299a24b9b2bfea8bd63fac99e82590a1_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

299a24b9b2bfea8bd63fac99e82590a1_JaffaCakes118
Size

220KB
MD5

299a24b9b2bfea8bd63fac99e82590a1
SHA1

a646d4e72dc41547b658c243e1757d24e3ff264b
SHA256

0cab4f63b97ebde2d9c419e0b7849e1ac780b3705b7f67eb6e14d2d5be10372b
SHA512

d32593321c7895466aca9b1f1030128b73f462a87a00c1b922d63cd6b664b92df9b87bc5c1406905c80d8a59fae7a4e3343ce99934ec6d81b70c48086fb312f1
SSDEEP

3072:XPei+01mg78fJHmYx2OblNFKMTGyRQxu5fvTOmji9Ma5JwvqSp748TwG80fSvx:/eiZ78fJHTZiMxRQQ5K0TasnXwRfx

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
299a24b9b2bfea8bd63fac99e82590a1_JaffaCakes118

Files

299a24b9b2bfea8bd63fac99e82590a1_JaffaCakes118
.exe windows:5 windows x86 arch:x86

be04f168fc174838ec95374d921c52d9

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

P:\dbpvyejfyUywv\MgsENwjism\pnotzhwaul\mhrTdebkGlyk\DmJWujhc.pdb

Imports

gdi32

SetStretchBltMode
TranslateCharsetInfo
SetBitmapDimensionEx
GetTextExtentExPointW
Rectangle
CreatePenIndirect
UnrealizeObject
GetROP2
CreateHalftonePalette
GetSystemPaletteEntries
Escape
ExtFloodFill
SetViewportOrgEx
GetTextMetricsA
EndDoc
DeleteObject
ResizePalette
GetPixel
SelectPalette
GetTextCharsetInfo
GetObjectW
ExtTextOutA
CreateFontIndirectW
OffsetViewportOrgEx
CreateDCW
RectVisible
GetBkMode
GetTextExtentPointW
EnumFontFamiliesExW
SelectObject
CreateRectRgn
CreateCompatibleBitmap
CreateHatchBrush
GetDIBits
SetRectRgn
CreateDIBSection
GetFontData
SetPixel
GetObjectA
CreateBitmap
RectInRegion
SetLayout
CreateFontIndirectA
GetCurrentObject
GetNearestColor
GetTextExtentPointA

msvcrt

wcscpy
strpbrk
_controlfp
__set_app_type
__p__fmode
perror
__p__commode
strchr
mbstowcs
_amsg_exit
strstr
wcscat
atoi
floor
wcslen
_initterm
towupper
strtol
wcscmp
_acmdln
exit
wcstok
_ismbblead
strcpy
_XcptFilter
sscanf
_exit
strcoll
isupper
mbtowc
_cexit
gmtime
remove
bsearch
atol
fgetc
mktime
wcsrchr
wcstol
swscanf
__setusermatherr
qsort
strtok
iswdigit
__getmainargs
iswxdigit

kernel32

SetThreadExecutionState
VirtualFree
GetVersionExW
EscapeCommFunction
VirtualAlloc
CopyFileA
GlobalAlloc
IsBadStringPtrW
lstrcmpiW
MapViewOfFile
GetDateFormatW
FlushViewOfFile
GetSystemDirectoryW
InitializeCriticalSection
AddAtomA
GetSystemDirectoryA
MulDiv
OpenEventW
GetCurrentProcessId
LCMapStringA
UnmapViewOfFile
OpenEventA
GetBinaryTypeW
SetHandleInformation
GlobalReAlloc
GetFileInformationByHandle
GetCPInfo
VerifyVersionInfoW
RegisterWaitForSingleObject
CreateEventW
RemoveDirectoryA
GlobalAddAtomW
ResetEvent
GetLastError
WaitForMultipleObjects
SetTimerQueueTimer
GlobalAddAtomA
GetCurrentProcess
OpenFileMappingW
SetCommMask
WriteConsoleInputA
DeleteFileA
HeapValidate
LoadLibraryExW
GetNumberFormatA
GetAtomNameA
GetCommConfig
GetExitCodeThread
CloseHandle
GetCurrentDirectoryW
SetErrorMode
TransactNamedPipe
FreeLibrary
GetThreadPriority

