25ecc2bdd2c7e639b83639b62a15d552_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

25ecc2bdd2c7e639b83639b62a15d552_JaffaCakes118
Size

212KB
MD5

25ecc2bdd2c7e639b83639b62a15d552
SHA1

cac35f79344c7bb8e14aaa324d1087a4b71d632b
SHA256

41325f7a56e9ebc5db23fd9b956973b767202ee968b12c4da495d6e53e9d839a
SHA512

cbbc804224c66cb59f0687e4f9ac4ed531c5d24229ec242b5272fdbdfdd4411f34a7b018c6b368738b3a340112546720b4b788c375e272036c0358179511d665
SSDEEP

6144:j4+WL0PKBQYJnMUThAKutD8Ol2QsE4JvEp/:FLkNygQs2/

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
25ecc2bdd2c7e639b83639b62a15d552_JaffaCakes118

Files

25ecc2bdd2c7e639b83639b62a15d552_JaffaCakes118
.exe windows:5 windows x86 arch:x86

f103ac0ae9cad2688035e1b7c5111a36

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

S:\loDpgjp\qYMibbsf\eurteldQiGfQm\QaucGmk.pdb

Imports

msvcrt

_controlfp
getc
__set_app_type
vswprintf
vsprintf
wcsncmp
strncpy
setlocale
__p__fmode
strcpy
__p__commode
iswxdigit
_amsg_exit
sprintf
strncmp
fgetc
sscanf
free
_initterm
putc
wcscspn
fputs
calloc
_acmdln
clock
exit
_ismbblead
gets
isspace
strtoul
_XcptFilter
wcscmp
strchr
isdigit
atol
_exit
time
_cexit
ungetc
toupper
printf
fflush
wcspbrk
__setusermatherr
__getmainargs

gdi32

RealizePalette
LineTo
WidenPath
RestoreDC
CreateDIBitmap
GetBkMode
GetNearestPaletteIndex
SelectPalette
GetObjectW
GetDIBits
PathToRegion
IntersectClipRect
SetDIBitsToDevice
EndPage
SetWindowExtEx
GetCurrentObject
GetTextExtentPoint32A
Rectangle
PtVisible
GetTextMetricsA
AddFontResourceW
SetViewportOrgEx
ScaleWindowExtEx
Polygon
RemoveFontResourceW
SetDIBits
CreateBitmap
SetBkColor
EnumFontFamiliesW
CreateHatchBrush
SetLayout
Ellipse
CreateBitmapIndirect
SetPaletteEntries
GetClipBox
CreateSolidBrush
GetTextExtentPointA
GetSystemPaletteUse
ExtFloodFill
EnumFontsW
SetTextColor
GetTextExtentPointW
GetDIBColorTable
StretchDIBits

comctl32

DestroyPropertySheetPage
ImageList_Destroy
ImageList_AddMasked
ImageList_ReplaceIcon
ImageList_GetIcon
ImageList_Create

comdlg32

ReplaceTextW
ChooseFontW
GetSaveFileNameW
GetSaveFileNameA
PrintDlgExW
GetOpenFileNameW

user32

ArrangeIconicWindows
EnableScrollBar
GetMessageW
FindWindowExW
DrawTextExW
SetTimer
EnumThreadWindows
TranslateAcceleratorW
mouse_event
PtInRect
SetScrollInfo
CharNextA
SetWindowPos
CharUpperA
SetDlgItemTextW
CheckMenuRadioItem
GetWindow
GetDCEx
GetClassLongW
SendMessageTimeoutW
DrawStateW
MonitorFromPoint
AdjustWindowRect
GetKeyNameTextW
CreateWindowExA
SetDlgItemTextA
LoadMenuA
ValidateRect
GetMenuItemCount
FindWindowExA
IsZoomed
CharToOemA
ReleaseDC
GetCursorPos
GetMenuItemInfoW
LoadCursorW
CharLowerW
SetForegroundWindow
CharLowerBuffW
IsCharAlphaNumericW
LoadAcceleratorsW
DeferWindowPos
PostQuitMessage
GetDlgItemTextW
TrackPopupMenuEx
CheckRadioButton
LoadImageA
OpenDesktopW
OpenInputDesktop
DrawAnimatedRects
InsertMenuW
GetDesktopWindow
DialogBoxParamA
ClipCursor
GetUserObjectInformationA
TabbedTextOutW
RegisterClassExA
GetDoubleClickTime
CheckMenuItem
RegisterWindowMessageA
SetScrollPos
IsDialogMessageW
SetMenuItemBitmaps
MessageBoxW
ShowScrollBar
CharNextW
CharPrevA
DispatchMessageA
AppendMenuA
AppendMenuW
GetKeyboardLayoutList
GetMessageA
CharToOemBuffA
GetKeyboardType
DrawEdge
SetCursor
BeginPaint
OemToCharBuffA
SetDlgItemInt
ShowWindowAsync
CharLowerA
SendDlgItemMessageW
EnumChildWindows
LoadMenuW
MapVirtualKeyA
CallWindowProcA
CreateIconIndirect
IsDlgButtonChecked
GrayStringW
IsWindowVisible
CallWindowProcW
ChangeMenuW
DrawStateA
SetRectEmpty
DrawFocusRect
DestroyWindow
CreateMenu
GetMonitorInfoW
SetCaretPos
GetClientRect
LoadIconA
MessageBoxA
ExitWindowsEx
ShowWindow
GetSystemMetrics
UnionRect
IsChild
SendInput

