2e3f7a7e8fe6a0bef92c48e8946592e3_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

2e3f7a7e8fe6a0bef92c48e8946592e3_JaffaCakes118
Size

214KB
MD5

2e3f7a7e8fe6a0bef92c48e8946592e3
SHA1

c6e6d2837d3fc47ed45f34c3f743b6750eec00e8
SHA256

8e422b621cfa5d51caff2643b7c6105817c6d37f9fb524039a4c8dd1243a4230
SHA512

1e47b79e7aa084951bf83dfdceefdded5f3178f41af9013bb8636a62c115e5137d03893374426e0b02f9ec549fe987c5dffb3688553b62b35e65365ec15419b7
SSDEEP

6144:i3ykkgb/yAC49D1nXmQsY5B18KxNbdOkWWeLUn:i3yU/yMHWQdXNxtheL8

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2e3f7a7e8fe6a0bef92c48e8946592e3_JaffaCakes118

Files

2e3f7a7e8fe6a0bef92c48e8946592e3_JaffaCakes118
.exe windows:5 windows x86 arch:x86

3ac166984dcc1a834a8c838e06e6ccd6

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

I:\eTuHqdyTe\plxJsoKqCbnyF\neTPGwwDpkg\czdvszxBfhs.pdb

Imports

comctl32

ImageList_Remove
CreatePropertySheetPageW
CreateStatusWindowW
ImageList_Create
ImageList_LoadImageW

user32

InsertMenuW
CallWindowProcW
CreateMenu
IsCharAlphaNumericW
ArrangeIconicWindows
SendDlgItemMessageW
SystemParametersInfoW
BeginPaint
SwitchToThisWindow
SetForegroundWindow
ReplyMessage
GetFocus
CharUpperBuffA
GetSystemMetrics
PostThreadMessageW
GetClassInfoExW
HideCaret
AttachThreadInput
RegisterClassA
AppendMenuW
EnableScrollBar
InvalidateRgn
LoadMenuW
MessageBoxW
GetMessageExtraInfo
LookupIconIdFromDirectory
CreateWindowExW
DefWindowProcA
IsMenu
DefDlgProcW
DrawIcon
SendNotifyMessageW
IsCharAlphaW
RemoveMenu
MessageBoxA
IntersectRect
DrawEdge
CreateCursor
ToUnicodeEx
MapVirtualKeyExW
LoadBitmapW
IsZoomed
EndDialog
SetDlgItemTextW
SetScrollInfo
TabbedTextOutW
GetDlgItemInt
GetMenuItemCount
SetWindowLongA
FillRect
CharLowerW
GetWindowLongA
DrawFocusRect
EnumChildWindows
ValidateRect
ExitWindowsEx
InvertRect
CreateIconFromResource
GetMessagePos
ChangeMenuW
RegisterClassExA
EnumThreadWindows
SetCaretPos
CopyAcceleratorTableW
CharUpperA
CharUpperW
OemToCharBuffA
DestroyMenu
SwapMouseButton
ClipCursor
GetWindow
GetDCEx
GetCursorPos
RedrawWindow
SetTimer
SetLastErrorEx
GetUserObjectInformationW
AllowSetForegroundWindow
wsprintfA
FindWindowExW
SetWindowRgn
DialogBoxParamA
CharToOemBuffA
CloseDesktop
IsDialogMessageW
CreateCaret

kernel32

GetCurrentThread
SetHandleInformation
DisconnectNamedPipe
GlobalMemoryStatusEx
GetTempPathW
HeapLock
SetMailslotInfo
FindCloseChangeNotification
RegisterWaitForSingleObject
GetTickCount
SetFileTime
GetLastError
GetVersionExA
GlobalLock
IsDBCSLeadByteEx
LockResource
GetFileAttributesW
ResumeThread
OpenFile
GetLongPathNameW
GlobalUnlock
GetComputerNameExW
GetSystemWindowsDirectoryW
BuildCommDCBAndTimeoutsW
GetModuleFileNameW
OpenFileMappingW
SetFilePointer
GetThreadContext
GetLocaleInfoW
SetCommTimeouts
AddAtomA
IsBadWritePtr
VirtualQuery
GetSystemTimeAsFileTime
GetTimeFormatW
CreatePipe
lstrlenA
LoadLibraryExW
WaitForMultipleObjects
DeviceIoControl
ReadFile

msvcrt

strerror
swprintf
_controlfp
toupper
__set_app_type
srand
iswxdigit
malloc
iswspace
isxdigit
__p__fmode
atol
__p__commode
_amsg_exit
_initterm
_acmdln
putchar
wcscoll
perror
strspn
atoi
strstr
exit
fgetc
printf
fprintf
fputs
wcsncmp
_ismbblead
_XcptFilter
_exit
realloc
rand
wcsncpy
strrchr
_cexit
__setusermatherr
islower
__getmainargs

gdi32

TextOutA
GetTextExtentPointW
SetViewportOrgEx
CreateDIBSection
ExtFloodFill
GetTextExtentPoint32A
GetROP2
StartPage
GetTextExtentPoint32W
CreateDCW
SetDIBitsToDevice
StartDocW
IntersectClipRect
SetBkMode
SetRectRgn
SelectClipRgn
CreatePenIndirect
StretchDIBits
ExtTextOutA
GetTextColor
SetBitmapDimensionEx
GetClipBox
Escape
Polygon
GetObjectA
CreateDiscardableBitmap
UnrealizeObject
GetNearestColor
GetBkMode
TranslateCharsetInfo
SetTextAlign
RectVisible
EndPage
PolyBezier
TextOutW

Exports

Exports

?WaitForMultipleObjectsIUIUDSiuld@@YGKEPA_WG@Z
?WaitForMultipleObjectsJUDiuDLIJU@@YGKEPA_WG@Z
?WaitForMultipleObjectsUYDyudkjh@@YGKEPA_WG@Z
?WaitForSingleObjectYDEyuhgDU6d@@YGKEPA_WG@Z

Sections

.text
Size: 78KB - Virtual size: 78KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 18KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 2KB - Virtual size: 62KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 112KB - Virtual size: 111KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

3ac166984dcc1a834a8c838e06e6ccd6

Headers

File Characteristics

PDB Paths

Imports

comctl32

user32

kernel32

msvcrt

gdi32

Exports

Exports

Sections

.text Size: 78KB - Virtual size: 78KB

.data Size: 18KB - Virtual size: 17KB

.rdata Size: 2KB - Virtual size: 62KB

.rsrc Size: 112KB - Virtual size: 111KB

.reloc Size: 2KB - Virtual size: 1KB

.text
Size: 78KB - Virtual size: 78KB

.data
Size: 18KB - Virtual size: 17KB

.rdata
Size: 2KB - Virtual size: 62KB

.rsrc
Size: 112KB - Virtual size: 111KB

.reloc
Size: 2KB - Virtual size: 1KB