32cadf2312fd4f52221bc9850dc49976_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

32cadf2312fd4f52221bc9850dc49976_JaffaCakes118
Size

148KB
MD5

32cadf2312fd4f52221bc9850dc49976
SHA1

b3f65521abd260bcf4fbd36246f47e14d45a6259
SHA256

7772f4773dabae424db801e7eff64b3b44353ca35d2171f8e145bf5e65261517
SHA512

71c52e19cdb28dad5ee7ea3d318519440920f025968b1ff775f2af1fc598ef388bbb2e601acb775c7ed14907c738b70ea0f3bce8150b5ba8c626a3e81a9e5ab7
SSDEEP

3072:lFsuOungxL7tRPE3BHM8QhsoZeSY9SPxdlrDp8gXuEG4P:6r83BTQuoUYxdlp8QF

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
32cadf2312fd4f52221bc9850dc49976_JaffaCakes118

Files

32cadf2312fd4f52221bc9850dc49976_JaffaCakes118
.dll windows:5 windows x86 arch:x86

58db4418ee9cbfe3c6c82c71552567b9

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

T:\hOtlZRKKa\NliZwtwdSdqVNt\ioXrwoi\ouomQklpfkRlM.pdb

Imports

msvcrt

wcsrchr
sscanf
towlower
atol
strerror
remove
fprintf
_controlfp
ftell
__set_app_type
__p__fmode
__p__commode
wcschr
_amsg_exit
fwrite
wcsncpy
wcsncmp
mbstowcs
wcstoul
_initterm
fputc
isprint
fclose
_ismbblead
localtime
strchr
perror
isspace
strcpy
floor
swscanf
_XcptFilter
_exit
iswctype
_cexit
vsprintf
__setusermatherr
strncpy
wcsstr
isdigit
iswdigit
mktime
realloc
wcstod
__getmainargs
strstr
strpbrk

kernel32

OutputDebugStringA
ReleaseMutex
FindCloseChangeNotification
GetThreadLocale
GlobalFlags
GlobalGetAtomNameA
GetTempFileNameW
GetComputerNameExW
EnumResourceNamesA
OpenEventA
VirtualFree
EnumSystemLocalesA
GetProcAddress
lstrcpyW
UnlockFile
GlobalFindAtomW
lstrcatA
MoveFileExW
lstrcpynA
GetLastError
GetTempPathA
FindFirstFileW
LoadLibraryA
SetFileTime
GlobalHandle
CancelIo
CompareFileTime
EnumResourceTypesA
GetStringTypeExW
LocalSize
CreateFileW
GetSystemDirectoryA
lstrcmpiW
EnumResourceNamesW
GetSystemWindowsDirectoryA
GetCommProperties
SetPriorityClass
LCMapStringA
DisconnectNamedPipe
GetOEMCP
GlobalUnlock
GetLocalTime
LeaveCriticalSection
SetFileAttributesA
ReleaseSemaphore
UnhandledExceptionFilter
GetVersionExA
SetHandleInformation
GetUserDefaultLCID
FindNextFileA
LockResource
IsValidLocale

user32

LoadCursorW
DrawFocusRect
CreateMenu
GetUpdateRgn
DialogBoxParamW
SendDlgItemMessageW
CascadeWindows
GetMessageExtraInfo
ChangeMenuW
DestroyWindow
SetWindowTextW
ChildWindowFromPoint
CharToOemW
SetMenu
MessageBoxExW
GetNextDlgGroupItem
PostQuitMessage
PostMessageA
LoadMenuW
LoadIconA
BeginPaint
ShowCaret
DispatchMessageW
UpdateWindow
TranslateMessage
GetClipCursor
GetClassInfoExA
GetWindowPlacement
DestroyCaret
SendMessageA
CharLowerBuffW
DrawMenuBar
SetMenuDefaultItem
GrayStringW
ClipCursor
ModifyMenuW
GetIconInfo
DrawStateW
GetCursorPos
CharNextExA
SystemParametersInfoW
AppendMenuW
DrawIconEx
wsprintfW
GetMenuItemCount
CharUpperBuffW
GetKeyNameTextW
GetSystemMetrics
RegisterWindowMessageA
CreateDialogParamA
GetWindowLongA
DestroyMenu
IsWindowUnicode
GetKeyboardLayout
SetPropW
GetMessageW
InflateRect
LoadStringA
LookupIconIdFromDirectory
GetClassInfoExW
MessageBoxW
PeekMessageA
DialogBoxIndirectParamA
SetCursorPos
wsprintfA
MessageBoxExA
PostMessageW
LoadBitmapW
CreateCursor
GetCaretPos
LoadAcceleratorsA
CheckDlgButton
IntersectRect
BringWindowToTop
MapVirtualKeyA
ScreenToClient
GetFocus
SetWindowPlacement
DrawAnimatedRects
LoadStringW
DefWindowProcA
IsCharAlphaW
DefDlgProcW
CheckRadioButton
GetClassLongW
GetPropW
CharUpperA
OpenIcon
CallWindowProcA
InsertMenuItemW
GetTopWindow
IsDialogMessageW
SetMenuItemBitmaps
GetKeyState
CheckMenuItem
LoadAcceleratorsW
ReplyMessage
SetDlgItemInt
DrawStateA
SetActiveWindow
SwitchToThisWindow
DefFrameProcA
IsWindow
GetDlgItem
GetParent
FillRect
LoadIconW
GetWindowTextA
SetScrollInfo
LoadImageW
SendDlgItemMessageA
DialogBoxParamA
SetWindowRgn
GetMessageTime
RegisterClassW
RemoveMenu
IsWindowVisible

comctl32

CreateToolbarEx
PropertySheetA
ImageList_ReplaceIcon
ImageList_Remove
DestroyPropertySheetPage
InitCommonControlsEx

comdlg32

ChooseColorW
GetOpenFileNameW
FindTextW
ReplaceTextW
GetOpenFileNameA
GetSaveFileNameW

shlwapi

StrToIntW

Exports

Exports

H99:O
?RedirectOutput@@YGK_KHE:O

Sections

.text
Size: 20KB - Virtual size: 19KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.itab
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.etab
Size: 512B - Virtual size: 101B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.input
Size: 512B - Virtual size: 128B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 2KB - Virtual size: 167KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 117KB - Virtual size: 116KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

58db4418ee9cbfe3c6c82c71552567b9

Headers

File Characteristics

PDB Paths

Imports

msvcrt

kernel32

user32

comctl32

comdlg32

shlwapi

Exports

Exports

Sections

.text Size: 20KB - Virtual size: 19KB

.itab Size: 6KB - Virtual size: 5KB

.etab Size: 512B - Virtual size: 101B

.input Size: 512B - Virtual size: 128B

.data Size: 2KB - Virtual size: 167KB

.rsrc Size: 117KB - Virtual size: 116KB

.reloc Size: 1KB - Virtual size: 1KB

.text
Size: 20KB - Virtual size: 19KB

.itab
Size: 6KB - Virtual size: 5KB

.etab
Size: 512B - Virtual size: 101B

.input
Size: 512B - Virtual size: 128B

.data
Size: 2KB - Virtual size: 167KB

.rsrc
Size: 117KB - Virtual size: 116KB

.reloc
Size: 1KB - Virtual size: 1KB