391e0a135c53ce1dcb0415ac3896b5e4_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

391e0a135c53ce1dcb0415ac3896b5e4_JaffaCakes118
Size

216KB
MD5

391e0a135c53ce1dcb0415ac3896b5e4
SHA1

18afa853c021d2c240fba32d288ccd2e012d6544
SHA256

cfad8588a63dc901c7b662d4425999d94ac9f9ec797c3cba27640bf1de5638db
SHA512

d4e79793180e322dfc80307fe7058c82853a5e490bdcc32ad81370960dc3f6b2fa14c37545420fd7c744494cfdb12d8d0e438d5ecc1e6d9bfdb8e22ca640a0a2
SSDEEP

3072:/eDUxjd+H4Mrbf+ZHhLjvDLkml2hHYbaHNEUbgM6RO+71PJ7J4lftW4UCYGgSVC5:WDWJMHmZhbfkW2hHYbPTL7ZvCYBt

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
391e0a135c53ce1dcb0415ac3896b5e4_JaffaCakes118

Files

391e0a135c53ce1dcb0415ac3896b5e4_JaffaCakes118
.dll windows:5 windows x86 arch:x86

61a4610580a551d7cf2e6d9ec8e89bd3

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

T:\WECmZovgZjexkZ\thvtzfpg\xetbgsxoxoILl\ezmhOLluP.pdb

Imports

user32

SetClassLongW
SetWindowLongW
CreateDialogIndirectParamW
OemToCharA
GetShellWindow
RegisterWindowMessageA
MoveWindow
GetUpdateRect
SetPropW
DrawStateW
GetCaretPos
IsCharLowerA
LoadImageW
ClientToScreen
DefDlgProcA
CheckMenuRadioItem
GetKeyboardLayoutNameW
GetDlgItemTextW
CheckDlgButton
SetCursor
GetMenuContextHelpId
SetForegroundWindow
SetCaretPos
SetSysColors
GetActiveWindow
DrawTextExW
SetCursorPos
RedrawWindow
DestroyAcceleratorTable
InternalGetWindowText
IsWindow
AdjustWindowRect
DrawEdge
GetFocus
FillRect
EndDialog
DestroyCursor
GetTopWindow
WaitMessage
DrawIconEx
GetDialogBaseUnits
SetDlgItemTextA
DialogBoxParamA
EnumChildWindows
ScrollWindowEx
CharToOemBuffA
GetKeyState
DestroyMenu
TrackPopupMenuEx
ToUnicodeEx
IsCharAlphaW
GetMenuItemID
CharUpperA
IsDialogMessageA
DeferWindowPos
wvsprintfW
InsertMenuW
CreateAcceleratorTableW
MessageBoxA
ShowCursor
CallWindowProcA
DrawIcon
DestroyCaret
HideCaret
EndPaint
EqualRect
IntersectRect
GetCursorPos
wvsprintfA
TranslateAcceleratorA
GetAsyncKeyState
DefWindowProcW
LoadIconA
CreateMenu
IsDialogMessageW
SendNotifyMessageW
GetMenu
GetDCEx
OpenDesktopW
GetDoubleClickTime
SystemParametersInfoW
GetPropW
GetMenuState
PtInRect
DialogBoxIndirectParamA
FindWindowExW
SetScrollInfo
GetIconInfo
ModifyMenuW

kernel32

GlobalFree
GetModuleFileNameA
lstrcatW
GetFileAttributesA
GetSystemTimeAsFileTime
AddAtomW
LocalAlloc
GetOverlappedResult
GlobalSize
GetTimeZoneInformation
BuildCommDCBA
GetLocalTime
SetTimerQueueTimer
CreateSemaphoreW
GetSystemTime
SetWaitableTimer
IsBadReadPtr
GetTempPathA
RaiseException
GetCurrentThread
SetLocalTime
GetVersionExA
lstrcmpiW
OpenEventA
GetStdHandle
LCMapStringW
GetShortPathNameW
GetNumberFormatW
GetCompressedFileSizeW
FindResourceExW
GetProcAddress
CreateWaitableTimerW
GetUserDefaultUILanguage
WideCharToMultiByte
GetCommModemStatus
SetErrorMode
OpenSemaphoreW
SetThreadLocale
GlobalAddAtomA
GetCommState
GetTempPathW

msvcrt

setvbuf
putc
_controlfp
__set_app_type
fgetc
toupper
fclose
isalnum
__p__fmode
iswspace
wcscmp
wcstol
__p__commode
vsprintf
fgets
_amsg_exit
isxdigit
wcstoul
_initterm
iswctype
mbtowc
strcpy
_acmdln
tolower
fseek
exit
_ismbblead
isupper
towlower
fread
_XcptFilter
_exit
islower
strtol
_cexit
__setusermatherr
strstr
__getmainargs

comdlg32

CommDlgExtendedError
PrintDlgW
GetOpenFileNameW
GetSaveFileNameW

gdi32

GetTextExtentPoint32A
SetLayout
SetBkMode
RoundRect
CreatePen
WidenPath
SetAbortProc
EndDoc
CreateBitmapIndirect
SelectClipRgn
GetTextExtentExPointW
PatBlt
FlattenPath
CreateEllipticRgnIndirect
CreateCompatibleDC
SetDIBits
SetStretchBltMode
SetTextColor
SetViewportOrgEx
GetNearestPaletteIndex
SetPaletteEntries
OffsetViewportOrgEx
OffsetRgn
EnumFontsW
StretchBlt
GetCharWidth32W
CreateHatchBrush
ExtTextOutA
SetBitmapBits
GetTextAlign
RealizePalette
IntersectClipRect
GetViewportOrgEx
GetCurrentObject
EnumFontFamiliesExW
CombineRgn
PtVisible
SelectPalette

Exports

Exports

?DeleteCriticalSectionDJUkdjJK@@YGKEPA_WG@Z
?DeleteCriticalSectionDUidKJLKljd@@YGKEPA_WG@Z
?DeleteCriticalSectionDUiudIUkljud@@YGKEPA_WG@Z

Sections

.text
Size: 14KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.itext
Size: 67KB - Virtual size: 67KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 47KB - Virtual size: 46KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.dbg_
Size: 75KB - Virtual size: 195KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

61a4610580a551d7cf2e6d9ec8e89bd3

Headers

File Characteristics

PDB Paths

Imports

user32

kernel32

msvcrt

comdlg32

gdi32

Exports

Exports

Sections

.text Size: 14KB - Virtual size: 13KB

.itext Size: 67KB - Virtual size: 67KB

.edata Size: 8KB - Virtual size: 8KB

.data Size: 47KB - Virtual size: 46KB

.dbg_ Size: 75KB - Virtual size: 195KB

.rsrc Size: 512B - Virtual size: 16B

.reloc Size: 2KB - Virtual size: 1KB

.text
Size: 14KB - Virtual size: 13KB

.itext
Size: 67KB - Virtual size: 67KB

.edata
Size: 8KB - Virtual size: 8KB

.data
Size: 47KB - Virtual size: 46KB

.dbg_
Size: 75KB - Virtual size: 195KB

.rsrc
Size: 512B - Virtual size: 16B

.reloc
Size: 2KB - Virtual size: 1KB