306f5f680bc2197010413ad9bed84d55_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

306f5f680bc2197010413ad9bed84d55_JaffaCakes118
Size

222KB
MD5

306f5f680bc2197010413ad9bed84d55
SHA1

d24ab4090d18bbfc0efd03af7c67c061c1fec616
SHA256

d707e73c093b5161c6ba69d42f750a37380820b9fd9191d093fa0b215dabee7e
SHA512

10ba8d83a092167a94c62cdb61667270cf0dce6d75e64475ac4f483362ed6945be7818c88768c66beb122d99730c6a1d0ef1352e37c77b20a3abf473bda87a52
SSDEEP

6144:6x7Dx9wdrzF98djtCQNZVNt124T7Ajkq4Obsyrd+TGd:6xDx0zFgw+VNacWbbsx

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
306f5f680bc2197010413ad9bed84d55_JaffaCakes118

Files

306f5f680bc2197010413ad9bed84d55_JaffaCakes118
.exe windows:5 windows x86 arch:x86

700931c139b8a82490a66d8b7e0c8518

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

F:\fsUWhtqvcz\dNjdvOdvLqvj\IePmOfpAkRz\brbfzppov\qhcpogMedKccsj.pdb

Imports

comctl32

ImageList_AddMasked
InitCommonControlsEx
ImageList_Read
CreateToolbarEx
ImageList_Destroy
ImageList_Remove

msvcrt

wcscpy
_controlfp
__set_app_type
__p__fmode
gets
fclose
__p__commode
strpbrk
atoi
_amsg_exit
qsort
wcschr
islower
getenv
strrchr
wcscspn
printf
wcspbrk
wcstok
free
wcstol
_initterm
malloc
strncmp
_acmdln
exit
_ismbblead
iswspace
_XcptFilter
_exit
fgetc
strcspn
iswprint
remove
strspn
_cexit
perror
iswalpha
putc
fflush
wcscat
setlocale
strcoll
__setusermatherr
__getmainargs
iswctype

user32

VkKeyScanW
EnumWindows
UnloadKeyboardLayout
GetDlgItemInt
IsWindowEnabled
CharToOemW
BeginDeferWindowPos
IsDialogMessageA
GetScrollInfo
CharNextW
TrackPopupMenu
DialogBoxIndirectParamA
MapVirtualKeyExW
GetWindowPlacement
HideCaret
CharUpperA
SystemParametersInfoW
SetWindowLongA
IsMenu
LookupIconIdFromDirectory
GetUpdateRect
RegisterClassExA
IsDialogMessageW
RemovePropW
LoadIconW
IsCharLowerA
ClientToScreen
GetDC
GetWindowLongA
ShowWindowAsync
CreatePopupMenu
GetParent
CharUpperBuffA
SendMessageTimeoutA
PostQuitMessage
IsZoomed
SetClassLongW
SetMenuItemInfoW
DefDlgProcA
GetNextDlgGroupItem
GetDlgItem
ReplyMessage
ValidateRect
GetWindowTextLengthW
CharPrevW
InSendMessageEx
SetMenuDefaultItem
LockWindowUpdate
IsCharUpperA
CreateDialogParamW
DrawStateA
GetMessageTime
GetWindowLongW
DestroyWindow
ExitWindowsEx
GetMonitorInfoW
OffsetRect
SetWindowLongW
DrawTextExW
IsCharAlphaNumericW
ChildWindowFromPointEx
DefWindowProcW
GetClassLongA
ShowWindow
OpenInputDesktop
GetMenuCheckMarkDimensions
UpdateWindow
TranslateMessage
GetKeyboardType
EnableScrollBar
GetMessageW
DispatchMessageW
SetMenuItemBitmaps
DragObject
ShowOwnedPopups
ScrollWindow
TranslateAcceleratorA
DestroyCaret
CreateAcceleratorTableW
IsChild
GetMessageExtraInfo
PeekMessageA
InternalGetWindowText
IsWindow
GetMessageA
DrawStateW
FindWindowExA
LoadAcceleratorsA
wsprintfA
IntersectRect
IsWindowVisible
SetScrollInfo
FindWindowW
DefFrameProcW
AdjustWindowRectEx
LoadStringW
InSendMessage
GetAsyncKeyState
GetMenuStringA
ShowCaret
GetKeyState
mouse_event
SwitchToThisWindow
GetUserObjectInformationA
MessageBoxExW
SetCaretPos
SetDlgItemInt
InvalidateRect

kernel32

GetProcAddress
GlobalDeleteAtom
SetMailslotInfo
UnhandledExceptionFilter
GetHandleInformation
SetSystemTime
EnumResourceLanguagesA
GetLastError
GetFileSize
WriteConsoleInputW
SetFileAttributesA
FormatMessageA
EnumResourceNamesW
LoadLibraryA
TlsSetValue
GetCurrentDirectoryW
lstrcatW
GetDateFormatA
SetCurrentDirectoryA
FindFirstFileA
WideCharToMultiByte
GetCurrentProcess
SetFileTime
GetFileAttributesExW
CreatePipe
GetTempPathA
GetTempPathW
HeapCreate
lstrcmpiW
MoveFileW
GetFileAttributesA
GetACP
CloseHandle
IsBadStringPtrW
GetModuleHandleA
EnterCriticalSection
FindNextFileA
SetCommState
QueryPerformanceCounter
GetStdHandle
GetTimeFormatW
GetModuleFileNameW
VerifyVersionInfoW
lstrcpynW
GetCurrentProcessId
SetThreadLocale
HeapSize
GlobalFlags
GetLongPathNameW
SetThreadExecutionState
lstrcmpW
GetThreadTimes
EscapeCommFunction
OpenFileMappingA
GetTimeFormatA

