2d22ec0b6a8b61041c0c8750d261bc5d_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

2d22ec0b6a8b61041c0c8750d261bc5d_JaffaCakes118
Size

133KB
MD5

2d22ec0b6a8b61041c0c8750d261bc5d
SHA1

4e11105f86ea9d050fa3f31fab63af66cae270f5
SHA256

2ae5c4b6eb9828029c36b7bd2dcab6f0ae297e8a6b52e4566a39426a2c1dc1f8
SHA512

cf56845756ac5ac085b9c5fbbdada305ae5b9a273ba653d1cd40fad4a56c7c6d72ad27a793f27c3f2f989eb681d118c327fa9821007c9840eb5459fcb99dd170
SSDEEP

1536:UiVSRBBZVDp6QcTEkIkeAlcbiurfnqPdfCNVHfIvWy/ZQOxGrZl5mkZspLIUqxwK:LSNCTELkCbiiqkXHGWy/CtyIn95Vyr0

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2d22ec0b6a8b61041c0c8750d261bc5d_JaffaCakes118

Files

2d22ec0b6a8b61041c0c8750d261bc5d_JaffaCakes118
.exe windows:5 windows x86 arch:x86

9bf348377cdff0a984b1fe23b6b54c26

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

J:\djaceJhwhfrqe\Sxdrasaux\DitMgijx\JjjpurtgCyeax\UVwwnarYZgzuR.pdb

Imports

comdlg32

GetOpenFileNameA
ChooseFontW
FindTextW
PageSetupDlgW
PrintDlgW
GetSaveFileNameW

msvcrt

fgetc
wcstoul
realloc
iswctype
isxdigit
_controlfp
getenv
atoi
fputs
iswprint
__set_app_type
__p__fmode
__p__commode
iswdigit
qsort
strchr
_amsg_exit
strtok
_initterm
_acmdln
setlocale
exit
putchar
strncmp
_ismbblead
gets
srand
wcscoll
isupper
strpbrk
wcschr
fseek
_XcptFilter
_exit
isalnum
swscanf
wcstombs
fprintf
_cexit
isprint
remove
wcsrchr
free
puts
tolower
__setusermatherr
wcscspn
__getmainargs
wcslen

kernel32

OpenSemaphoreW
LCMapStringA
OpenEventW
ConvertDefaultLocale
GlobalReAlloc
SetMailslotInfo
GetFileAttributesW
SetCommMask
GetStdHandle
ClearCommError
CreateWaitableTimerA
MoveFileW
GetStringTypeExW
GlobalCompact
LoadLibraryA
GetFileAttributesExW
HeapLock
GlobalSize
SetSystemTime
GetCommState
CreateEventW
CreateFileW
GetStartupInfoW
GetComputerNameA
CreateFileMappingW
RemoveDirectoryW
DisconnectNamedPipe
TlsFree
HeapSize
CompareStringW
ClearCommBreak
GetLocalTime
SizeofResource
GetExitCodeThread
lstrcmpiA
GetUserDefaultLCID
PulseEvent
FlushViewOfFile
FindResourceExW
CreateDirectoryA
RemoveDirectoryA
SetEvent
GetModuleHandleA
GlobalMemoryStatusEx
ConnectNamedPipe
SetFilePointer
SetUnhandledExceptionFilter
SetFileTime
GetUserDefaultUILanguage
MoveFileExW
GetDateFormatW
GetModuleFileNameA
WaitForMultipleObjects
FindNextChangeNotification
LocalAlloc
CreateMutexA
FindFirstFileA