kernel32

TlsFree
DisconnectNamedPipe
FindNextFileW
lstrcpyA
lstrlenW
CreateFileA
OpenEventA
lstrcmpiW
IsValidLocale
FindNextFileA
RemoveDirectoryA
WinExec
EnumResourceTypesA
GetSystemDefaultLangID
SearchPathW
GetSystemTime
CreateThread
GetComputerNameExW
GetCommandLineA
ConvertDefaultLocale
lstrlenA
SetPriorityClass
IsDBCSLeadByteEx
GetVersionExA
SetLastError
GetModuleFileNameW
FindCloseChangeNotification
SetFileAttributesA
CreateFileMappingW
HeapLock
OpenEventW
SetNamedPipeHandleState
DuplicateHandle
CreateRemoteThread
GlobalGetAtomNameW
OpenFile
OpenSemaphoreW
ResumeThread
GetWindowsDirectoryW
MultiByteToWideChar
SetLocalTime
CancelIo
LeaveCriticalSection
GetSystemDefaultUILanguage
GetSystemDirectoryW
SetEvent
RegisterWaitForSingleObject
FindResourceExW
CompareStringA
SetWaitableTimer
GetHandleInformation

Exports

Exports

?SetTimeEx@@YGPAIH_NPAD@Z
?ModifyModuleExW@@YGMPAMHEPAD@Z
?FreeWidth@@YGKFEIPAE@Z
?InstallPathOriginal@@YGPAMFD_NPAH@Z
?InsertMonitorW@@YGPAXPAFPAH@Z
?IncrementSectionW@@YGHPAKPADNM@Z
?IncrementAppNameExA@@YGPAF_NPAKJ@Z
?CancelMemoryExA@@YGH_NPAJIJ@Z
?InvalidateSemaphoreOld@@YGMIJMM@Z
?GenerateMutantNew@@YGPAKPAHMF@Z
?InvalidateSizeExW@@YGPA_NPAD@Z
?GetRectEx@@YGPAID@Z
?AddScreenOld@@YGGPAFK@Z
?CrtCommandLineExW@@YGHPAG@Z
?SendKeyNameNew@@YGPAIEPAD@Z
?IncrementFullNameExA@@YGPAFJFH@Z
?SendProviderOld@@YGNPAM@Z
?CopyPointW@@YGMJNPAKD@Z
?IsNotEventExW@@YGXFPAGPAN@Z
?ValidateModuleEx@@YGXPAJG@Z
?DeleteDateTimeA@@YGPAFJPAME@Z
?ModifyFileEx@@YGKKE@Z
?CrtHeight@@YGJPAJ@Z
?EnumMutantNew@@YGFHIPAKM@Z
?GlobalDeviceExA@@YGEPAFPAJH@Z
?GetMessageOriginal@@YGPAHPAKGH@Z
?DeleteStringExA@@YGPANEPAI@Z
?OnProviderNew@@YGPAJPAFPADPAIPAM@Z
?RtlDataNew@@YGJ_N@Z
?InstallSizeOld@@YGXPAMPAMPAJ@Z
?CallFunction@@YGXJPAFPADPAD@Z
?FreePointerEx@@YGPAJPAKPAEPAK@Z
?IsNotMemoryEx@@YGMPAD@Z
?CallWindowInfoExA@@YGXGDI@Z
?ValidateVersion@@YGPAMM_NPAEPAH@Z
?FormatAnchorExW@@YGXPAF@Z
?OnHeaderExA@@YGDPAFEKJ@Z
?AddVersionOriginal@@YGPAFD@Z
?LoadWindowOld@@YGPAHEFD@Z

Sections

.text
Size: 183KB - Virtual size: 182KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.tbl_i
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tbl_e
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bdat3
Size: 512B - Virtual size: 32B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bdat0
Size: 512B - Virtual size: 32B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bdat1
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bdat2
Size: 512B - Virtual size: 44B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.vptr4
Size: 512B - Virtual size: 32B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 1024B - Virtual size: 825B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f103ac0ae9cad2688035e1b7c5111a36

Headers

File Characteristics

PDB Paths

Imports

msvcrt

gdi32

comctl32

comdlg32

user32

kernel32

Exports

Exports

Sections

.text Size: 183KB - Virtual size: 182KB

.tbl_i Size: 1KB - Virtual size: 1KB

.tbl_e Size: 2KB - Virtual size: 1KB

.bdat3 Size: 512B - Virtual size: 32B

.bdat0 Size: 512B - Virtual size: 32B

.bdat1 Size: 5KB - Virtual size: 5KB

.bdat2 Size: 512B - Virtual size: 44B

.vptr4 Size: 512B - Virtual size: 32B

.data Size: 13KB - Virtual size: 13KB

.rdata Size: 1024B - Virtual size: 825B

.rsrc Size: 512B - Virtual size: 16B

.reloc Size: 2KB - Virtual size: 1KB

.text
Size: 183KB - Virtual size: 182KB

.tbl_i
Size: 1KB - Virtual size: 1KB

.tbl_e
Size: 2KB - Virtual size: 1KB

.bdat3
Size: 512B - Virtual size: 32B

.bdat0
Size: 512B - Virtual size: 32B

.bdat1
Size: 5KB - Virtual size: 5KB

.bdat2
Size: 512B - Virtual size: 44B

.vptr4
Size: 512B - Virtual size: 32B

.data
Size: 13KB - Virtual size: 13KB

.rdata
Size: 1024B - Virtual size: 825B

.rsrc
Size: 512B - Virtual size: 16B

.reloc
Size: 2KB - Virtual size: 1KB