2b8685ed6bef63159af368f1bdb9d099_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

2b8685ed6bef63159af368f1bdb9d099_JaffaCakes118
Size

216KB
MD5

2b8685ed6bef63159af368f1bdb9d099
SHA1

650f055bb28873fb5684cc05413b091cb6aaf2a8
SHA256

1de6b66625c10475cfe9cfbd8d4f67d23b1cf2bed4cd2fb91fbd9d2ee19ce8a8
SHA512

d9dc00178f4b3046d5582d9e77a233fe8b4f4b69bb496858f62e8c112d616cfa99bf745fccf130a298dd39ced9222466aec270485c2ce78a2e6f40ffdd2f010a
SSDEEP

6144:uZ/A8gPywOE0MEgc3hiSkOK9wZR2eQNC+HOz:QBwcM0wSkOeyTQNCs6

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2b8685ed6bef63159af368f1bdb9d099_JaffaCakes118

Files

2b8685ed6bef63159af368f1bdb9d099_JaffaCakes118
.exe windows:5 windows x86 arch:x86

b289a3a61bb73e8848a56b00691513ba

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

J:\pRUyzargfhbnHt\oNZugHWtu\eHoRyMbkydEg\BhqOdtmsfZcN.pdb

Imports

gdi32

ExcludeClipRect
OffsetRgn
CreateSolidBrush
GetBkMode
RestoreDC
TranslateCharsetInfo
IntersectClipRect
CreateBrushIndirect
GetNearestPaletteIndex
GetObjectA
CreateDIBSection
ScaleWindowExtEx
CreateHatchBrush
GetDIBits
SetBkMode
StretchDIBits
CreateDiscardableBitmap
EndPage
SetViewportOrgEx
SelectClipRgn
SetBitmapBits
CreateFontA
DeleteObject
GetPaletteEntries
SetTextAlign
CreatePatternBrush
GetTextMetricsW
GetStockObject
BitBlt
PolyBezier
SetDIBColorTable
CreateFontIndirectW
PathToRegion
EnumFontFamiliesW
PtInRegion

msvcrt

_controlfp
localtime
vswprintf
__set_app_type
fputs
fclose
__p__fmode
vsprintf
__p__commode
_amsg_exit
isalnum
isspace
wcstok
fgetc
toupper
_initterm
_acmdln
exit
remove
swscanf
_ismbblead
rand
_XcptFilter
malloc
atoi
printf
iswspace
_exit
_cexit
mbtowc
__setusermatherr
strtok
wcsncpy
swprintf
wcsstr
strchr
isprint
strncmp
wcstoul
__getmainargs

kernel32

GlobalSize
GetFileAttributesExA
GetLocaleInfoA
SizeofResource
ConnectNamedPipe
GetCurrentThread
CreateMutexA
SetLastError
GetCommModemStatus
OpenFileMappingA
CreateMutexW
GetProcAddress
CallNamedPipeW
GetBinaryTypeA
ResetEvent
SetSystemTimeAdjustment
TryEnterCriticalSection
WaitForSingleObject
WriteFile
VerifyVersionInfoW
GetOverlappedResult
GetLastError
MultiByteToWideChar
CreatePipe
GlobalDeleteAtom
SetThreadContext
MoveFileA
GetDateFormatA
MulDiv
SetCommMask
GetStdHandle
FoldStringW
LeaveCriticalSection
GetCommConfig
SetPriorityClass
GetModuleHandleW
LockResource
HeapCreate
DeviceIoControl
SetCurrentDirectoryA

