37d913263373287cf62aeb9e47807b99_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

37d913263373287cf62aeb9e47807b99_JaffaCakes118
Size

221KB
MD5

37d913263373287cf62aeb9e47807b99
SHA1

3c19fff678aab9e95b3d136d5be53e5018d2318e
SHA256

05eae8a47d28e6faf83aaa3e6a3472b7c4644a64efa495ac5c8811d35d56a0d0
SHA512

3bd55bbc5a5d4ddbb9a6d1734eec92be866a97edbad492899eace991ebe35129e6fc760594dfecd2f9a758accb008d5dfff339f0da2a0e065b0e69031698aabe
SSDEEP

3072:byLkZuNPfe7/EhiMsaRHj1A+ilILlRW3OqoqtRyhKq4M1t4YNkU3mSL3G2nIsxc:ekcRWwRGVlILz+OqhtKK6wUrW2d0I5

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
37d913263373287cf62aeb9e47807b99_JaffaCakes118

Files

37d913263373287cf62aeb9e47807b99_JaffaCakes118
.exe windows:5 windows x86 arch:x86

e685702bd6b5926d4114874b7e4a70b8

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

L:\rvasKyPntsxxp\pCbctqzn\iqtOzwbifzk\ozcgWQmEyecYc.pdb

Imports

gdi32

ScaleWindowExtEx
CreateCompatibleDC
CreateFontIndirectA
DeleteObject
EndPage
SetDIBitsToDevice
LPtoDP
GetDeviceCaps
CreateHalftonePalette
RealizePalette
CreateBrushIndirect
CreateICW
CreateCompatibleBitmap
Polygon
SelectPalette
BitBlt
GetViewportOrgEx
GetNearestColor
GetTextExtentExPointW
GetROP2
GetCharWidth32W
GetRgnBox
FillRgn
EnumFontFamiliesExW
EndDoc
CreateSolidBrush
CreateDCW
CreatePatternBrush
ExtFloodFill
PtVisible
PolyBezier
GetTextCharsetInfo
TranslateCharsetInfo
SetBkColor
PtInRegion
PathToRegion
LineDDA
CreateRoundRectRgn
DeleteDC
SelectObject
StretchBlt
GetTextExtentPoint32A
AddFontResourceW
RectVisible
CreatePen
CreateBitmap
SetDIBColorTable

kernel32

LoadLibraryW
FileTimeToDosDateTime
LockFile
LocalSize
GetCommState
GetCommProperties
lstrcmpiA
SetFilePointer
OpenEventA
GetThreadLocale
GetOverlappedResult
GetFullPathNameA
OpenFileMappingA
GetFileSize
GetModuleFileNameW
QueryPerformanceCounter
SetFileAttributesA
CreateNamedPipeA
SearchPathW
WriteFile
CancelIo
GetCurrentProcessId
SystemTimeToFileTime
GetCPInfo
SetEndOfFile
HeapSize
GlobalReAlloc
GetLastError
FlushViewOfFile
WriteConsoleInputW
GetFullPathNameW
Sleep
lstrcmpiW
GetCurrentProcess
LocalReAlloc
HeapLock
GetLocaleInfoW
GetModuleHandleW
GetCommConfig
VirtualProtect
FileTimeToLocalFileTime
LCMapStringA
CreateRemoteThread
HeapWalk
CreateEventA
GetNumberFormatW
RaiseException
CloseHandle
OpenFileMappingW
SetErrorMode
GetTimeFormatA
CreateDirectoryW
OpenSemaphoreW
QueryDosDeviceW

user32

CharLowerW
CallWindowProcA
GetClassNameW
GetScrollRange
SetWindowLongW
MapVirtualKeyW
GetWindowTextA
GetMonitorInfoW
UnloadKeyboardLayout
MapVirtualKeyExW
ScrollWindowEx
AttachThreadInput
CreateDialogParamW
SetMenuItemInfoW
GetWindowDC
RegisterClassW
SetScrollInfo
ModifyMenuW
GetClientRect
InflateRect
TranslateMessage
GetMessageExtraInfo
SetCursor
AdjustWindowRect
ActivateKeyboardLayout
UnionRect
GetKeyState
EndPaint
DialogBoxParamA
CharUpperBuffA
SetMenuDefaultItem
GetScrollPos
CreateIconIndirect
RemoveMenu
GetWindowTextLengthW
EnableMenuItem
GetMenuStringA
DrawMenuBar
LoadBitmapW
DestroyCursor
GetMenuStringW
GetSystemMetrics
PostQuitMessage
GetKeyboardType
HideCaret
UpdateWindow
ToUnicodeEx
GetSubMenu
OpenIcon
DispatchMessageW
ClipCursor
DefFrameProcW
GetShellWindow
SetParent
CheckMenuItem
GetUpdateRgn
KillTimer
InvalidateRect
LoadCursorA
CreateAcceleratorTableW
mouse_event
GetIconInfo
PtInRect
TrackPopupMenu
keybd_event
RegisterWindowMessageA
GetClassInfoA
IsWindow
CharToOemA
MessageBoxExA
DrawFrameControl
RegisterClassA
wvsprintfA
SetTimer
SendMessageW
LockWindowUpdate
FindWindowW
CharUpperW
DialogBoxIndirectParamW
IsDlgButtonChecked
DrawAnimatedRects
MessageBoxExW
ShowCursor
EndTask
CreateMenu
BeginPaint
DefDlgProcW
SetRectEmpty
DeferWindowPos
CopyImage
GetClassLongA
SetMenuItemBitmaps
AppendMenuA
FindWindowA
GetClassInfoExA
GetKeyboardLayout
DestroyMenu
GetMenuItemCount
SetForegroundWindow
MessageBoxA
ArrangeIconicWindows
SendMessageA
RemovePropW
CreateCursor
GetMenuState
DestroyCaret
ShowWindow
WaitForInputIdle
SetUserObjectInformationW
LookupIconIdFromDirectory
DrawTextExW
SetScrollRange