user32

SetMenuItemInfoW
ShowCursor
IsIconic
TrackPopupMenuEx
CreateCursor
GetMenuItemID
GetWindowPlacement
DestroyCaret
SetMenuItemBitmaps
GetIconInfo
GetClassInfoA
PostMessageW
CallWindowProcW
GetParent
LoadAcceleratorsW
GetWindowDC
SetMenu
DefFrameProcW
GetCursorPos
IsChild
MessageBoxExW
InvertRect
CheckMenuItem
TranslateMessage
LockWindowUpdate
DrawIcon
InSendMessage
GetDC
TileWindows
LoadImageA
SetDlgItemTextW
LoadStringA
SendMessageTimeoutA
SendDlgItemMessageW
BringWindowToTop
SetScrollPos
CharPrevA
InflateRect
VkKeyScanW
IsCharAlphaW
GetScrollRange
ShowWindowAsync
GetDCEx
DefDlgProcW
CharNextExA
SystemParametersInfoW
LoadIconW
GetWindowTextLengthW
InternalGetWindowText
DialogBoxIndirectParamW
SetWindowPlacement
GetAsyncKeyState
LookupIconIdFromDirectory
IntersectRect
CharLowerW
GetDoubleClickTime
InsertMenuW
mouse_event
GetLastActivePopup
GetMenu
DrawIconEx
RegisterClassA
InvalidateRect
LoadIconA
CopyRect
InsertMenuItemW
DrawStateA
GetSystemMetrics
CreatePopupMenu
MapDialogRect
MapVirtualKeyExW
WindowFromPoint
SendMessageTimeoutW
GetWindowLongW
CharUpperBuffA
CreateIconFromResource
DialogBoxIndirectParamA
wvsprintfA
OpenInputDesktop
RegisterClassW
OpenIcon
EnumThreadWindows
DestroyAcceleratorTable
CharPrevW
FindWindowExA
AllowSetForegroundWindow
GetKeyboardLayoutNameW
GetTopWindow
GrayStringW
GetForegroundWindow
IsCharLowerA
wvsprintfW
SendMessageW
EndPaint
DrawStateW
ScreenToClient
MapVirtualKeyA
TabbedTextOutW
InSendMessageEx
UnionRect
CharToOemBuffA
OemToCharA
CharUpperA
LoadCursorA
SetWindowTextA
keybd_event
DestroyWindow
EnableMenuItem
GetUpdateRgn
CharNextA
GetSysColorBrush
wsprintfA
SetUserObjectInformationW
ScrollWindow
SetDlgItemInt
InvalidateRgn
SystemParametersInfoA
SetWindowLongA
DrawFocusRect
ValidateRect

shlwapi

StrChrIA

gdi32

Rectangle
GetDIBColorTable
GetRgnBox
SetTextAlign
SelectObject
CreateFontIndirectA
EndDoc
EnumFontFamiliesExW
MoveToEx
EndPage
CreateBitmap
SetAbortProc
GetSystemPaletteUse
SetViewportExtEx
SetWindowOrgEx
CreateDIBitmap
CreateCompatibleDC
DeleteDC
CreatePen
GetTextFaceW
ExtFloodFill
CreateRoundRectRgn
CreateDIBSection
SetMapMode
GetDIBits
SetDIBColorTable
BitBlt
SetStretchBltMode
FillRgn
ResizePalette
OffsetViewportOrgEx
SetWindowExtEx
PathToRegion
CreateEllipticRgnIndirect
DeleteObject
CreateFontW
TextOutW
Polygon
GetNearestColor
GetFontData
CreatePalette
DPtoLP
EndPath
CreateFontIndirectW
CreateHalftonePalette
GetDeviceCaps
CreateBrushIndirect
BeginPath
GetViewportOrgEx
ExtTextOutA

