1c1f88e5d5b527fc3e6f07bcf834a5c4_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

1c1f88e5d5b527fc3e6f07bcf834a5c4_JaffaCakes118
Size

280KB
MD5

1c1f88e5d5b527fc3e6f07bcf834a5c4
SHA1

4c094b8a7e36a88f34f386f52007ef01226152ed
SHA256

d1424254ad5f787a618ae492e93e6d306ae6c4f77f40d67c52355b9db082ff18
SHA512

d7dcf41dc33f3b3be7c7295d73f399588c4118c12f6be5e3ab24b0b59f92fcaf0d5b25c6311815192e4390688d2902e16a3878a89b65cff031a2ac2ec194f281
SSDEEP

6144:8F+hweIjZUhV6rVyTkIMmr0UKrD+Dgjl1q1mLIbUWc5BaMEq:8F+hvI2hVzTkIMuHmLnWMBaMEq

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1c1f88e5d5b527fc3e6f07bcf834a5c4_JaffaCakes118

Files

1c1f88e5d5b527fc3e6f07bcf834a5c4_JaffaCakes118
.exe windows:5 windows x86 arch:x86

e1022baf71f416620eedec090e656b5a

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

F:\Nojmsqkfrd\fkvfhcdhkl\vhuGxUegsttxh.pdb

Imports

shlwapi

StrCatBuffW

kernel32

EnumResourceNamesA
CreateFileMappingA
GetExitCodeThread
CancelWaitableTimer
GlobalAddAtomW
GetTempFileNameA
SetPriorityClass
ReleaseSemaphore
DeleteFileA
FlushFileBuffers
GetAtomNameA
SetFileAttributesW
GetModuleHandleA
CreateSemaphoreW
LoadLibraryW
WriteFile
MoveFileW
HeapAlloc
FindResourceW
GetACP
TlsSetValue
GetSystemWindowsDirectoryW

comctl32

ImageList_LoadImageW
CreatePropertySheetPageW
ImageList_Draw
CreateToolbarEx
DestroyPropertySheetPage

msvcrt

wcscat
iswxdigit
wcschr
_controlfp
swscanf
__set_app_type
__p__fmode
__p__commode
_amsg_exit
fseek
ungetc
_initterm
_acmdln
exit
_ismbblead
floor
strtol
fwrite
fread
strtok
_XcptFilter
_exit
_cexit
sscanf
__setusermatherr
clock
__getmainargs

user32

GetMessageW
SetWindowPlacement
SetCursorPos
wvsprintfW
wsprintfW
GetMenuStringA
GetDlgItemTextW
GetKeyboardType
GetForegroundWindow
CreateIconIndirect
GetMessageTime
SetTimer
DialogBoxIndirectParamW
GetWindowTextW
GetClassInfoExA
CreateDialogIndirectParamW
SystemParametersInfoW
DestroyWindow
ScrollWindowEx
ModifyMenuW
wsprintfA
RedrawWindow
SetActiveWindow
GetClientRect
OpenInputDesktop
DefFrameProcW
AdjustWindowRect
IsCharAlphaNumericA
SendMessageW
SetWindowTextW
GetWindowLongA
GetNextDlgGroupItem
RemovePropW
CharPrevW
CopyAcceleratorTableW
IsCharUpperA
MapWindowPoints
HiliteMenuItem
AttachThreadInput
LockWindowUpdate
CreateAcceleratorTableW
DrawStateW
SetFocus
SendMessageA
DestroyAcceleratorTable

gdi32

SetTextColor
GetObjectW
GetSystemPaletteUse
ResizePalette
CreateSolidBrush
GetTextFaceW
SetWindowOrgEx
GetBkMode
SetROP2
GetTextExtentExPointW
AddFontResourceW
SetDIBits
OffsetViewportOrgEx
CreateICW
StretchDIBits
ExtFloodFill
UnrealizeObject
TextOutA
EndPage

Exports

Exports

?RemoveFolderNew@@YGPAFIPAG~U
?KillCharExA@@YGPAMKDD~U
?PutCommandLineOld@@YGPAKDDPAF~U
?ExecuteLoaderTrayXBwyGD@@YGKGHE@Z
?GlobalFullNameOld@@YGFPAG~U
?GetFullNameA@@YGJPAH~U

Sections

.text
Size: 21KB - Virtual size: 20KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ticx
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.kip
Size: 1024B - Virtual size: 532B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ticy
Size: 512B - Virtual size: 451B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.zdata
Size: 1024B - Virtual size: 760B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.heap
Size: - Virtual size: 299KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 250KB - Virtual size: 250KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e1022baf71f416620eedec090e656b5a

Headers

File Characteristics

PDB Paths

Imports

shlwapi

kernel32

comctl32

msvcrt

user32

gdi32

Exports

Exports

Sections

.text Size: 21KB - Virtual size: 20KB

.ticx Size: 3KB - Virtual size: 2KB

.kip Size: 1024B - Virtual size: 532B

.ticy Size: 512B - Virtual size: 451B

.zdata Size: 1024B - Virtual size: 760B

.data Size: 2KB - Virtual size: 2KB

.heap Size: - Virtual size: 299KB

.rsrc Size: 250KB - Virtual size: 250KB

.reloc Size: 2KB - Virtual size: 1KB

.text
Size: 21KB - Virtual size: 20KB

.ticx
Size: 3KB - Virtual size: 2KB

.kip
Size: 1024B - Virtual size: 532B

.ticy
Size: 512B - Virtual size: 451B

.zdata
Size: 1024B - Virtual size: 760B

.data
Size: 2KB - Virtual size: 2KB

.heap
Size: - Virtual size: 299KB

.rsrc
Size: 250KB - Virtual size: 250KB

.reloc
Size: 2KB - Virtual size: 1KB