25def968c95c7e29638c839036932c2a_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

25def968c95c7e29638c839036932c2a_JaffaCakes118
Size

216KB
MD5

25def968c95c7e29638c839036932c2a
SHA1

10e2dc71e5d254acb2bd76987a5b12c0798299be
SHA256

425c717014eacda93e17eebdaca1cda0cc56d691a7ab5e7588a62dbe70a7c28a
SHA512

619825542ca5d9494567eabf6d6d17a42ab0217b07d1372ffbd0282ba882596b632fc503d10b0a0573d64efc829adcaa304def2a06e5f95315b149063bb0330a
SSDEEP

3072:9vGF8ANiK4ni4WbVnk8ug9p/72z43BpxYdmS25Og+at8qRyEH7BTuFLUPHfMLmR:9vGtQlEtp9p/Sz4xXPSwOglrXlT0o

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
25def968c95c7e29638c839036932c2a_JaffaCakes118

Files

25def968c95c7e29638c839036932c2a_JaffaCakes118
.exe windows:5 windows x86 arch:x86

f3b09681c8ed271fd987812e35585c6a

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

P:\PyvkiftpMnotic\uewrPpltleholC\UaeYDvwEbTgl.pdb

Imports

user32

GetShellWindow
AdjustWindowRectEx
GetKeyboardLayoutNameW
FindWindowExW
GetDlgCtrlID
GetTopWindow
DefDlgProcA
LoadMenuW
ClipCursor
RegisterClassW
GetDC
MapDialogRect
LoadBitmapW
KillTimer
AppendMenuA
IsCharAlphaNumericW
DestroyCaret
GetClientRect
InsertMenuItemW
DrawFrameControl
CreateCaret
ShowCursor
DialogBoxIndirectParamA
PostQuitMessage
SetWindowLongW
LoadCursorW
GetActiveWindow
GetForegroundWindow
SendMessageTimeoutA
SetWindowPos
CharToOemBuffA
ExitWindowsEx
LoadCursorA
LoadImageW
MonitorFromPoint

kernel32

SetSystemTimeAdjustment
GetVersionExW
CreateWaitableTimerW
LockFile
lstrcatW
IsBadStringPtrA
UnhandledExceptionFilter
GetThreadContext
WinExec
lstrlenA
SetThreadPriority
GetSystemTimeAdjustment
ReadFile
CreateFileMappingW
GetCommTimeouts
GlobalCompact
EnumResourceLanguagesA
GetWindowsDirectoryA

msvcrt

isalnum
_controlfp
__set_app_type
gmtime
fprintf
toupper
__p__fmode
system
__p__commode
fwrite
_amsg_exit
qsort
_initterm
_acmdln
exit
setlocale
_ismbblead
_XcptFilter
_exit
wcspbrk
_cexit
__setusermatherr
iswxdigit
__getmainargs

gdi32

CreateEllipticRgnIndirect
Escape
GetObjectW
ExtTextOutA
StartDocW
AbortDoc
StretchBlt
PtInRegion
SetDIBitsToDevice
PtVisible
Ellipse
DPtoLP
GetPixel
GetWindowOrgEx
CreateBitmap
SetTextAlign

comdlg32

PageSetupDlgW
ReplaceTextW

Exports

Exports

?LeaveCriticalSectionGDhkyjkjhHFJlF@@YGKEPA_WG@Z

Sections

.text
Size: 167KB - Virtual size: 167KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.div
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.diag_x
Size: 512B - Virtual size: 28B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.diag_y
Size: 512B - Virtual size: 74B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idat
Size: 512B - Virtual size: 400B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.imul
Size: 512B - Virtual size: 163B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.plus
Size: 512B - Virtual size: 429B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.minus
Size: 512B - Virtual size: 140B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 36KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f3b09681c8ed271fd987812e35585c6a

Headers

File Characteristics

PDB Paths

Imports

user32

kernel32

msvcrt

gdi32

comdlg32

Exports

Exports

Sections

.text Size: 167KB - Virtual size: 167KB

.div Size: 2KB - Virtual size: 2KB

.diag_x Size: 512B - Virtual size: 28B

.diag_y Size: 512B - Virtual size: 74B

.data Size: 3KB - Virtual size: 2KB

.idat Size: 512B - Virtual size: 400B

.imul Size: 512B - Virtual size: 163B

.plus Size: 512B - Virtual size: 429B

.minus Size: 512B - Virtual size: 140B

.rsrc Size: 36KB - Virtual size: 36KB

.reloc Size: 2KB - Virtual size: 2KB

.text
Size: 167KB - Virtual size: 167KB

.div
Size: 2KB - Virtual size: 2KB

.diag_x
Size: 512B - Virtual size: 28B

.diag_y
Size: 512B - Virtual size: 74B

.data
Size: 3KB - Virtual size: 2KB

.idat
Size: 512B - Virtual size: 400B

.imul
Size: 512B - Virtual size: 163B

.plus
Size: 512B - Virtual size: 429B

.minus
Size: 512B - Virtual size: 140B

.rsrc
Size: 36KB - Virtual size: 36KB

.reloc
Size: 2KB - Virtual size: 2KB