195a41877a28377b9ec78a016f5611fa_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

195a41877a28377b9ec78a016f5611fa_JaffaCakes118
Size

176KB
MD5

195a41877a28377b9ec78a016f5611fa
SHA1

0a6e9a5d85f6095c62257a2f9859456691e8e839
SHA256

2b1f72c288a3f3929ff286c01e8171f6b37cddc0bd4937637149ac31fd8c3a7c
SHA512

0034aa7969b2c8e92f1a598c5b9fa3bcce839406d665b80f879a933a5b46ffa61339e6f3758cb0564934e8405996af65a1c7a977f186c70d47844a19a6eac7a0
SSDEEP

3072:CgBOKpqklQ0Ng+fy8/7ILGwLimrOuSv+nSz6vGlEwOimJ9hhWfylH3:CFcfJy8uG2ffSUSz6vGawaDWy5

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
195a41877a28377b9ec78a016f5611fa_JaffaCakes118

Files

195a41877a28377b9ec78a016f5611fa_JaffaCakes118
.exe windows:5 windows x86 arch:x86

870aa0aa68b468fbbf709cf3b11f1618

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

W:\xofUlunusfNtl\sbjmdwyviejce\uceXArlithul\jDkzMkyM\vSGynso.pdb

Imports

user32

KillTimer
GetKeyboardType
GetKeyboardLayout
LoadStringW
ClipCursor
OpenIcon
GetScrollPos
CharNextW
GetForegroundWindow
DialogBoxParamW
DrawStateW
BeginPaint
SetCursorPos
DestroyCursor
MessageBoxExW
DestroyCaret
CreateDialogParamW
RegisterClassA
DestroyMenu
SystemParametersInfoW
wvsprintfA
GetMenuStringA
SetParent
keybd_event
FillRect
DeferWindowPos
SendNotifyMessageW
AppendMenuA
InvertRect
OemToCharA
GetDCEx
InsertMenuW
GetMenuItemCount
GetSubMenu
IsCharAlphaA
DrawStateA
CheckMenuItem
SetFocus
CharLowerA
BeginDeferWindowPos
DeleteMenu
EnableScrollBar
CharLowerW
FindWindowExW
RegisterWindowMessageW
BringWindowToTop
TranslateAcceleratorA
GetClientRect
EnumThreadWindows
IsCharLowerA
AttachThreadInput
LoadCursorA
DefFrameProcA
CreatePopupMenu
SetCursor
CreateIconIndirect
IsDialogMessageW
SetWindowLongW
LoadImageW
SetDlgItemTextA
GetMenuState
MapVirtualKeyW
SendMessageW
FindWindowA
DrawTextW
TranslateAcceleratorW
GetNextDlgGroupItem
GetDialogBaseUnits
LockWindowUpdate
InvalidateRgn
MonitorFromPoint
GetClassInfoExA
ShowWindowAsync
ReleaseDC
InvalidateRect
PostMessageA
SetRect
DrawIconEx
VkKeyScanW
SetSysColors
GetClassInfoW
GetCursorPos
MonitorFromRect
ClientToScreen
SendInput
LoadMenuW
GetWindowPlacement
wsprintfW
CallWindowProcW
GetMenuItemRect
CharToOemW
GetCaretPos
DialogBoxParamA
CharLowerBuffW
CreateCursor
GetScrollRange
DrawAnimatedRects
SetLastErrorEx
MapVirtualKeyA
GetKeyboardLayoutList
InSendMessage
CreateWindowExA
CheckRadioButton
GetDC
FindWindowExA
SetWindowTextW
DefDlgProcW
SystemParametersInfoA
GetMenuItemID
CharNextExA
EnableWindow
DispatchMessageA
CascadeWindows
ValidateRect
LoadBitmapW
CharUpperBuffW
DestroyIcon
CharToOemA
IsCharAlphaW
ChildWindowFromPoint
ShowScrollBar
MessageBoxW
OffsetRect
CharUpperBuffA
MoveWindow

shlwapi

UrlGetPartW

kernel32

SetThreadPriority
OpenFileMappingW
LocalFree
OpenEventW
SetThreadAffinityMask
CloseHandle
CompareFileTime
VerSetConditionMask
GlobalReAlloc
GetModuleHandleW
lstrcpynA
TlsGetValue
SetCommBreak
MoveFileA
OpenFile
GetThreadTimes
lstrlenW
GetSystemTimeAdjustment
FormatMessageA
GetLastError
GetShortPathNameW
LockFile
GlobalAlloc
GetTickCount
WaitForSingleObject
SetSystemTimeAdjustment
ReleaseMutex
SetCommMask
GetModuleHandleA
SetMailslotInfo
GetSystemDefaultUILanguage
GetStdHandle
lstrcatW
EnumResourceLanguagesA
PulseEvent
GetModuleFileNameW
EnumResourceNamesA
DeleteAtom
SetThreadContext
CompareStringW
GetLocalTime
CreateWaitableTimerW
GetFileType
SetFileTime
LocalSize
LocalUnlock
CreateMailslotW
GetFullPathNameW
GetLocaleInfoA
CreatePipe
GetCurrentDirectoryW
FindFirstFileW
GetModuleFileNameA
GetTempPathW
CancelWaitableTimer
MoveFileW
GetCommProperties
GetUserDefaultLCID
FindNextChangeNotification

msvcrt

iswprint
_controlfp
__set_app_type
wcstombs
__p__fmode
fgets
realloc
iswalpha
free
putc
strtok
clearerr
getc
strstr
localtime
__p__commode
strncmp
_amsg_exit
mbstowcs
rand
_initterm
_ismbblead
_vsnwprintf
wcscpy
strcpy
wcspbrk
wcschr
_XcptFilter
fprintf
putchar
time
_exit
puts
strrchr
printf
isxdigit
iswspace
_cexit
wcstod
isalnum
srand
fflush
toupper
wcsncmp
__setusermatherr
fread
__getmainargs
isupper

Exports

Exports

?CreatDlgItemList@@YGKPBDDPAX:O

Sections

.text
Size: 23KB - Virtual size: 22KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.exp
Size: 512B - Virtual size: 121B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.edit
Size: 1KB - Virtual size: 182KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ixport
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.sims
Size: 512B - Virtual size: 436B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.ndat
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 140KB - Virtual size: 139KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

870aa0aa68b468fbbf709cf3b11f1618

Headers

File Characteristics

PDB Paths

Imports

user32

shlwapi

kernel32

msvcrt

Exports

Exports

Sections

.text Size: 23KB - Virtual size: 22KB

.exp Size: 512B - Virtual size: 121B

.edit Size: 1KB - Virtual size: 182KB

.data Size: 2KB - Virtual size: 2KB

.ixport Size: 6KB - Virtual size: 5KB

.sims Size: 512B - Virtual size: 436B

.ndat Size: 1KB - Virtual size: 1KB

.rsrc Size: 140KB - Virtual size: 139KB

.text
Size: 23KB - Virtual size: 22KB

.exp
Size: 512B - Virtual size: 121B

.edit
Size: 1KB - Virtual size: 182KB

.data
Size: 2KB - Virtual size: 2KB

.ixport
Size: 6KB - Virtual size: 5KB

.sims
Size: 512B - Virtual size: 436B

.ndat
Size: 1KB - Virtual size: 1KB

.rsrc
Size: 140KB - Virtual size: 139KB