user32

CreatePopupMenu
EndDialog
mouse_event
ShowCursor
CreateDialogIndirectParamW
CreateWindowExW
ToUnicodeEx
CheckMenuRadioItem
ReleaseDC
GetClassInfoExW
ClipCursor
SetScrollRange
PtInRect
ShowCaret
FindWindowW
FillRect
OffsetRect
LoadImageW
DefDlgProcW
GetDlgItemTextW
DestroyCursor
GetSubMenu
MonitorFromPoint
DestroyAcceleratorTable
IsCharUpperA
GetUserObjectInformationW
ShowScrollBar
GetWindowLongW
MapWindowPoints
AppendMenuW
CheckRadioButton
CharToOemW
MapVirtualKeyA
HiliteMenuItem
BringWindowToTop
PeekMessageA
TranslateMessage
SendMessageW
SetSysColors
DialogBoxIndirectParamA
DestroyCaret
DestroyMenu
IsWindow
LoadStringW
RemoveMenu
InvertRect
PostMessageA
InsertMenuA
GetMenuItemCount
SetWindowPlacement
SetDlgItemTextW
GetActiveWindow
SetMenuItemInfoW
MessageBoxExA
DrawIcon
CloseDesktop
CreateCursor
wvsprintfW
CreateDialogParamA
InSendMessage
ModifyMenuW
WaitForInputIdle
PeekMessageW
GetUpdateRect
SystemParametersInfoW
DefDlgProcA
LoadIconW
OemToCharA
FrameRect
MapDialogRect
OpenIcon
GetMenuCheckMarkDimensions
IsWindowEnabled
RegisterClassW
LoadMenuA
OpenDesktopW
CharLowerA
IsCharLowerA
RegisterWindowMessageA
ShowWindow
GetMenu
MapVirtualKeyExW
TrackPopupMenuEx
GetDC
PostThreadMessageW
SetWindowTextA
HideCaret
RegisterHotKey

comctl32

ImageList_Write
ImageList_Read
CreateStatusWindowW
PropertySheetA
InitCommonControlsEx

Exports

Exports

?IsAppName@@YGXII&U
?DeleteSemaphoreOld@@YGPAJKGG&U
?RtlFunctionOriginal@@YGPAMIPANHE&U
?IsNotDataW@@YGDIPADPAG&U
?GetFolderPathEx@@YGMNIJ&U
?KillStateEx@@YGPANPAEG&U
?ModifyAnchorExW@@YGIPAMEEK&U
?InvalidateAnchorExA@@YGHMM&U
?FreeKeyNameNew@@YGGPAJHFD&U
?SendSemaphoreOriginal@@YGPAHPAMPAKJF&U
?IsProcessOld@@YGHPAE&U
?InvalidatePenA@@YGDPAIPAEPAK&U
?LoadRectExA@@YGIK_NI&U
?ValidateConfigEx@@YGPANGFI&U
?ModifyPenOld@@YGPAFHPAEM&U
?IsNameOriginal@@YGXJIMPAH&U
?DecrementListItemExW@@YGJFPAI&U
?CopyProjectA@@YGMKG&U
?DecrementMediaTypeExW@@YGMF_NPAK&U
?ShowPointerA@@YGDF&U
?EnumStringW@@YGPAG_NN&U
?ClassNew@@YGXPAGF&U
?ShowSection@@YGDJKPAH&U
?IsValidPointerEx@@YGXKKH&U
?OnFolderPathOriginal@@YGFMPAIGPAE&U
?Project@@YGPAGPAM&U
?AddStringW@@YGPAXI&U
?IsNotClassEx@@YGPAGPAD_N&U
?GlobalFunctionA@@YGENPA_NIPAN&U
?PutDateTimeW@@YGEM&U
?PutHeightEx@@YGXPAF&U
?GlobalComponentOriginal@@YGPAMK&U
?FreeVersionEx@@YGGNEG&U
?InstallObjectOriginal@@YGMFNPAK&U
?CopyPointW@@YGHG&U
?PutObjectExA@@YGXJI&U
?SetMemoryExA@@YGPAKPADKPAD&U
?InvalidatePoint@@YGGMPAM&U
?InvalidateTaskEx@@YGDII&U

Sections

.text
Size: 80KB - Virtual size: 80KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.imdat
Size: 1024B - Virtual size: 852B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.edata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 5KB - Virtual size: 62KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 113KB - Virtual size: 112KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b289a3a61bb73e8848a56b00691513ba

Headers

File Characteristics

PDB Paths

Imports

gdi32

msvcrt

kernel32

user32

comctl32

Exports

Exports

Sections

.text Size: 80KB - Virtual size: 80KB

.imdat Size: 1024B - Virtual size: 852B

.edata Size: 1KB - Virtual size: 1KB

.data Size: 13KB - Virtual size: 13KB

.rdata Size: 5KB - Virtual size: 62KB

.rsrc Size: 113KB - Virtual size: 112KB

.reloc Size: 2KB - Virtual size: 1KB

.text
Size: 80KB - Virtual size: 80KB

.imdat
Size: 1024B - Virtual size: 852B

.edata
Size: 1KB - Virtual size: 1KB

.data
Size: 13KB - Virtual size: 13KB

.rdata
Size: 5KB - Virtual size: 62KB

.rsrc
Size: 113KB - Virtual size: 112KB

.reloc
Size: 2KB - Virtual size: 1KB