2cbbda38b82ab661b894de74bcf4a274_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

2cbbda38b82ab661b894de74bcf4a274_JaffaCakes118
Size

212KB
MD5

2cbbda38b82ab661b894de74bcf4a274
SHA1

5a2096392238ae1886b611fd762c1d0f76524624
SHA256

5d5284a0a8ff08ae740251f9baa2178392248549106651f4580540313b4093d7
SHA512

9cb8e584519e1bf94b0e006d2cc33ce974536f3e52f1b432355b8c84ee8b6027bafa909b26bcc514e49ed28600e728d5236d680259928d2d62ac5bebb9c37982
SSDEEP

6144:hnfv39Xiv1uUJyjZpBR9tQ7cMeCljGM/:RfVEgfd67sClCM/

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2cbbda38b82ab661b894de74bcf4a274_JaffaCakes118

Files

2cbbda38b82ab661b894de74bcf4a274_JaffaCakes118
.exe windows:5 windows x86 arch:x86

6d19dd9c047f7f7576b740a7a643413a

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

U:\mGxqodQM\kgtacXvAlz\obsiYblsmRc.pdb

Imports

user32

SendInput
ExitWindowsEx
CloseDesktop
RedrawWindow
SendMessageW
OpenIcon
DrawFocusRect
CharLowerW
CharToOemBuffA
LoadCursorA
GetClassInfoExA
ShowScrollBar
LoadMenuW
InsertMenuA
PostMessageA
GetKeyNameTextW
GetMenuItemInfoW
RemovePropW
DialogBoxParamW
MoveWindow
ShowWindowAsync
MessageBoxExA
CreateDialogIndirectParamW
GetScrollPos
IsCharLowerA
SetSysColors
SetClassLongW
SetMenuItemInfoW
GetMessageA
TranslateAcceleratorA
CreateWindowExW
PostQuitMessage
GetDlgItemTextW
DrawTextExW
SystemParametersInfoA
SetUserObjectInformationW
ClipCursor
ScrollWindowEx
SetForegroundWindow
IsDialogMessageW
GetClassInfoExW
GetKeyboardLayoutList
SetRectEmpty
PeekMessageW
DrawStateA
IsWindow
ShowCaret
CopyAcceleratorTableW
GetKeyState
GetClipCursor
GetClassInfoW
RegisterClassExA
DestroyCaret
CreateDialogParamW
SetScrollInfo
DefDlgProcA
GetWindowDC
EndPaint
FindWindowA
DrawAnimatedRects
SendMessageA
SetWindowLongW
PostThreadMessageA
RegisterWindowMessageW
GetMenuItemRect
DrawTextA
LoadImageW
ChildWindowFromPoint
GetMessagePos
GetMenuItemCount
SetCaretPos
IsCharAlphaNumericW
GetMenuStringA
DialogBoxIndirectParamA
InSendMessage
PtInRect
SetRect
InvertRect
KillTimer
LookupIconIdFromDirectory
ShowCursor
IsIconic
MapVirtualKeyExW
GetScrollRange
SetFocus
SetPropW
SetScrollRange
MapVirtualKeyW
MessageBoxExW
WindowFromPoint
LoadBitmapA
CharToOemA
LoadMenuA
GetDoubleClickTime
LoadImageA
BeginPaint
EnumThreadWindows
DialogBoxParamA
CallWindowProcW
CreateMenu
GetFocus
GetDCEx
GetDlgItem
LoadStringA
CreateWindowExA
InSendMessageEx
ShowWindow

gdi32

CreateICW
GetTextMetricsA
SetDIBitsToDevice
DeleteDC
RectInRegion
GetLayout
SaveDC
AddFontResourceW
SetTextColor
Escape
RoundRect
GetMapMode
SetDIBColorTable
CreateRectRgn
CreatePenIndirect
GetTextFaceW
EnumFontFamiliesW
CreateCompatibleDC
ScaleWindowExtEx
GetNearestPaletteIndex
StretchBlt
WidenPath
BitBlt
SetPaletteEntries
SetBrushOrgEx
LineDDA
GetBkMode
GetViewportOrgEx
SetDIBits
BeginPath
CreateSolidBrush
SetROP2
GetDIBits
IntersectClipRect
GetTextExtentPointA
LineTo
SetBitmapDimensionEx
RemoveFontResourceW
EnumFontFamiliesExW
GetPaletteEntries
CreateFontIndirectW
GetDIBColorTable
GetRgnBox
TextOutA

comdlg32

GetSaveFileNameW
ReplaceTextW
GetOpenFileNameW
ChooseFontW
GetSaveFileNameA

kernel32

FileTimeToLocalFileTime
FindFirstFileA
CreateEventW
GetShortPathNameA
CompareStringW
WaitCommEvent
FindResourceExA
GetOverlappedResult
LeaveCriticalSection
FindResourceA
GetBinaryTypeW
SetLastError
GlobalSize
GetCommModemStatus
GetWindowsDirectoryA
SetEvent
FreeLibrary
DefineDosDeviceW
MapViewOfFile
GetFullPathNameA
LoadResource
SleepEx
DeleteFileA
GetFileTime
SystemTimeToFileTime
SetPriorityClass
GetModuleHandleW
EscapeCommFunction
SetHandleCount
FindFirstFileW
CreateWaitableTimerW
SetThreadPriority
GetCompressedFileSizeW
TlsSetValue
CloseHandle
VerifyVersionInfoW
InitializeCriticalSection
TlsGetValue
CopyFileA
CreateFileMappingW
SetErrorMode
GlobalFlags
LCMapStringA
SetFilePointer
TlsFree
LoadLibraryExA
GetLocaleInfoW
GetNumberFormatW
lstrcmpiW
ResetEvent

