2f667c92c1525487478a1e9dc1b2ae6a_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

2f667c92c1525487478a1e9dc1b2ae6a_JaffaCakes118
Size

219KB
MD5

2f667c92c1525487478a1e9dc1b2ae6a
SHA1

c891cac70273967003468e82401a072c3140d1a3
SHA256

ce43a47412fe0d0c4ec1e113b42389ce403178f82a8d43dc0ad5fe0841b290d0
SHA512

a2372520c96fa1dcfba8918193f0e96f8159ecbe89c51269990f721300f10654ebb145c677ecc84a1df8248a9e4637711be16fbf05025439c369f3dc26717683
SSDEEP

6144:GwdRTEUT9VL+lgRp2vcvrirgy4n0mTDKG047LndM:3RwUTXC84rgMMGiLnG

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2f667c92c1525487478a1e9dc1b2ae6a_JaffaCakes118

Files

2f667c92c1525487478a1e9dc1b2ae6a_JaffaCakes118
.exe windows:5 windows x86 arch:x86

1b06a680ee6b89342f9bf8cccd49ac41

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

O:\YkauepZl\cSoccyc\wheZXinfhEyPai\KzwtLavm.pdb

Imports

comctl32

ImageList_Create
PropertySheetW
ImageList_SetIconSize
ImageList_LoadImageW
CreatePropertySheetPageW
ImageList_Write

msvcrt

_controlfp
__set_app_type
putc
toupper
isalpha
setvbuf
__p__fmode
islower
fprintf
sscanf
wcspbrk
wcstok
strcspn
__p__commode
_amsg_exit
_initterm
mbtowc
qsort
localtime
iswspace
strcpy
isdigit
_ismbblead
wcsncpy
strchr
fwrite
strncmp
strerror
strtol
isxdigit
isalnum
ungetc
mbstowcs
realloc
iswdigit
clock
strrchr
_XcptFilter
puts
_exit
_cexit
bsearch
__setusermatherr
__getmainargs

gdi32

MoveToEx
EndDoc
EndPage
GetDIBits
SetDIBits
GetTextExtentPointW
SelectPalette
GetTextExtentPoint32A
CreateCompatibleDC
CombineRgn
CreateBitmapIndirect
CreateRectRgnIndirect
TextOutA
EnumFontFamiliesW
SetAbortProc
RectVisible
SetViewportExtEx
GetNearestPaletteIndex
SetBitmapBits
SetBrushOrgEx
PtInRegion
CreateBitmap
CreatePalette
TextOutW
GetCharWidth32W
SetBkColor
GetROP2
SetPixel
SelectObject
GetObjectA
GetTextColor
SetROP2
GetPaletteEntries
CreateDIBitmap
SetDIBitsToDevice
GetSystemPaletteEntries
SetMapMode
GetViewportOrgEx
ScaleViewportExtEx
SetViewportOrgEx
GetMapMode
RealizePalette
CreatePen
GetTextAlign

