2fff8b999852c28eef05442d45868d72_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

2fff8b999852c28eef05442d45868d72_JaffaCakes118
Size

213KB
MD5

2fff8b999852c28eef05442d45868d72
SHA1

605f935438c6adde08b061bb18b9a05c4e231a83
SHA256

e687c7c3089502f88b6fc2327fefe8636917d0121377b7f11b4bf5dd0fa3d2bb
SHA512

edeb3184b704dbe926d57244d2469ccbe2ec8b374379cb2d2f7f0bc9a0ecf28b8a1995e78b3aaf485498ba11ba72a44d49d20e32ccb8e5ba4d96f18e29cb8d89
SSDEEP

3072:2M6RKdsgusM3RHPTwuHWS7oabqunRav+j/zf3s9L6ZNq8Fjvn7gpmTEemLs:L6RKdlsRTwu97om/NKQBYbg

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2fff8b999852c28eef05442d45868d72_JaffaCakes118

Files

2fff8b999852c28eef05442d45868d72_JaffaCakes118
.exe windows:5 windows x86 arch:x86

b61abdd665e3a2044874b56df7974858

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

P:\gDBOqfAgjF\euolxgRGxmSjph\LkbPmvx\pzwjyfux.pdb

Imports

msvcrt

ungetc
_controlfp
__set_app_type
sscanf
rand
strrchr
strchr
__p__fmode
isdigit
getc
__p__commode
_amsg_exit
_initterm
isupper
_acmdln
exit
fread
_ismbblead
strcoll
atoi
_XcptFilter
iswdigit
vsprintf
fgetc
gets
strtoul
_exit
printf
wcstok
_cexit
srand
isspace
fputc
__setusermatherr
__getmainargs
fclose
tolower
fputs

comctl32

DestroyPropertySheetPage
ImageList_Create
CreateStatusWindowW
ImageList_Destroy
CreatePropertySheetPageA

kernel32

Sleep
lstrlenA
SearchPathA
CancelWaitableTimer
WaitForSingleObject
GetAtomNameA
MoveFileExA
CallNamedPipeW
HeapFree
GlobalMemoryStatusEx
VerSetConditionMask
LoadResource
GlobalHandle
GetComputerNameExA
GetSystemDefaultUILanguage
SetEndOfFile
LCMapStringA
GetTickCount
GetSystemWindowsDirectoryA
DeleteFileA
GetSystemTime
FindCloseChangeNotification
CopyFileA
OpenFileMappingW
CreateSemaphoreA
MultiByteToWideChar
MoveFileExW
GetCommConfig
RemoveDirectoryA
lstrcpyW
IsBadStringPtrW
BuildCommDCBAndTimeoutsW
SetMailslotInfo
IsBadReadPtr
LocalUnlock
MapViewOfFile
GetComputerNameW
LoadLibraryExW
GetDateFormatA
FindFirstChangeNotificationW
ReleaseMutex

gdi32

GetSystemPaletteEntries
SetDIBits
GetROP2
CreateCompatibleDC
GetCharWidth32W
SetTextAlign
GetDIBColorTable
ExtTextOutA
ResizePalette
SetRectRgn
DPtoLP
DeleteDC
CreateSolidBrush
SelectPalette
CreateEllipticRgnIndirect
EndPath
EnumFontFamiliesW
SetViewportOrgEx
CreateRoundRectRgn
CreateDIBitmap
GetTextExtentPointW
SetTextColor
CreatePolygonRgn
SetBitmapBits
GetDeviceCaps
GetWindowOrgEx
GetBitmapBits
CreateBitmapIndirect
TextOutW
GetObjectA
SetLayout
Escape
GetNearestPaletteIndex
SetBkColor
GetTextMetricsW

user32

CharUpperW
RegisterClassW
GetClassInfoExW
SetCursor
RegisterClassA
PostThreadMessageA
SetPropW
TileWindows
SetRectEmpty
DestroyIcon
OemToCharBuffA
ShowScrollBar
EnableScrollBar
MapVirtualKeyA
IsWindow
DrawTextExW
GetNextDlgTabItem
DefFrameProcA
FillRect
CheckMenuItem
PeekMessageA
IsCharAlphaW
DrawFocusRect
DestroyWindow
keybd_event
TrackPopupMenuEx
GetWindowPlacement
AdjustWindowRect
GetClassLongA
DrawTextW
RemovePropW
GetNextDlgGroupItem
CharNextW
KillTimer
InSendMessage
mouse_event
GetKeyState
GetDlgItemInt
CreateIconFromResource
CascadeWindows
TranslateAcceleratorA
WindowFromPoint
VkKeyScanW
GetScrollInfo
CreateCursor
IsZoomed
CallWindowProcW
LoadCursorA
CharPrevW
SetWindowPlacement
AdjustWindowRectEx
InsertMenuA
ExitWindowsEx
GetClassLongW
GetKeyNameTextW
HideCaret
LoadCursorW
DragObject
InSendMessageEx
GetWindowTextW
GetDlgItemTextW
GetClassNameW
ReleaseDC
CheckMenuRadioItem
CharUpperBuffW
SetScrollInfo
GetKeyboardLayout
GetMenuItemRect
CallWindowProcA
WaitForInputIdle
GetKeyboardType
GetFocus
CharLowerW
SendMessageA
CharNextExA
CreateDialogParamW
CharPrevA
DrawFrameControl
SwapMouseButton
DeleteMenu
GetCursorPos
CopyRect
SendDlgItemMessageA
wvsprintfW
SetMenuDefaultItem
GetMenu

comdlg32

PrintDlgExW
GetSaveFileNameW
FindTextW
PageSetupDlgW
GetFileTitleW

Exports

Exports

?WaitForMultipleObjectsIUIUDSiuld@@YGKEPA_WG@Z
?WaitForMultipleObjectsJUDiuDLIJU@@YGKEPA_WG@Z
?WaitForMultipleObjectsUYDyudkjh@@YGKEPA_WG@Z
?WaitForSingleObjectYDEyuhgDU6d@@YGKEPA_WG@Z

Sections

.text
Size: 74KB - Virtual size: 74KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 18KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 2KB - Virtual size: 66KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 115KB - Virtual size: 114KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b61abdd665e3a2044874b56df7974858

Headers

File Characteristics

PDB Paths

Imports

msvcrt

comctl32

kernel32

gdi32

user32

comdlg32

Exports

Exports

Sections

.text Size: 74KB - Virtual size: 74KB

.data Size: 18KB - Virtual size: 17KB

.rdata Size: 2KB - Virtual size: 66KB

.rsrc Size: 115KB - Virtual size: 114KB

.reloc Size: 2KB - Virtual size: 1KB

.text
Size: 74KB - Virtual size: 74KB

.data
Size: 18KB - Virtual size: 17KB

.rdata
Size: 2KB - Virtual size: 66KB

.rsrc
Size: 115KB - Virtual size: 114KB

.reloc
Size: 2KB - Virtual size: 1KB