34a269dc2e8d689e7d58b390851f8cb9_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

34a269dc2e8d689e7d58b390851f8cb9_JaffaCakes118
Size

216KB
MD5

34a269dc2e8d689e7d58b390851f8cb9
SHA1

bef18c180fb77b43b0abf7ca5d0df9a5f1b65988
SHA256

fd89cc2bcc220dbe210b9b3c8e20deee7b8a6743ddc8bfe51d6c66b68d5f0f6d
SHA512

004183bc1959ab0db76e74c3e03dc09e6ba2aa743e6a50b0b1d75f5821740cfad58560a41edc0a33bb916913007fbecc4bd46e47c593ffecb5c6ab81be708d99
SSDEEP

6144:GA9WbPumF1zSazKctqqWAMLXWmuE82RlvW:x9cPumFptKQpWAMLp82Rlv

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
34a269dc2e8d689e7d58b390851f8cb9_JaffaCakes118

Files

34a269dc2e8d689e7d58b390851f8cb9_JaffaCakes118
.exe windows:5 windows x86 arch:x86

33a4da0f8c2bd1ad098334435c3686c5

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

I:\zGrMokhcg\IXMhPOher\axueztywGv.pdb

Imports

comctl32

ImageList_Create
ImageList_GetIconSize
ImageList_Draw
ImageList_GetIcon
ImageList_SetIconSize

gdi32

LPtoDP
SetTextAlign
SetROP2
GetBitmapBits
IntersectClipRect
EnumFontFamiliesW
GetLayout
RestoreDC
SetWindowExtEx
GetWindowOrgEx
GetROP2
GetTextExtentPoint32W
CreatePen
CreateCompatibleBitmap
BitBlt
CreateSolidBrush
GetTextCharsetInfo
CreateBitmapIndirect
RoundRect
Escape
CreateRectRgn
GetPixel
Polygon
CreateDiscardableBitmap
DeleteObject
DeleteDC
StretchBlt
SetRectRgn
GetDIBits
GetRgnBox
LineDDA
SetPaletteEntries
GetTextExtentExPointW
DPtoLP
CreateICW

msvcrt

wcstombs
setlocale
strchr
strpbrk
strncpy
wcscat
fwrite
isxdigit
isspace
wcscoll
strcpy
ftell
_controlfp
fread
vswprintf
towupper
__set_app_type
__p__fmode
wcsstr
remove
__p__commode
_amsg_exit
iswdigit
_initterm
_acmdln
exit
_ismbblead
_XcptFilter
isupper
_exit
wcstod
_cexit
time
fputc
strcoll
wcsncmp
__setusermatherr
floor
__getmainargs
wcslen

kernel32

SetNamedPipeHandleState
lstrcmpA
RaiseException
MoveFileExW
WriteFile
LocalSize
FlushFileBuffers
SetThreadPriority
GetSystemWindowsDirectoryW
GetCommTimeouts
GetCurrentDirectoryW
GetUserDefaultUILanguage
GlobalCompact
IsBadWritePtr
LeaveCriticalSection
InitializeCriticalSection
DeleteFileW
DeleteFileA
SetThreadExecutionState
SetFilePointer
SetLastError
CreateWaitableTimerW
GetModuleHandleW
FindFirstChangeNotificationW
GetUserDefaultLangID
MultiByteToWideChar
RegisterWaitForSingleObject
GetFullPathNameA
MulDiv
GlobalAddAtomA
GetFullPathNameW
MoveFileA
SizeofResource
SetSystemTimeAdjustment
SetFileApisToOEM
IsDBCSLeadByteEx
GetCompressedFileSizeW
GetLocaleInfoW
LoadLibraryExW
ClearCommError
SetHandleInformation

