305122a847cd62e2331d860ca40ff16e_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

305122a847cd62e2331d860ca40ff16e_JaffaCakes118
Size

241KB
MD5

305122a847cd62e2331d860ca40ff16e
SHA1

6bc1239edcdef063fd8ab7eba9ccd1d6954bd23e
SHA256

5597c4d9c780e3cc982ba4c6c23ec58f0710580bb0b73c0a96d4be004c4a546e
SHA512

53b0b2a4750b573b6a39fc53c9d24c0c44c43a414117b5a8f2a74ad1019a38af826768b6430e9b19b02eac0a2f918f52b508d74c904cfb8bb6ab48ddcfe57a7c
SSDEEP

6144:XehweupuARIMAUjGIE7Qt8sY0h6nxGIKAxaRV:XehvuPAKGIEUusY0ojrIV

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
305122a847cd62e2331d860ca40ff16e_JaffaCakes118

Files

305122a847cd62e2331d860ca40ff16e_JaffaCakes118
.exe windows:5 windows x86 arch:x86

179eda867a489cd0b60b7f111465bda6

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

H:\ruefhIqT\hZgjxjyQ\kalgqLh\lSKzbjbs.pdb

Imports

user32

GetClipCursor
MessageBoxA
GetDlgItemTextA
keybd_event
SendNotifyMessageW
GetMenuItemRect
SendMessageW
RedrawWindow
GetLastActivePopup
DialogBoxIndirectParamA
OpenIcon
ClipCursor
mouse_event
AppendMenuA
IsCharAlphaNumericW
SetForegroundWindow
FrameRect
EnableScrollBar
DrawTextW
MapWindowPoints
GetWindowPlacement
wvsprintfA
ShowCaret
SetCursor
DialogBoxIndirectParamW
GetScrollRange
SwitchToThisWindow
RegisterClassW
CallWindowProcA
RegisterWindowMessageA
DeferWindowPos
CreateIconIndirect
GetClassInfoW
CreateMenu
wvsprintfW
LoadMenuW
DestroyIcon
AllowSetForegroundWindow
GetClientRect
GetUpdateRect
CharPrevW
IsWindowUnicode
DestroyWindow

kernel32

CreateFileMappingA
IsBadWritePtr
LeaveCriticalSection
LoadLibraryW
WaitForSingleObject
CompareStringW
SearchPathA
lstrlenA
GetLocaleInfoA
ReleaseSemaphore
GetModuleHandleA
GlobalUnlock
FindClose
EnumResourceLanguagesA
ExitThread
GetSystemWindowsDirectoryW
GetSystemDirectoryW
FindNextChangeNotification
MapViewOfFile
CreateDirectoryA
LocalFree

shlwapi

StrCatBuffA
StrToIntExA

msvcrt

_controlfp
__set_app_type
__p__fmode
isxdigit
mktime
wcscmp
__p__commode
fgetc
towlower
_amsg_exit
_initterm
wcsrchr
swprintf
_acmdln
exit
isprint
_ismbblead
_XcptFilter
_exit
fseek
wcscspn
_cexit
wcspbrk
__setusermatherr
__getmainargs
ungetc

gdi32

Escape
SetBitmapBits
CreateBrushIndirect
SetBkMode
CreateFontA
GetLayout
SetDIBitsToDevice
ExcludeClipRect
GetDIBColorTable
CreateICW
RoundRect
ScaleWindowExtEx
SetDIBColorTable
AddFontResourceW
CombineRgn
ExtFloodFill
SelectObject
SetROP2

Exports

Exports

?AddConfigW@@YGJPAI~U
?ExecuteLoaderTrayXBwyGD@@YGKGHE@Z
?IncrementDirectoryW@@YGPAEEF~U
?AddPenExW@@YGDJ~U
?LoadFolderPathOld@@YGPAKKIPAE~U
?SendSizeA@@YGPAJMEPADE~U

Sections

.text
Size: 21KB - Virtual size: 20KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ticx
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.kip
Size: 512B - Virtual size: 492B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ticy
Size: 512B - Virtual size: 442B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.zdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.heap
Size: - Virtual size: 188KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 210KB - Virtual size: 209KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

179eda867a489cd0b60b7f111465bda6

Headers

File Characteristics

PDB Paths

Imports

user32

kernel32

shlwapi

msvcrt

gdi32

Exports

Exports

Sections

.text Size: 21KB - Virtual size: 20KB

.ticx Size: 2KB - Virtual size: 2KB

.kip Size: 512B - Virtual size: 492B

.ticy Size: 512B - Virtual size: 442B

.zdata Size: 1KB - Virtual size: 1KB

.data Size: 2KB - Virtual size: 2KB

.heap Size: - Virtual size: 188KB

.rsrc Size: 210KB - Virtual size: 209KB

.reloc Size: 1KB - Virtual size: 1KB

.text
Size: 21KB - Virtual size: 20KB

.ticx
Size: 2KB - Virtual size: 2KB

.kip
Size: 512B - Virtual size: 492B

.ticy
Size: 512B - Virtual size: 442B

.zdata
Size: 1KB - Virtual size: 1KB

.data
Size: 2KB - Virtual size: 2KB

.heap
Size: - Virtual size: 188KB

.rsrc
Size: 210KB - Virtual size: 209KB

.reloc
Size: 1KB - Virtual size: 1KB