user32

CreateDialogIndirectParamW
LoadAcceleratorsW
SetTimer
ArrangeIconicWindows
UpdateWindow
UnionRect
SetParent
SystemParametersInfoW
GetSysColorBrush
SetMenuItemInfoW
DialogBoxParamW
GetMenuStringW
RegisterWindowMessageA
SetFocus
AppendMenuA
SetWindowPos
ChildWindowFromPointEx
GetClassInfoExA
IsIconic
ChangeMenuW
BeginDeferWindowPos
DrawEdge
LoadIconA
MessageBoxExW
EnumThreadWindows
CharLowerBuffW
CopyAcceleratorTableW
TranslateMessage
LoadImageA
FindWindowW
GetKeyState
CharPrevA
GetDlgCtrlID
CheckRadioButton
TranslateAcceleratorA
GetMenuItemRect
ClipCursor
SetDlgItemTextA
InsertMenuItemW
SetActiveWindow
DrawAnimatedRects
CreateCursor
RegisterClassA
SetDlgItemInt
RegisterClassExW
CopyImage
GetPropW
ShowWindow
FindWindowA
LoadImageW
wvsprintfW
CreateDialogParamA
LoadMenuW
TrackPopupMenu
GetParent
GetUpdateRect
SetLastErrorEx
PostMessageW
DialogBoxIndirectParamW
EndPaint
SendInput
GetIconInfo
DrawIcon
GetKeyboardLayoutList
MapDialogRect
GetClassInfoExW
GetClassLongA
EnableScrollBar
CreatePopupMenu
DispatchMessageW
MoveWindow
InSendMessage
EndDialog
AdjustWindowRectEx
GetMonitorInfoW
GetTopWindow
BeginPaint
KillTimer
GetLastActivePopup
SwitchToThisWindow
CharNextA
MonitorFromPoint
GetMenuItemInfoW
MessageBoxA
GetNextDlgGroupItem
InvertRect
DrawTextExW
LookupIconIdFromDirectory
DestroyCursor
IsWindow
GetKeyboardLayoutNameW
InSendMessageEx
DialogBoxParamA
IsRectEmpty
ReplyMessage
DialogBoxIndirectParamA
BringWindowToTop
CharUpperW
RemovePropW
ClientToScreen
InvalidateRect
GetActiveWindow
EnumWindows
EnableWindow
ShowWindowAsync
DrawTextW
DestroyWindow
SetRect
OffsetRect
ShowOwnedPopups

Exports

Exports

?DecrementDateOld@@YGPAIFPAD~U
?AddSemaphoreExW@@YGEPAMF~U
?CopyStringEx@@YGPAGH~U
?InvalidateKeyboardOriginal@@YGPAXMM~U
?FormatMonitorOriginal@@YGXPAINPANPAM~U
?SendValueEx@@YGPAKPAEPAM~U
?RtlSectionEx@@YGPAGF~U
?PutDeviceA@@YGPAHF~U
?IncrementHeightOriginal@@YGPAKI_N~U
?LoadFilePathExA@@YGNPANE~U
?SetFilePathEx@@YGEIPAN~U
?CancelDialogOld@@YGGPAMKPAH~U
?RtlMonitorA@@YGXPAIPAMGPAH~U
?IsNotHeightExW@@YGXFDD~U
?GetClassEx@@YGPA_NPAN~U
?PointerOld@@YGXGM~U
?OnState@@YGPAFH~U
?AddDialogOriginal@@YGKMPAM~U
?AddValueW@@YGKD_NF~U
?GetWindowInfoW@@YGXE~U
?ModifyPenA@@YGPAHPADDDPAD~U
?InsertMutantNew@@YGPAKMK~U
?EventEx@@YGFI~U
?FreeAppNameExA@@YGMJI_N~U
?CloseDateOriginal@@YGXPAEE~U
?FreeWindowA@@YGXIK~U
?RtlList@@YGIE~U
?IsNotExpressionExW@@YGPAKFN~U
?DeleteTimerOriginal@@YGPAKPAKJKH~U
?ShowMutantA@@YGXPAEPAFPAKD~U
?ModifyStateW@@YGPAMI~U
?PutTextExW@@YGPAXG~U
?SetWindowInfo@@YGPAEPAEGE~U

Sections

.text
Size: 193KB - Virtual size: 192KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tbl_i
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tbl_e
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bitdat2
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bitdat0
Size: 512B - Virtual size: 32B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bitdat1
Size: 512B - Virtual size: 44B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.vptr4
Size: 512B - Virtual size: 32B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 1024B - Virtual size: 902B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

be04f168fc174838ec95374d921c52d9

Headers

File Characteristics

PDB Paths

Imports

gdi32

msvcrt

kernel32

user32

Exports

Exports

Sections

.text Size: 193KB - Virtual size: 192KB

.tbl_i Size: 1KB - Virtual size: 1KB

.tbl_e Size: 1KB - Virtual size: 1KB

.bitdat2 Size: 5KB - Virtual size: 5KB

.bitdat0 Size: 512B - Virtual size: 32B

.bitdat1 Size: 512B - Virtual size: 44B

.vptr4 Size: 512B - Virtual size: 32B

.data Size: 13KB - Virtual size: 13KB

.rdata Size: 1024B - Virtual size: 902B

.rsrc Size: 512B - Virtual size: 16B

.reloc Size: 2KB - Virtual size: 2KB

.text
Size: 193KB - Virtual size: 192KB

.tbl_i
Size: 1KB - Virtual size: 1KB

.tbl_e
Size: 1KB - Virtual size: 1KB

.bitdat2
Size: 5KB - Virtual size: 5KB

.bitdat0
Size: 512B - Virtual size: 32B

.bitdat1
Size: 512B - Virtual size: 44B

.vptr4
Size: 512B - Virtual size: 32B

.data
Size: 13KB - Virtual size: 13KB

.rdata
Size: 1024B - Virtual size: 902B

.rsrc
Size: 512B - Virtual size: 16B

.reloc
Size: 2KB - Virtual size: 2KB