2296ed0b3c7ff09d9036614c5f47f61b_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

2296ed0b3c7ff09d9036614c5f47f61b_JaffaCakes118
Size

147KB
MD5

2296ed0b3c7ff09d9036614c5f47f61b
SHA1

0ce9881101a4637d93d38cb5e6c0d1fc43c3f2d7
SHA256

f3e4a9c2f22e23a328ec150afc4603548f1cd0a23342a8654b6cfb929cd5f044
SHA512

99415d3a3382d22846a9bb64f753b5bf181bac50bdc39d53658bcc203ea3d8e4554546a42c58de0fd686e8e68b78f93d29657bf68bc232a71fc413d5cbea84da
SSDEEP

3072:aNo5/DsYsiUhjtv6W1hz6xn7/p2RMzW+RD7cOmO8gxkO3JYRyUcTDa6:6CEhZvLh+th2mzW+R0OmDnO34yUc

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2296ed0b3c7ff09d9036614c5f47f61b_JaffaCakes118

Files

2296ed0b3c7ff09d9036614c5f47f61b_JaffaCakes118
.exe windows:5 windows x86 arch:x86

85ceb300bfa009bccc3ee1f316ac0da1

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

M:\nsdmxsgCIvnu\yysAvidv\ipndmsh.pdb

Imports

shlwapi

StrToIntW

user32

AppendMenuW
PostMessageW
DrawTextExW
GetMenuCheckMarkDimensions
SetMenuDefaultItem
GetWindow
SetDlgItemInt
SendDlgItemMessageA
ArrangeIconicWindows
MapVirtualKeyW
FillRect
GetDlgItemInt
LoadMenuA
ShowCaret
wsprintfA
LoadStringW
GetPropW
DefWindowProcW
MessageBoxExW
LockWindowUpdate
AppendMenuA
CheckDlgButton
IsDialogMessageW
DrawEdge
CharLowerW
DispatchMessageA
IsChild
SendMessageTimeoutA
GetSysColorBrush
CharNextExA
CopyImage
GetGUIThreadInfo
GetMenu
GetForegroundWindow
RegisterWindowMessageW
GetWindowModuleFileNameW
GetUserObjectInformationW
CheckRadioButton
RemoveMenu
GetNextDlgTabItem
GetClassInfoW
IsWindowVisible
OffsetRect
ShowWindowAsync
IsIconic
LoadBitmapA
TranslateAcceleratorA
GetAsyncKeyState
WindowFromPoint
SendMessageTimeoutW
AdjustWindowRectEx
GetMessagePos
SystemParametersInfoA
DrawAnimatedRects
CreateDialogIndirectParamW
OemToCharBuffA
DefDlgProcA
GetMenuItemInfoW
GetCaretBlinkTime
GetActiveWindow
CreateDialogParamW
CharPrevW
UnionRect
CharToOemA
PostMessageA
GetScrollPos
InsertMenuW
UnloadKeyboardLayout
IsDialogMessageA
EnableScrollBar
VkKeyScanW
DeleteMenu
DragObject
ClipCursor
GetParent
DrawStateW
SetPropW
EndDialog
SendMessageW
CreateCursor
IsWindow
GetKeyboardLayout
CharToOemW
GetClassInfoExA
GetKeyboardType
DrawIconEx
DestroyMenu
DestroyCaret
EnumChildWindows
CreateMenu
InvalidateRgn
SetWindowLongA
RegisterClassExW
EqualRect
IsDlgButtonChecked
IsCharAlphaNumericW
WaitForInputIdle
CheckMenuRadioItem
TrackPopupMenu
DialogBoxIndirectParamA
SetForegroundWindow
PostThreadMessageW
OpenIcon
DialogBoxParamA
CopyAcceleratorTableW
GetKeyboardLayoutList
GetFocus
SetScrollInfo
SendInput
LoadAcceleratorsA
LoadMenuW
InsertMenuItemW
SetMenuItemBitmaps
GetClassLongA
GetDlgItemTextA
GetSystemMenu
IsWindowEnabled
RegisterHotKey
LoadStringA
ChildWindowFromPoint
GetMessageTime
GetKeyState
GetDlgCtrlID
GetMenuStringA
CharPrevA

kernel32

GetProcessHeap
GetFileInformationByHandle
CreateWaitableTimerA
GlobalDeleteAtom
GetLocalTime
GetVersion
SetWaitableTimer
GetAtomNameA
HeapFree
UnlockFile
GetModuleHandleA
lstrcpynA
GetCurrentThreadId
LocalUnlock
CompareStringW
FileTimeToSystemTime
SetCurrentDirectoryA
GetStringTypeExW
CreateFileMappingW
FlushFileBuffers
HeapReAlloc
WinExec
SetUnhandledExceptionFilter
GlobalUnlock
GlobalFindAtomW
GlobalSize
QueryPerformanceCounter
GetCurrentDirectoryW
GetFileType
AddAtomA
GetShortPathNameW
ConvertDefaultLocale
CreateRemoteThread
SetEndOfFile
GetOEMCP
SetFileApisToOEM
CreateSemaphoreA
MoveFileExW
WaitForSingleObjectEx
IsDBCSLeadByte
HeapValidate
GetUserDefaultUILanguage
SetThreadExecutionState
SetCommTimeouts
GetTempFileNameA
HeapSize
GetComputerNameW
CreateEventA
ReleaseSemaphore
Sleep
GetVersionExA
HeapUnlock
LoadLibraryExA
FormatMessageW
InitializeCriticalSection
SetFilePointer
HeapAlloc
FindCloseChangeNotification

msvcrt

wcstol
memset
localtime
strtok
clock
wcsstr
wcscspn
_controlfp
strncmp
fwrite
isalpha
getenv
fgets
iswspace
isupper
gmtime
gets
free
__set_app_type
__p__fmode
__p__commode
iswdigit
mktime
puts
wcsncpy
isalnum
_amsg_exit
_initterm
_ismbblead
fflush
wcschr
sscanf
ftell
_XcptFilter
strerror
_exit
wcstok
_cexit
putc
clearerr
wcstoul
qsort
__setusermatherr
fseek
rand
wcscpy
swprintf
__getmainargs

Exports

Exports

?GenericOutputInfoYSUh@@YGK_KHE[D

Sections

.text
Size: 71KB - Virtual size: 70KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 15KB - Virtual size: 76KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 58KB - Virtual size: 57KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

85ceb300bfa009bccc3ee1f316ac0da1

Headers

File Characteristics

PDB Paths

Imports

shlwapi

user32

kernel32

msvcrt

Exports

Exports

Sections

.text Size: 71KB - Virtual size: 70KB

.data Size: 15KB - Virtual size: 76KB

.rsrc Size: 58KB - Virtual size: 57KB

.reloc Size: 2KB - Virtual size: 1KB

.text
Size: 71KB - Virtual size: 70KB

.data
Size: 15KB - Virtual size: 76KB

.rsrc
Size: 58KB - Virtual size: 57KB

.reloc
Size: 2KB - Virtual size: 1KB