261d5c18a4ecd80ad681f12e797d3e64_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

261d5c18a4ecd80ad681f12e797d3e64_JaffaCakes118
Size

205KB
MD5

261d5c18a4ecd80ad681f12e797d3e64
SHA1

0c38639a3f9b351e7e53b75bf2ca4c986433b5e6
SHA256

c866ad043c4b052038f493308cfa477031fbcde43159f8b78d43a59ae2b46bcd
SHA512

767312ec69bc033501c56be8501165d9a10dc78c40464b600a51b44f6cbd8b6fbf5bdf7aed8e62fc680e2142397ebd300691aeb5b11495aa85f7b8fa1b5be772
SSDEEP

6144:/gromugGtY23cORMNkmnl+klbqnXm/CEBVA:/grombGK+jMNeMK2K

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
261d5c18a4ecd80ad681f12e797d3e64_JaffaCakes118

Files

261d5c18a4ecd80ad681f12e797d3e64_JaffaCakes118
.exe windows:5 windows x86 arch:x86

4920e37014771519128a7d9a99a1503a

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

G:\qbeenrkR\RguflTvyfvrP\dWmYspnRypAl.pdb

Imports

user32

SendMessageTimeoutW
DrawStateW
GetUpdateRgn
SetActiveWindow
GetKeyboardType
CreateIconFromResource
LoadBitmapA
RemoveMenu
GetParent
SetLastErrorEx
MessageBoxA
CharNextW
ExitWindowsEx
RegisterWindowMessageA
GetWindowRect
GetPropW
FindWindowA
CheckRadioButton
GetDialogBaseUnits
GetKeyNameTextW
SetFocus
DispatchMessageW
GetSysColor
LookupIconIdFromDirectory
InSendMessageEx
AppendMenuA
WaitMessage
InternalGetWindowText
CheckDlgButton
PostMessageW
PostThreadMessageA
InvertRect
SetScrollInfo
DefWindowProcA
CharToOemBuffA
GetSubMenu
UpdateWindow
IsDlgButtonChecked
GetAsyncKeyState
CreatePopupMenu
SystemParametersInfoW
LoadCursorW
GetWindowTextA
GetDC
IsDialogMessageA
EnableWindow
GetClassInfoW
InvalidateRgn
EndPaint
GetWindow
ChildWindowFromPoint
ShowWindowAsync
InflateRect
GetCaretPos
SetWindowPos
DialogBoxIndirectParamW
DialogBoxIndirectParamA
LoadMenuW
MapWindowPoints
wvsprintfA
SetSysColors
GetDlgItem
IsDialogMessageW
DrawIconEx
DefWindowProcW
SwitchToThisWindow
IsRectEmpty
GetWindowLongA
DrawIcon
DefFrameProcA
CreateDialogIndirectParamW
RegisterClassExW
DrawFocusRect
IsCharAlphaA
GetClassInfoExA
SetWindowTextA
CharUpperBuffW
GetMenuStringA
IsCharUpperA
EqualRect
CopyAcceleratorTableW
FindWindowW
LoadAcceleratorsW
DrawStateA
RegisterHotKey
CreateMenu
TranslateMessage
DefDlgProcW
LoadIconW
SendMessageW
SetDlgItemTextA
GetDlgItemTextA
LoadMenuA
ClientToScreen
MonitorFromRect
ValidateRect
ShowCursor
CreateWindowExW
CreateAcceleratorTableW
BeginPaint
DragObject
CharPrevW
DestroyCaret
IsWindowEnabled
DestroyCursor
LoadBitmapW
WaitForInputIdle
CheckMenuItem
EnumChildWindows
SetCursor
mouse_event
ScrollWindow
CharUpperW
GetMessageTime
ShowOwnedPopups
CharLowerBuffW
GetSystemMenu
GetWindowLongW
IsIconic
GetUserObjectInformationW
CharPrevA
MoveWindow

shlwapi

PathIsUNCW

kernel32

GetModuleFileNameA
VirtualProtect
FlushViewOfFile
HeapLock
GetStartupInfoW
CreateMutexA
GetCommandLineA
GetSystemDefaultUILanguage
HeapFree
OpenEventW
FindNextChangeNotification
OpenEventA
FileTimeToDosDateTime
SetUnhandledExceptionFilter
HeapReAlloc
GetModuleHandleA
FindFirstFileW
VerSetConditionMask
ReadFile
GetFileAttributesA
DeleteAtom
GetTimeZoneInformation
ReleaseMutex
GetUserDefaultLCID
HeapAlloc
AddAtomW
GetPriorityClass
GetWindowsDirectoryA
GetComputerNameA
GetProcessHeap
GetStdHandle
CreateFileMappingA
GetSystemTimeAdjustment
SetLastError
GetCommConfig
GetAtomNameA
CreateThread
lstrcatW
SetThreadExecutionState
GetTempFileNameW
GetBinaryTypeW
GetFileSize
SetFileAttributesW
lstrcmpA
CreateFileA
SleepEx
SuspendThread
GetModuleHandleW
CreateEventW
FindResourceExA
GetFullPathNameA
CreateFileMappingW
RegisterWaitForSingleObject
GetCurrentThread
SystemTimeToFileTime
GetHandleInformation
lstrcmpiW

msvcrt

ftell
_controlfp
wcscmp
memset
gets
strtoul
isupper
fputc
__set_app_type
__p__fmode
fwrite
swprintf
wcstombs
__p__commode
iswctype
strchr
wcsrchr
_amsg_exit
iswdigit
fgetc
isalnum
_initterm
wcscpy
wcsncpy
puts
fgets
wcslen
setlocale
exit
putc
strcoll
_ismbblead
_XcptFilter
_exit
towlower
fread
tolower
sscanf
_cexit
wcscspn
__setusermatherr
system
__getmainargs
fseek
isalpha
swscanf
strspn
strcpy

Exports

Exports

AlphaBle:O
GradientFi:O
TransparentB:O
?CalculateStringCapacity@@YGKDDPAX:O

Sections

.text
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.align
Size: 1KB - Virtual size: 124KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.date
Size: 512B - Virtual size: 168B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.dati
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.char
Size: 512B - Virtual size: 492B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.odata
Size: 13KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 169KB - Virtual size: 169KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

4920e37014771519128a7d9a99a1503a

Headers

File Characteristics

PDB Paths

Imports

user32

shlwapi

kernel32

msvcrt

Exports

Exports

Sections

.text Size: 9KB - Virtual size: 9KB

.align Size: 1KB - Virtual size: 124KB

.date Size: 512B - Virtual size: 168B

.dati Size: 6KB - Virtual size: 5KB

.char Size: 512B - Virtual size: 492B

.odata Size: 13KB - Virtual size: 12KB

.data Size: 2KB - Virtual size: 1KB

.rsrc Size: 169KB - Virtual size: 169KB

.reloc Size: 2KB - Virtual size: 1KB

.text
Size: 9KB - Virtual size: 9KB

.align
Size: 1KB - Virtual size: 124KB

.date
Size: 512B - Virtual size: 168B

.dati
Size: 6KB - Virtual size: 5KB

.char
Size: 512B - Virtual size: 492B

.odata
Size: 13KB - Virtual size: 12KB

.data
Size: 2KB - Virtual size: 1KB

.rsrc
Size: 169KB - Virtual size: 169KB

.reloc
Size: 2KB - Virtual size: 1KB