msvcrt

_controlfp
strchr
__set_app_type
__p__fmode
wcscoll
__p__commode
mbtowc
rand
gets
fputc
isspace
free
_amsg_exit
wcsrchr
ftell
isalnum
atoi
wcscmp
sprintf
wcschr
_initterm
_acmdln
strspn
getenv
srand
wcstod
tolower
isxdigit
strpbrk
floor
iswprint
iswctype
exit
islower
remove
_ismbblead
_XcptFilter
isprint
wcstol
_exit
_cexit
printf
__setusermatherr
__getmainargs
strncmp
clearerr

comdlg32

ReplaceTextW
CommDlgExtendedError
GetSaveFileNameW
GetSaveFileNameA

Exports

Exports

?ShowProfileEx@@YGNFPADPAJ~U
?IsNotMonitorW@@YGPAGJIPAI~U
?SendScreenW@@YGDJPAGK~U
?IsNotPointNew@@YGNJMH~U
?CopyThread@@YGPAMMKG~U
?EnumMutantA@@YGPAXPAJH~U
?IncrementListEx@@YGMPAEIJE~U
?DecrementComponentExW@@YGGGEFD~U
?GenerateMonitorW@@YGHEJIE~U
?FindAnchorEx@@YGPAJEEFPAG~U
?CopyProcessNew@@YGPAFMKM~U
?FindRectEx@@YGENIK~U
?RemoveObjectW@@YGHIPAI~U
?GlobalListItemOld@@YGPAFJ~U
?RemoveClassExA@@YGMJF~U
?ValidateFolderA@@YGPAHPADKPAMM~U
?IncrementProfileA@@YGNH~U
?SetEventW@@YGPAXPAMPAI~U
?LoadDataExW@@YGIN~U
?PutModuleNew@@YGXF~U
?GenerateEventEx@@YGFFPAG~U
?FindTaskNew@@YGPAMG~U
?GlobalKeyNameA@@YGXH~U
?OnStringA@@YGPAMEMIH~U
?DeviceExA@@YGHIGPAJI~U
?ValidateWidthExA@@YGMPAJE~U
?RemoveObjectExW@@YGPAHFGNM~U
?DeleteWindowOld@@YGXKHPAFPAG~U
?SendPointW@@YGX_NI~U
?ModifyOptionExW@@YGPAXJ~U
?CopyConfigOld@@YGPAFPAD~U
?HidePointA@@YGPAXPAHPAJ~U
?SendExpressionNew@@YGPANPAG~U
?ShowValueOld@@YGPADG~U

Sections

.text
Size: 192KB - Virtual size: 192KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.tbl_i
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tbl_e
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bdat3
Size: 512B - Virtual size: 32B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bdat0
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bdat1
Size: 512B - Virtual size: 32B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bdat2
Size: 512B - Virtual size: 44B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.vptr4
Size: 512B - Virtual size: 32B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 1024B - Virtual size: 805B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e685702bd6b5926d4114874b7e4a70b8

Headers

File Characteristics

PDB Paths

Imports

gdi32

kernel32

user32

msvcrt

comdlg32

Exports

Exports

Sections

.text Size: 192KB - Virtual size: 192KB

.tbl_i Size: 1KB - Virtual size: 1KB

.tbl_e Size: 1KB - Virtual size: 1KB

.bdat3 Size: 512B - Virtual size: 32B

.bdat0 Size: 5KB - Virtual size: 5KB

.bdat1 Size: 512B - Virtual size: 32B

.bdat2 Size: 512B - Virtual size: 44B

.vptr4 Size: 512B - Virtual size: 32B

.data Size: 13KB - Virtual size: 13KB

.rdata Size: 1024B - Virtual size: 805B

.rsrc Size: 512B - Virtual size: 16B

.reloc Size: 2KB - Virtual size: 2KB

.text
Size: 192KB - Virtual size: 192KB

.tbl_i
Size: 1KB - Virtual size: 1KB

.tbl_e
Size: 1KB - Virtual size: 1KB

.bdat3
Size: 512B - Virtual size: 32B

.bdat0
Size: 5KB - Virtual size: 5KB

.bdat1
Size: 512B - Virtual size: 32B

.bdat2
Size: 512B - Virtual size: 44B

.vptr4
Size: 512B - Virtual size: 32B

.data
Size: 13KB - Virtual size: 13KB

.rdata
Size: 1024B - Virtual size: 805B

.rsrc
Size: 512B - Virtual size: 16B

.reloc
Size: 2KB - Virtual size: 2KB