27b112772eb12f7093d8a3935f788d3b_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

27b112772eb12f7093d8a3935f788d3b_JaffaCakes118
Size

141KB
MD5

27b112772eb12f7093d8a3935f788d3b
SHA1

f721aff5cacfd98e336b73fbd10b64d494dd43be
SHA256

9e910b66f67e8bc7b305ab8a84a03bb3f38381fead87b92e4874ba5c3cfacb36
SHA512

e93091617a4f95dfbccab117035197d8bb1cb271466dd500434ec4d4919217fe7be3fceb7330b7c3ebac873a5c64ac9364c97660708ab5dfd8f6beadbbd0bc43
SSDEEP

3072:ooDNfhBVJjdqyM19KrETJ7HOQYmzD1PJblsaFYJYyrP:oQJNJJy104TJ7HVYmzD1RZvFdyb

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
27b112772eb12f7093d8a3935f788d3b_JaffaCakes118

Files

27b112772eb12f7093d8a3935f788d3b_JaffaCakes118
.exe windows:5 windows x86 arch:x86

954407c124a70039e7b5255e8b25d883

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

T:\szNialogg\UJvfGaCw\aOXbYgDwEbJx\qgVScaoFxy\hpDsSbPf.pdb

Imports

user32

FindWindowExW
ClientToScreen
CharUpperW
DialogBoxIndirectParamA
GetClassLongA
IsCharAlphaA
CallWindowProcW
VkKeyScanW
DestroyCaret
LockWindowUpdate
LoadImageA
GetSystemMenu
MapVirtualKeyExW
wvsprintfA
MapWindowPoints
SetWindowPlacement
DrawTextW
MonitorFromRect
ReleaseDC
ScrollWindow
GetMenuItemCount
DefDlgProcW
GetScrollInfo
LoadMenuW
ChildWindowFromPoint
CharNextA
CreateDialogParamA
GetMenuItemRect
EnableScrollBar
DrawIcon
DrawMenuBar
SetMenuDefaultItem
CascadeWindows
FrameRect
SetSysColors
CharUpperBuffW
CharUpperA
EndDialog
CreateCursor
PostMessageA
ClipCursor
IsDialogMessageA
DispatchMessageA
GetMenuCheckMarkDimensions
InvalidateRect
CharUpperBuffA
RegisterWindowMessageA
DestroyIcon
DrawTextExW
EnumThreadWindows
IsCharUpperA
CheckMenuItem
GetMenuItemID
GetMenuStringA
AdjustWindowRectEx
wsprintfA
CreatePopupMenu
TabbedTextOutW
SetDlgItemTextA
RedrawWindow
GetDCEx
ActivateKeyboardLayout
wsprintfW
CreateDialogIndirectParamW
LoadStringW
InsertMenuA
GetMessageA
GetDC
CreateAcceleratorTableW
LoadBitmapA
IsDialogMessageW
ShowCaret
MapDialogRect
LoadIconA
CharLowerBuffW
GetDoubleClickTime
SendDlgItemMessageW
GetDlgItemTextA
SendMessageW
GetShellWindow
GetSubMenu
CharLowerW
AllowSetForegroundWindow
IsCharLowerA
GetMenuState

msvcrt

_controlfp
vswprintf
strtoul
__set_app_type
__p__fmode
__p__commode
mbstowcs
isalnum
wcscspn
strcspn
vsprintf
system
_amsg_exit
_initterm
_ismbblead
_XcptFilter
_exit
fclose
iswspace
wcstol
isdigit
_cexit
swprintf
strtol
mbtowc
strspn
getenv
swscanf
sprintf
mktime
__setusermatherr
tolower
fwrite
exit
__getmainargs
putchar

shlwapi

UrlGetLocationA
UrlIsOpaqueW

kernel32

IsValidLanguageGroup
VerSetConditionMask
DuplicateHandle
ConvertDefaultLocale
FindFirstFileW
GetModuleFileNameA
CreateFileA
lstrcmpiA
FreeLibrary
SetFilePointer
CreateNamedPipeA
GetSystemDirectoryW
CreateWaitableTimerA
SetLocalTime
IsDBCSLeadByteEx
DeleteCriticalSection
CreateThread
GetStartupInfoW
GetFileType
SuspendThread
QueryDosDeviceW
OpenEventW
MoveFileExW
LockResource
GetFileAttributesA
GetSystemWindowsDirectoryA
GetTempPathW
CompareFileTime
GetTimeFormatA
CreateFileMappingW
RaiseException
IsBadStringPtrW
VirtualQuery
GetACP
SearchPathW
lstrcmpiW
GetCurrentThreadId
GetVersionExW
lstrcpyW
LoadLibraryW

Exports

Exports

?HistoryLoggingOn@@YGKDKPAX:O

Sections

.text
Size: 24KB - Virtual size: 23KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdbg
Size: 512B - Virtual size: 111B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.iplan
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.eplan
Size: 512B - Virtual size: 91B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.run
Size: 1024B - Virtual size: 593B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.0dat
Size: 105KB - Virtual size: 104KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ram
Size: - Virtual size: 123KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

954407c124a70039e7b5255e8b25d883

Headers

File Characteristics

PDB Paths

Imports

user32

msvcrt

shlwapi

kernel32

Exports

Exports

Sections

.text Size: 24KB - Virtual size: 23KB

.rdbg Size: 512B - Virtual size: 111B

.iplan Size: 4KB - Virtual size: 4KB

.eplan Size: 512B - Virtual size: 91B

.run Size: 1024B - Virtual size: 593B

.0dat Size: 105KB - Virtual size: 104KB

.data Size: 3KB - Virtual size: 2KB

.ram Size: - Virtual size: 123KB

.rsrc Size: 2KB - Virtual size: 1KB

.text
Size: 24KB - Virtual size: 23KB

.rdbg
Size: 512B - Virtual size: 111B

.iplan
Size: 4KB - Virtual size: 4KB

.eplan
Size: 512B - Virtual size: 91B

.run
Size: 1024B - Virtual size: 593B

.0dat
Size: 105KB - Virtual size: 104KB

.data
Size: 3KB - Virtual size: 2KB

.ram
Size: - Virtual size: 123KB

.rsrc
Size: 2KB - Virtual size: 1KB