gdi32

Ellipse
ExtFloodFill
CreateFontIndirectW
CreatePenIndirect
BeginPath
EndDoc
SetDIBits
EnumFontFamiliesExW
SetTextColor
Rectangle
GetDIBColorTable
CreateHatchBrush
OffsetViewportOrgEx
ExtTextOutW
CombineRgn
EndPath
GetCurrentObject
SetBitmapBits
SetBkColor
SetWindowExtEx
PatBlt
StartPage
GetBkMode
GetTextCharsetInfo
CreateCompatibleDC
ResizePalette
GetNearestColor
CreateDIBSection
Escape
Polyline
CreateHalftonePalette
GetDeviceCaps
ExcludeClipRect
GetTextExtentPointA
StretchDIBits
CreateRectRgnIndirect
SetROP2
RectVisible
CreateFontW
GetViewportOrgEx
LineDDA
CreateSolidBrush
SetPixel
DPtoLP

Exports

Exports

?WindowOriginal@@YGHFH~U
?EnumWidthOriginal@@YGHK_NH~U
?FindProfileExA@@YGPAEPAGPAJ~U
?OnKeyNameEx@@YGIPAJPAKG~U
?InsertDataA@@YGPAXK~U
?CrtCharNew@@YGXEPADPAHPAH~U
?InstallSectionOld@@YGDKPAF~U
?RemoveHeightA@@YGXPANIPAI~U
?HideListItemA@@YGPAGPAII~U
?DeleteStringW@@YGPA_N_N~U
?GenerateOption@@YGXIMPADK~U
?ProcessOriginal@@YGIDIJ~U
?HideMemoryA@@YGFJPAE_N~U
?OnVersionW@@YGHHPAIM~U
?RemoveModuleW@@YGED~U
?ShowProcessOriginal@@YGJPAN~U
?CallEventEx@@YGXEIIE~U
?ModifyHeaderA@@YGPAII_N~U
?FormatListItemOriginal@@YGXGGHH~U
?ValidateFileExA@@YGXFPAJGPA_N~U
?SetPenNew@@YGNEGPAK~U
?LoadFolderPathExW@@YGGNIPADPAH~U
?CloseFileOld@@YGMEN~U
?FormatObjectOld@@YGDFEPAEJ~U
?CommandLineOld@@YGHFPADHK~U
?RemoveMessageNew@@YGPAKPAE~U
?InsertMutant@@YGXPAIDGF~U
?FindSizeA@@YGPAFEJ~U
?InvalidateAppNameOriginal@@YGFKJJ~U
?SetOptionExA@@YGXK~U
?ShowFullNameW@@YGPAXEFGPAJ~U
?DecrementDeviceEx@@YGEH~U
?LoadMutexOriginal@@YGIHPAF~U
?AddProcessW@@YGPAFPAEKDPAN~U
?IsNotWindowNew@@YGFI~U

Sections

.text
Size: 193KB - Virtual size: 193KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.tbl_i
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tbl_e
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bdat3
Size: 512B - Virtual size: 32B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bdat0
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bdat1
Size: 512B - Virtual size: 32B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bdat2
Size: 512B - Virtual size: 44B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.vptr4
Size: 512B - Virtual size: 32B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 1024B - Virtual size: 774B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

700931c139b8a82490a66d8b7e0c8518

Headers

File Characteristics

PDB Paths

Imports

comctl32

msvcrt

user32

kernel32

gdi32

Exports

Exports

Sections

.text Size: 193KB - Virtual size: 193KB

.tbl_i Size: 1KB - Virtual size: 1KB

.tbl_e Size: 1KB - Virtual size: 1KB

.bdat3 Size: 512B - Virtual size: 32B

.bdat0 Size: 5KB - Virtual size: 5KB

.bdat1 Size: 512B - Virtual size: 32B

.bdat2 Size: 512B - Virtual size: 44B

.vptr4 Size: 512B - Virtual size: 32B

.data Size: 13KB - Virtual size: 13KB

.rdata Size: 1024B - Virtual size: 774B

.rsrc Size: 512B - Virtual size: 16B

.reloc Size: 2KB - Virtual size: 2KB

.text
Size: 193KB - Virtual size: 193KB

.tbl_i
Size: 1KB - Virtual size: 1KB

.tbl_e
Size: 1KB - Virtual size: 1KB

.bdat3
Size: 512B - Virtual size: 32B

.bdat0
Size: 5KB - Virtual size: 5KB

.bdat1
Size: 512B - Virtual size: 32B

.bdat2
Size: 512B - Virtual size: 44B

.vptr4
Size: 512B - Virtual size: 32B

.data
Size: 13KB - Virtual size: 13KB

.rdata
Size: 1024B - Virtual size: 774B

.rsrc
Size: 512B - Virtual size: 16B

.reloc
Size: 2KB - Virtual size: 2KB