user32

CopyImage
DeleteMenu
SwapMouseButton
InsertMenuItemW
ShowOwnedPopups
LoadMenuW
DefFrameProcA
LoadImageA
MapVirtualKeyW
CreateCursor
CharUpperBuffA
ArrangeIconicWindows
EnableMenuItem
SendMessageA
MonitorFromRect
CreateIconIndirect
AttachThreadInput
ChangeMenuW
SetWindowTextA
InvertRect
CharNextA
GetCursorPos
SetScrollInfo
EnumChildWindows
GetTopWindow
BringWindowToTop
BeginPaint
SendNotifyMessageW
DrawMenuBar
ScreenToClient
GetDCEx
IsCharAlphaNumericW
UnionRect
SetUserObjectInformationW
IsMenu
SendDlgItemMessageW
GetDesktopWindow
IsCharAlphaW
ChildWindowFromPointEx
ClipCursor
DrawAnimatedRects
ChildWindowFromPoint
GetActiveWindow
DestroyMenu
GetParent
GetForegroundWindow
DrawTextW
SendDlgItemMessageA
CopyRect
CharLowerBuffW
LoadAcceleratorsA
AppendMenuW
WaitForInputIdle
GetUserObjectInformationA
CharLowerA
GetWindowLongA
wvsprintfA
LoadBitmapA
GetMenuItemCount
IsWindowVisible
GetSubMenu
DrawEdge
CallWindowProcW
DrawFrameControl
DrawStateW
ShowWindow
WindowFromPoint
DrawStateA
SystemParametersInfoW
UnloadKeyboardLayout
DestroyWindow
MapDialogRect
LoadBitmapW
InsertMenuW
RegisterHotKey
InvalidateRect
GetKeyState
LoadCursorW
RemovePropW
SetCaretPos
OemToCharA
GetLastActivePopup
GetClassInfoExW
IsWindowUnicode
SendInput
DialogBoxParamA
OffsetRect
IsZoomed

Exports

Exports

?OnClassW@@YGFPAMPAFPAE&U
?OnValueNew@@YGMPAEJD&U
?SetMessage@@YGIKPAEPAGH&U
?FindTimerExA@@YGIGK&U
?FreeSystem@@YGXDD&U
?LoadMemoryExW@@YGXPAD&U
?CancelProject@@YGJPADNG&U
?EnumCharExA@@YGXPAH&U
?EnumMutexExW@@YGGKFJ&U
?SetFolderExA@@YGPAXFPAK_N&U
?MemoryOld@@YGXNPAIPAM&U
?CallSemaphoreNew@@YGPAXPAJIPAFF&U
?CrtFolderNew@@YGMPAEGDPAK&U
?IsWindowNew@@YGPAJI&U
?CopyArgumentNew@@YGNPAIPAGPAMPAE&U
?IsMutexOriginal@@YG_NFDPA_N&U
?DecrementTaskExA@@YGKPAJEN&U
?EnumProviderNew@@YG_NDHJPAE&U
?ValidateListOriginal@@YGEPAKPAMK&U
?FindClassNew@@YGKPAD&U
?GenerateCommandLineA@@YGPAFHPAD&U
?InsertCharOriginal@@YGPAKFPAH&U
?CrtTextEx@@YGNPAME&U
?KillFileExW@@YGIKPAE&U
?SetModuleExA@@YGXPAKMMK&U
?CopyMessageNew@@YGPAJDHPA_ND&U
?GetProfileExA@@YGPADPANMHPAE&U
?ModifyTimeA@@YGXNJE&U
?FreeFolderPathOld@@YGPAFPAD_N&U
?CopyDateEx@@YGPA_NPAHGPAF&U
?InsertListItemOld@@YGFNH&U
?DecrementDialogExW@@YGHI&U
?CrtModuleA@@YGXMGPAN&U
?IsValidVersion@@YGXJ&U
?OnVersionNew@@YGPAKPAHKPAGPAK&U
?IsNotScreenOld@@YGNPADDPAM&U
?SendAnchorOriginal@@YGPAXPAK_NPAF&U
?CopyStateExW@@YGXDPAK&U
?LoadListItemExA@@YGJH_N&U

Sections

.text
Size: 78KB - Virtual size: 78KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.imdat
Size: 1024B - Virtual size: 856B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.edata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 5KB - Virtual size: 64KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 112KB - Virtual size: 112KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

33a4da0f8c2bd1ad098334435c3686c5

Headers

File Characteristics

PDB Paths

Imports

comctl32

gdi32

msvcrt

kernel32

user32

Exports

Exports

Sections

.text Size: 78KB - Virtual size: 78KB

.imdat Size: 1024B - Virtual size: 856B

.edata Size: 2KB - Virtual size: 1KB

.data Size: 13KB - Virtual size: 13KB

.rdata Size: 5KB - Virtual size: 64KB

.rsrc Size: 112KB - Virtual size: 112KB

.reloc Size: 2KB - Virtual size: 1KB

.text
Size: 78KB - Virtual size: 78KB

.imdat
Size: 1024B - Virtual size: 856B

.edata
Size: 2KB - Virtual size: 1KB

.data
Size: 13KB - Virtual size: 13KB

.rdata
Size: 5KB - Virtual size: 64KB

.rsrc
Size: 112KB - Virtual size: 112KB

.reloc
Size: 2KB - Virtual size: 1KB