2a2775a8e8ac71ade814394828eff097_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

2a2775a8e8ac71ade814394828eff097_JaffaCakes118
Size

222KB
MD5

2a2775a8e8ac71ade814394828eff097
SHA1

aec63aaf7d7ab2bcb131a9ef746d1591a672f63e
SHA256

801383ba5a4f8bbf30f6a2df5b344c0d96436e447bb293b824abae66cbd968fa
SHA512

cb817b2044e640623fecdf16aa8bea55c55f8b97071680981c1edbb72688ea3e37e7c76538e891a623732f8765cfc593067e5a555ca732e58f0af70e4c2ae81d
SSDEEP

6144:xB1lI9qMQ7dXTwrwS9SQciS8PP+zhW11S1Af:xB129qMQxXTwrwmSQciuQ1S1

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2a2775a8e8ac71ade814394828eff097_JaffaCakes118

Files

2a2775a8e8ac71ade814394828eff097_JaffaCakes118
.exe windows:5 windows x86 arch:x86

d8c9f6d580fb58c8f7d9740982219145

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

K:\vjkbdIEyut\aziYjZnLxg\nneoFeKC\VdojXFuK\WowsLyq.pdb

Imports

msvcrt

strerror
free
strtoul
iswctype
clock
_controlfp
__set_app_type
__p__fmode
iswdigit
floor
wcscspn
wcscoll
strtok
__p__commode
wcstol
time
wcschr
towlower
wcstombs
strchr
calloc
_amsg_exit
swprintf
strcspn
_initterm
isalnum
qsort
vsprintf
atol
wcslen
isdigit
fgets
gmtime
_acmdln
exit
_ismbblead
_XcptFilter
strtol
puts
wcstoul
_exit
_cexit
__setusermatherr
strrchr
printf
__getmainargs

user32

GetMessagePos
GetMenuItemCount
CascadeWindows
LoadBitmapW
ChildWindowFromPoint
EnumThreadWindows
DrawTextA
DrawStateW
SendNotifyMessageW
EnumChildWindows
LoadBitmapA
CharPrevA
SendMessageA
CopyAcceleratorTableW
GetTopWindow
PostThreadMessageW
SetWindowRgn
TabbedTextOutW
DialogBoxIndirectParamA
DrawMenuBar
wsprintfA
IsDialogMessageW
SetMenuItemBitmaps
CloseDesktop
CharUpperBuffW
GetNextDlgTabItem
LoadCursorA
ScrollWindow
GetScrollInfo
OpenInputDesktop
SetClassLongW
SetCursorPos
GetUpdateRect
DestroyCursor
SendMessageTimeoutA
AppendMenuA
DrawEdge
GetDlgItemTextW
FindWindowW
GetUserObjectInformationW
DragObject
CreateDialogParamW
InvalidateRgn
ActivateKeyboardLayout
IsWindowEnabled
RegisterClassA
MessageBoxExW
GetWindowLongA
OpenDesktopW
IsCharUpperA
TrackPopupMenu
TranslateAcceleratorW
GetActiveWindow
BringWindowToTop
WindowFromPoint
GetDCEx
CharNextExA
EnableScrollBar
ExitWindowsEx
SetForegroundWindow
CharToOemA
GetMonitorInfoW
MoveWindow
CharToOemW
EnumWindows
LoadStringA
MapDialogRect
DefWindowProcA
GetCursorPos
DispatchMessageA
DrawFrameControl
DefFrameProcW
SetCaretPos
CreateWindowExW
DefFrameProcA
SetActiveWindow
GetWindowTextA
RedrawWindow
MapWindowPoints
FindWindowExA
RegisterWindowMessageA
GetDesktopWindow
OffsetRect
WaitMessage
TranslateAcceleratorA
MonitorFromRect
LoadAcceleratorsA
SendDlgItemMessageA
CheckMenuItem
GetMenuItemID
ShowWindow
UnloadKeyboardLayout
RemovePropW
GetClipCursor
CreatePopupMenu
RemoveMenu
SetMenuDefaultItem
SetCursor
MessageBoxW
SendDlgItemMessageW
GetLastActivePopup
IntersectRect
CharNextW
IsRectEmpty
CopyRect
CharLowerBuffW
ChangeMenuW
DestroyIcon
CharUpperA

kernel32

lstrcmpA
CreateMailslotW
CreateDirectoryA
GetCommState
TlsGetValue
lstrcmpiA
CreateNamedPipeA
LocalAlloc
GlobalFlags
GlobalHandle
GlobalSize
GlobalGetAtomNameA
WriteConsoleInputW
lstrcmpW
InitializeCriticalSection
FindFirstFileA
CreatePipe
SetFileApisToOEM
ResetEvent
MoveFileExW
IsBadCodePtr
lstrcpynA
GetCurrentProcessId
CreateWaitableTimerW
GlobalMemoryStatusEx
TlsSetValue
SetHandleCount
GetFullPathNameW
AddAtomA
GetComputerNameA
SearchPathW
SearchPathA
lstrcatA
GetWindowsDirectoryA
GetStringTypeExW
SetCommState
GetCurrentProcess
CloseHandle
DisconnectNamedPipe
CreateSemaphoreW
SetFileAttributesA
lstrcmpiW
LocalFree
GetCommConfig
CreateMutexW
ConvertDefaultLocale
SetThreadLocale
lstrcpynW
OpenFileMappingA
GetComputerNameExW
SetFileTime
GlobalCompact
WaitCommEvent
ReleaseSemaphore

