B - Virtual size: 78B

.dvr Size: 512B - Virtual size: 140B

.dpt Size: 512B - Virtual size: 480B

.dcode Size: 12KB - Virtual size: 12KB

.data Size: 3KB - Virtual size: 93KB

.dbug Size: 512B - Virtual size: 28B

.rsrc Size: 8KB - Virtual size: 7KB

.reloc Size: 1KB - Virtual size: 1KB

.text
Size: 115KB - Virtual size: 114KB

.ditxt
Size: 512B - Virtual size: 484B

.dimp
Size: 3KB - Virtual size: 2KB

.dbg
Size: 512B - Virtual size: 78B

.dvr
Size: 512B - Virtual size: 140B

.dpt
Size: 512B - Virtual size: 480B

.dcode
Size: 12KB - Virtual size: 12KB

.data
Size: 3KB - Virtual size: 93KB

.dbug
Size: 512B - Virtual size: 28B

.rsrc
Size: 8KB - Virtual size: 7KB

.reloc
Size: 1KB - Virtual size: 1KB