comdlg32

GetFileTitleW
GetOpenFileNameW
FindTextW
GetOpenFileNameA
GetSaveFileNameA

user32

GetDlgItemTextW
AllowSetForegroundWindow
DispatchMessageA
GetScrollRange
DestroyAcceleratorTable
SetDlgItemTextA
CharUpperA
SetRect
IsWindowUnicode
IsDialogMessageW
ShowCaret
SetActiveWindow
CheckDlgButton
PostMessageA
LoadImageA
BeginPaint
SetScrollPos
AdjustWindowRect
GetClassInfoExA
CharToOemBuffA
GetMessageExtraInfo
DialogBoxParamA
GetMenuItemID
GetClassNameW
GetParent
TrackPopupMenu
MapDialogRect
EnableScrollBar
wsprintfW
InternalGetWindowText
IsChild
BringWindowToTop
GetWindowTextW
GetFocus
GetMessageTime
PeekMessageA
RegisterWindowMessageW
TrackPopupMenuEx
ScrollWindowEx
GetMenuItemCount
SetMenuItemBitmaps
CharPrevW
LockWindowUpdate
IsWindowVisible
LoadStringA
GetKeyState
PostThreadMessageW
ChangeMenuW
SetWindowRgn
SetWindowTextW
SetTimer
LoadCursorA
CharLowerW
InsertMenuItemW
LoadAcceleratorsA
IsIconic
GetWindowDC
GetMenuState
CharLowerBuffW
ShowWindowAsync
GetClipCursor
GetSysColor
EndTask
FindWindowExA
GetCaretPos
UpdateWindow
KillTimer
GetMonitorInfoW
InflateRect
SetScrollInfo
GetUpdateRect
EnumChildWindows
RemoveMenu
GetClientRect
IsCharAlphaW
CreateCursor
GetKeyboardLayout
TranslateMessage
MonitorFromRect
DrawFrameControl
CreateDialogParamW
GetMenuItemRect
DialogBoxIndirectParamW
wsprintfA
UnloadKeyboardLayout
DrawEdge
MapWindowPoints
DialogBoxParamW
CharToOemA
GetKeyboardLayoutNameW
IsDialogMessageA
LoadImageW
MapVirtualKeyExW
SetCursorPos
CharUpperBuffA
LoadIconA
GetCursorPos
HideCaret
DeleteMenu
GetSystemMetrics
AppendMenuA
CallWindowProcA
CheckMenuItem
DialogBoxIndirectParamA
DefWindowProcA
SendDlgItemMessageW
CharNextW
CopyAcceleratorTableW
GetSysColorBrush

psapi

GetProcessImageFileNameW

kernel32

GetDateFormatW
AddAtomW
ReadFile
ClearCommBreak
RemoveDirectoryA
GlobalCompact
IsValidLocale
GetProcessHeap
PulseEvent
UnlockFile
DefineDosDeviceW
GetSystemDefaultUILanguage
SetFileAttributesA
GetWindowsDirectoryA
FindCloseChangeNotification
GetTimeFormatA
VirtualProtect
GetFullPathNameW
GetModuleHandleW
LoadResource
GlobalHandle
ResumeThread
HeapAlloc
GetHandleInformation
GetVersion
SetHandleCount
HeapWalk
GetModuleFileNameW
GetStartupInfoA
TryEnterCriticalSection
GetSystemInfo
FindNextFileW
GetTempPathA
GetFullPathNameA
FindResourceW
GetStdHandle
CreateFileMappingW
SetFilePointer
HeapFree
GlobalMemoryStatusEx
FlushViewOfFile
EnumResourceLanguagesA
IsBadReadPtr
GetThreadLocale
lstrcpyW
GetCommTimeouts
SetErrorMode
FreeResource
GlobalUnlock
GlobalAddAtomA
CreateDirectoryA
GetThreadContext
lstrcatW
GetSystemDirectoryA
GetOverlappedResult

Exports

Exports

?CallProviderW@@YGPAHHPAFPAJI]A
?DeleteCommandLineOriginal@@YGKH]A

Sections

.text
Size: 192KB - Virtual size: 192KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.packed
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

1b06a680ee6b89342f9bf8cccd49ac41

Headers

File Characteristics

PDB Paths

Imports

comctl32

msvcrt

gdi32

comdlg32

user32

psapi

kernel32

Exports

Exports

Sections

.text Size: 192KB - Virtual size: 192KB

.packed Size: 13KB - Virtual size: 13KB

.data Size: 9KB - Virtual size: 9KB

.rsrc Size: 512B - Virtual size: 16B

.reloc Size: 2KB - Virtual size: 2KB

.text
Size: 192KB - Virtual size: 192KB

.packed
Size: 13KB - Virtual size: 13KB

.data
Size: 9KB - Virtual size: 9KB

.rsrc
Size: 512B - Virtual size: 16B

.reloc
Size: 2KB - Virtual size: 2KB