gdi32

CreateDIBSection
CombineRgn
Polygon
CreateICW
SetViewportExtEx
GetTextAlign
EndPage
DPtoLP
MoveToEx
CreateRoundRectRgn
ResizePalette
TextOutA
DeleteDC
SelectClipRgn
CreateSolidBrush
CreateCompatibleBitmap
SetBkMode
SetDIBits
TextOutW
SaveDC
GetDeviceCaps
GetCharWidth32W
SetROP2
CreateEllipticRgnIndirect
IntersectClipRect
GetStockObject
GetPixel
SetPaletteEntries
GetTextExtentPoint32W
StartPage
GetFontData
EnumFontsW
GetObjectA
Ellipse
CreateFontW
SetBitmapBits
UnrealizeObject
CreateCompatibleDC
CreateRectRgn
GetDIBits
CreatePen
BitBlt
GetNearestPaletteIndex
GetTextExtentPointW

comctl32

ImageList_Destroy
CreatePropertySheetPageW
ImageList_GetIconSize
PropertySheetW
ImageList_SetIconSize
InitCommonControlsEx

Exports

Exports

?CloseMutantNew@@YGXD_NJ~U
?ValidateProjectExA@@YGGPAD~U
?ModifyProviderA@@YGXMDPAHM~U
?ShowEventW@@YGENF~U
?GenerateKeyboardNew@@YGFPAJPAHPAD~U
?CloseString@@YGEPAJ~U
?IncrementPenA@@YGPAFPAJPAEFF~U
?EnumTextNew@@YGPAIHEE~U
?LoadScreenEx@@YGXPAKM~U
?IsScreen@@YGGPAHDDPAM~U
?CallSemaphore@@YGPAXJ_ND~U
?CopyVersion@@YGGM~U
?CancelFolderPathExW@@YGKFGPAJG~U
?GetKeyboardExA@@YGPAGMNPANM~U
?GetHeightExW@@YGPAMND~U
?ValidateMemoryW@@YGPAGH~U
?IsHeader@@YGIFKD~U
?CopyNameExW@@YGPAIFPADPA_NPAE~U
?ModifyPointerA@@YGJM~U
?CopyTimerExA@@YGPADD~U
?FreeListOld@@YGXPAMPAK~U
?GlobalWidthExA@@YGGPAKDI~U
?InsertProfileExA@@YGMKME~U
?ValidatePenOld@@YGEE~U
?HideMessageOriginal@@YGXDPAHPAJD~U
?LoadVersionW@@YGPAKPAFG~U
?SendThreadNew@@YGXPAGHE~U
?GlobalSemaphoreNew@@YGPAGPAMMPAH~U
?HideProviderOriginal@@YGJJEPAG~U
?SectionOld@@YGPADMH~U
?ClassOld@@YGXI~U
?CallKeyNameExA@@YGXFPAMFN~U
?DecrementExpressionOld@@YGGPAHHEK~U

Sections

.text
Size: 193KB - Virtual size: 192KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.tbl_i
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tbl_e
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bdat3
Size: 512B - Virtual size: 32B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bdat0
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bdat1
Size: 512B - Virtual size: 32B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bdat2
Size: 512B - Virtual size: 44B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.vptr4
Size: 512B - Virtual size: 32B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 1024B - Virtual size: 974B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d8c9f6d580fb58c8f7d9740982219145

Headers

File Characteristics

PDB Paths

Imports

msvcrt

user32

kernel32

gdi32

comctl32

Exports

Exports

Sections

.text Size: 193KB - Virtual size: 192KB

.tbl_i Size: 1KB - Virtual size: 1KB

.tbl_e Size: 1KB - Virtual size: 1KB

.bdat3 Size: 512B - Virtual size: 32B

.bdat0 Size: 5KB - Virtual size: 5KB

.bdat1 Size: 512B - Virtual size: 32B

.bdat2 Size: 512B - Virtual size: 44B

.vptr4 Size: 512B - Virtual size: 32B

.data Size: 13KB - Virtual size: 13KB

.rdata Size: 1024B - Virtual size: 974B

.rsrc Size: 512B - Virtual size: 16B

.reloc Size: 2KB - Virtual size: 2KB

.text
Size: 193KB - Virtual size: 192KB

.tbl_i
Size: 1KB - Virtual size: 1KB

.tbl_e
Size: 1KB - Virtual size: 1KB

.bdat3
Size: 512B - Virtual size: 32B

.bdat0
Size: 5KB - Virtual size: 5KB

.bdat1
Size: 512B - Virtual size: 32B

.bdat2
Size: 512B - Virtual size: 44B

.vptr4
Size: 512B - Virtual size: 32B

.data
Size: 13KB - Virtual size: 13KB

.rdata
Size: 1024B - Virtual size: 974B

.rsrc
Size: 512B - Virtual size: 16B

.reloc
Size: 2KB - Virtual size: 2KB