Exports

Exports

?FreeHeightW@@YGPAEMMPAEI]A
?IsThreadExA@@YGHF]A
?ValidateFolderPathA@@YGX_N_N]A
?PutStringW@@YGXKPADPADD]A
?SendFileExW@@YGPAFPAK]A
?AddHeightOriginal@@YGPA_NPAMHK]A
?IsValidVersionW@@YGPANF]A
?InvalidatePointNew@@YG_NPAFPA_NFG]A
?CallFolderExW@@YGFPAKDM]A
?HideRectNew@@YGPAHKEGK]A
?CrtProviderOld@@YGPAFF]A
?GlobalFolderPathW@@YGPAGE]A
?CloseMonitorNew@@YGPAXPAEJ]A
?ModifyCommandLineExW@@YGIPAH_NPAFD]A
?GlobalDataW@@YGEN]A
?IncrementComponentOld@@YGPAJPAK]A
?InsertStringExW@@YGXGPAK]A
?FindFolderPathA@@YGPAKPAMD]A
?DeleteDirectoryA@@YGHK]A
?RtlStateA@@YGPAEJH]A
?InsertNameOriginal@@YGPAXIPAK]A
?ModifyProfileOld@@YGFF]A
?RtlValueOriginal@@YGJE]A
?KillEventW@@YGEPADD_NI]A
?IncrementMonitorOld@@YGFGG_N]A
?RtlConfigW@@YGPAKPAK]A
?CrtObjectEx@@YGPAG_NKKN]A
?InvalidateWindowInfoEx@@YGHKPAEDI]A
?FreeValueW@@YGPA_NPAEKE]A
?CloseFileExA@@YGGIPA_N_N]A
?InvalidateEventExW@@YGMPADKPAJ]A
?SetValueNew@@YGPAJH]A
?DecrementMutantOriginal@@YGGHHH]A
?GlobalKeyName@@YGGINM]A
?RemoveDataExA@@YGJDGH]A
?KillProcessExW@@YGDJGE]A
?CrtProjectOriginal@@YGFJPADPAM]A
?InvalidateSystemW@@YGXHHD]A
?CopyEventExW@@YGPAJPAEF]A
?InsertComponent@@YGJPAFH]A
?KillScreenW@@YGXPAJJ]A
?DestinationSysCounterDnDHuuey@@YGKGHE@Z
?PutDirectoryOriginal@@YGXPAJPA_N]A
?CopyFolderEx@@YGFGHJ]A
?OnFileExA@@YGHDJI]A
?CrtWindowEx@@YGPADPAD]A
?ModifyDate@@YGDPAEJPAI]A
?GenerateListA@@YGFFMPAEPAM]A
?GetDateTime@@YGKDHEH]A
?IncrementMutexNew@@YGPAJPAJMPAJ_N]A
?DecrementSectionExA@@YGJINPAH]A
?CopyConfigOriginal@@YGXHDM]A
?RemoveEventOriginal@@YGXIG]A
?DecrementFileExA@@YGGPAM]A
?OnHeightExA@@YGDPAMM]A
?InsertAppNameExA@@YGXPAEKGD]A
?CrtFullNameA@@YGHEPAK]A
?InstallRectExA@@YGPAXPAIDHJ]A
?AddWindow@@YGPAHK]A
?OnMonitorOld@@YGPAM_NGN]A
?InstallAnchorA@@YGPANMD]A
?ValidateKeyNameOld@@YGPAGKPAN]A
?AddSizeOriginal@@YGPADPAD]A
?RemoveFolderOriginal@@YGMPAEMDF]A
?GenerateMutantEx@@YGXKPAE]A
?KillRectW@@YGPAKJFPAJ]A
?CloseObjectOriginal@@YGXG]A
?IsValidSizeOriginal@@YGFJFPAJG]A
?InstallVersionA@@YGJMPAGG_N]A
?KillSizeOriginal@@YGPAJPAED_N]A
?CancelKeyboardEx@@YGX_N]A
?EnumMemoryNew@@YG_NDM]A
?GenerateListExW@@YGGMPA_N]A
?ShowPenExA@@YGEDPAKGPAF]A
?KillScreenOriginal@@YGPAHEKJD]A
?IncrementProviderA@@YGIGPAFPAII]A
?GenerateMemoryOld@@YGPAKIEPAJE]A
?InsertFileNew@@YGGPAEF]A
?FormatTaskExW@@YGEF]A