comctl32

ImageList_Write
ImageList_Draw
ImageList_LoadImageW
ImageList_GetIcon
InitCommonControlsEx
CreatePropertySheetPageW

msvcrt

strspn
iswxdigit
setvbuf
_controlfp
__set_app_type
__p__fmode
wcstod
clock
strrchr
towupper
__p__commode
fflush
_amsg_exit
fputc
isxdigit
setlocale
sprintf
_initterm
isupper
fread
_acmdln
calloc
exit
_ismbblead
wcslen
isdigit
wcstoul
bsearch
_XcptFilter
_exit
strchr
wcscat
fprintf
atol
isalnum
atoi
_cexit
__setusermatherr
__getmainargs
gets
wcstombs
fwrite
realloc
iswprint
swscanf
wcspbrk

Exports

Exports

?HideVersionW@@YGPAMPAGPAJ@Z
?AddRectA@@YGJPAIPAKM@Z
?PutWidthA@@YGPAIN@Z
?SetKeyNameNew@@YGGPAINMD@Z
?IncrementMutexExW@@YGXEE@Z
?EnumFolderW@@YGIPAD@Z
?FreeTimerExA@@YGHEPA_NHJ@Z
?InvalidateProcessOriginal@@YGXF@Z
?SendProcessOld@@YGXHPA_N@Z
?FindPenA@@YGPAIK@Z
?CloseTextExW@@YGPAXPAEPAGFPAH@Z
?RtlWindowA@@YGMPAHD@Z
?InsertSystemOriginal@@YGHPANPAGJ@Z
?KillScreenExW@@YGPADMNE@Z
?LoadEventOriginal@@YGGPAGGF@Z
?HideDirectoryExW@@YGHHEPAKPAI@Z
?GlobalDirectoryA@@YGXIE@Z
?IsNotFilePathNew@@YGENPAIFI@Z
?CrtTextOriginal@@YGNJ_N@Z
?RemoveProcessExW@@YGPAKKGFE@Z
?SendPenExW@@YG_NGNI_N@Z
?CallHeaderA@@YGDHDMJ@Z
?HideDeviceOld@@YGPAMJK@Z
?AddOptionOld@@YGPAJDEPAHJ@Z
?RemoveVersionExA@@YG_NFEI@Z
?CopyListItemExA@@YGPADPAJPAMM@Z
?IsNotDialogEx@@YGPAMEPAHPAE@Z
?OnStateOriginal@@YGXPAH@Z
?CopyTimeExW@@YGX_NH_NPAE@Z
?DeleteProjectW@@YGPAJKPAHF@Z
?IsNotProfileOld@@YGIE@Z
?ModifyMutantOld@@YGJK@Z
?DecrementExpressionNew@@YGMDJ@Z
?PutWindowInfoW@@YGPAXPAEPAKM@Z
?InvalidateSize@@YGEPAH@Z
?ModifyHeightExW@@YGXHPAJIPAI@Z
?PutPointerExW@@YGHMPAK@Z

Sections

.text
Size: 184KB - Virtual size: 183KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.tbl_i
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tbl_e
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bdat3
Size: 512B - Virtual size: 32B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bdat0
Size: 512B - Virtual size: 32B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bdat1
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bdat2
Size: 512B - Virtual size: 44B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.vptr4
Size: 512B - Virtual size: 32B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 1024B - Virtual size: 961B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

6d19dd9c047f7f7576b740a7a643413a

Headers

File Characteristics

PDB Paths

Imports

user32

gdi32

comdlg32

kernel32

comctl32

msvcrt

Exports

Exports

Sections

.text Size: 184KB - Virtual size: 183KB

.tbl_i Size: 1KB - Virtual size: 1KB

.tbl_e Size: 1KB - Virtual size: 1KB

.bdat3 Size: 512B - Virtual size: 32B

.bdat0 Size: 512B - Virtual size: 32B

.bdat1 Size: 5KB - Virtual size: 5KB

.bdat2 Size: 512B - Virtual size: 44B

.vptr4 Size: 512B - Virtual size: 32B

.data Size: 13KB - Virtual size: 13KB

.rdata Size: 1024B - Virtual size: 961B

.rsrc Size: 512B - Virtual size: 16B

.reloc Size: 2KB - Virtual size: 1KB

.text
Size: 184KB - Virtual size: 183KB

.tbl_i
Size: 1KB - Virtual size: 1KB

.tbl_e
Size: 1KB - Virtual size: 1KB

.bdat3
Size: 512B - Virtual size: 32B

.bdat0
Size: 512B - Virtual size: 32B

.bdat1
Size: 5KB - Virtual size: 5KB

.bdat2
Size: 512B - Virtual size: 44B

.vptr4
Size: 512B - Virtual size: 32B

.data
Size: 13KB - Virtual size: 13KB

.rdata
Size: 1024B - Virtual size: 961B

.rsrc
Size: 512B - Virtual size: 16B

.reloc
Size: 2KB - Virtual size: 1KB