?GlobalListA@@YGNNKN]A
?CallExpressionW@@YGHE]A
?IsValidConfigExA@@YGIPAGEPAH]A
?InstallCharExW@@YGJK]A
?PutObjectOld@@YG_NFNPAD]A
?FindKeyboardW@@YGPAMHMPAH]A
?AddAppNameNew@@YGHJG]A
?DecrementFunctionW@@YGMJG]A
?InstallComponentOld@@YGPAEGPAHK]A
?SendConfigOld@@YGFEGPAIPA_N]A
?ModifyFolderPathOriginal@@YGDPAFG]A
?ValidateModuleEx@@YGGHHPADG]A
?FindMutexNew@@YGJJMPAG]A
?GlobalDateNew@@YGG_N]A
?GetArgumentOriginal@@YGPAEPAEPANKG]A
?InvalidateClassA@@YGFHMI]A
?GenerateFolderPath@@YGEN]A
?GetDialogNew@@YG_NF]A
?CallComponentA@@YGPAHFF]A
?CancelMemory@@YG_NF]A
?CallTextA@@YGMFPANIE]A
?DecrementFullNameOld@@YGPAFFDGJ]A
?GenerateKeyNameExA@@YGMEDPAMI]A
?DecrementAppNameExA@@YGKHPA_NPAGE]A
?DecrementMutantW@@YGPA_NKGPAN]A
?InsertVersionEx@@YGPAJHMK]A
?GlobalTextW@@YGPAKIIG]A
?WindowOriginal@@YGPAXPAI]A
?EnumConfigNew@@YGMPAKPAK]A
?RtlCommandLineW@@YGEKPAGPAK]A
?CancelMonitorExW@@YGPAEI]A
?GetEvent@@YGJDI]A
?LoadProcessExA@@YGXPAMFPAH]A
?FindScreenExA@@YGPAXMDPAGJ]A
?LoadWindowInfoEx@@YGPAHENIE]A
?RtlWindowInfo@@YGPAGPAM]A
?PutMutantEx@@YGHH]A
?LoadMemoryOriginal@@YGEJIPAG]A
?FindSystemNew@@YGXK]A
?InsertDialogOriginal@@YGPAMF]A
?CrtPenOriginal@@YGPAENPAJPAG]A
?KillTimer@@YGPAXIPAHDI]A
?CrtMonitorW@@YGHNPAGPAK]A
?AddFilePathA@@YGXJE]A
?OnHeaderOld@@YGFFN]A
?ValidateConfig@@YGPAJJ]A
?FreeHeightExA@@YGJDPAF]A
?InvalidateRectExA@@YGPA_NMPAK]A
?PointOriginal@@YGPAFN]A
?AddTaskExA@@YGXPAIPAMPAI]A
?CrtSystemExW@@YGGJPAJ]A
?RtlScreen@@YGHPAJPAFMM]A
?EnumAppNameOld@@YGXME]A
?OnStateNew@@YGXPAGPAH_N]A
?RtlHeaderA@@YGIKPAK]A
?ShowDeviceOriginal@@YGPAKPAGN]A
?InvalidateProviderEx@@YGKPAJD]A
?IncrementTimerEx@@YGEGPAJ]A
?CallWidthExW@@YGEMPAG]A
?IsValidProfileExA@@YGEPAGPADFPAM]A
?CallTask@@YGXDPAEPAG]A
?VersionOld@@YGPAEDPAF]A
?LoadFolderExW@@YGXKMM]A
?HideHeaderExW@@YGGFK]A
?RemoveFolderPathNew@@YGKEPAKPAEPAI]A
?FreePointerEx@@YGPAHG]A
?CancelWindowInfoEx@@YGIFPA_NJ]A
?OnPointW@@YGHDPAE]A
?ModifyProcess@@YGPA_N_NIPAM]A
?IsValidProjectA@@YGXPAHH]A
?InvalidateFolderExW@@YGJPAEPADHPAJ]A
?HideMutant@@YGDMJPAN]A
?IsConfigExA@@YGJG_N]A
?KillFilePathA@@YGIHF]A
?IsNotConfigOriginal@@YGNKKDPAJ]A
?CrtMediaTypeOld@@YGEMM]A
?SetFilePath@@YGPAKM]A
?DeleteThreadW@@YGNPAIH]A
?LoadDateOld@@YGPAHM]A
?ModifyProcessOld@@YGPAFE]A
?IsRect@@YGGPANPADPAF]A
?GlobalDirectoryOriginal@@YGPANGPAHJ]A
?RemoveFolderPath@@YGGPAF]A
?ShowFunction@@YGNMMMH]A
?NameExW@@YGPAXE]A
?AddOptionExW@@YGPAXPADPAMF]A
?AddHeight@@YGIPAE]A
?SendNameOld@@YGGMFPAED]A
?InstallListOriginal@@YGPAHPAJPAE]A
?EnumPenW@@YGMMF]A
?SendListItem@@YGDPAGPAE]A
?FreePathExA@@YGPAIJHPA_NH]A
?InvalidateKeyNameOriginal@@YGFHPAHFPAJ]A
?KillSystemExW@@YGMDF]A
?HideEventW@@YGXFG]A
?InstallNameW@@YGPAGPAJKM]A
?FreeWindowExW@@YGXI]A
?IsHeightExA@@YGHHPAF]A
?GetModuleEx@@YGK_N]A
?CloseProcessOld@@YGPAXPAHF_NK]A
?HideDeviceExW@@YGHMJ]A
?GetData@@YGEMJEF]A
?FreeWindowNew@@YGPAKEPAKPAG]A
?ModifyComponentA@@YGDPAKPAN]A
?FormatTaskA@@YGJPAJKPAKPAH]A
?IsValidMonitorW@@YGDHPAF]A
?CopyFilePathExW@@YGDKDNPAJ]A
?SetPointer@@YGPAXPAMI]A
?CrtPathEx@@YGGEEPAHPA_N]A
?CallSizeA@@YGMFN]A
?PutListNew@@YGPAXH]A
?CallConfigEx@@YGPAGG]A
?GenerateProjectOriginal@@YGPAEPAHDKPAM]A
?CrtDialogA@@YGKPA_NF]A
?IsValidHeightOld@@YGKPAM]A
?CopyProcess@@YGKNFIK]A
?CloseFolderPathExA@@YGFPAHJPAI]A
?GetCommandLine@@YGGJEPAJ]A
?RemoveMutantW@@YGHPAHNPADPAH]A
?MessageExA@@YGHKE]A
?CopyNameA@@YGHGF]A
?PutSizeExA@@YGPAMPAK]A
?CancelListItem@@YGPAHEPAM]A
?CallSemaphoreExW@@YGGEPA_NPAMG]A
?FormatMessageNew@@YGPA_NPAGIEG]A
?FreeTextA@@YGME]A
?FreeMutantOriginal@@YGGI]A
?ValidateArgumentExA@@YGHDIEPAK]A
?CopyCharOriginal@@YGKHF]A
?GenerateAnchorExW@@YGEIFPAI]A
?InvalidateMediaTypeW@@YGPAXDIE]A
?RemoveModuleOld@@YGDFPAE]A
?GenerateTaskNew@@YGPAHHMJPAF]A
?SendStateEx@@YGKND]A

Sections

.text
Size: 30KB - Virtual size: 30KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.zimp
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 3KB - Virtual size: 150KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 91KB - Virtual size: 90KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

9bf348377cdff0a984b1fe23b6b54c26

Headers

File Characteristics

PDB Paths

Imports

comdlg32

msvcrt

kernel32

user32

shlwapi

gdi32

Exports

Exports

Sections

.text Size: 30KB - Virtual size: 30KB

.zimp Size: 6KB - Virtual size: 5KB

.data Size: 3KB - Virtual size: 150KB

.rsrc Size: 91KB - Virtual size: 90KB

.reloc Size: 2KB - Virtual size: 1KB

.text
Size: 30KB - Virtual size: 30KB

.zimp
Size: 6KB - Virtual size: 5KB

.data
Size: 3KB - Virtual size: 150KB

.rsrc
Size: 91KB - Virtual size: 90KB

.reloc
Size: 2KB - Virtual size: 1KB