3a31d235098c452126e6f8dbd6a03921_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

3a31d235098c452126e6f8dbd6a03921_JaffaCakes118
Size

195KB
MD5

3a31d235098c452126e6f8dbd6a03921
SHA1

946fba6ba1590223abe17a584e9a7613117b7fab
SHA256

66dbd137234321a2d4781242f343d46533ea662f52fb1b8e9efa194c4e73b802
SHA512

94d90a916bfe45faeb3722df0f4328e39694766827705c48c58c649c7f9d34d43ed4e781a1e56e21552ec710f4d7cffab00aae06009d4a83befe8662eab40bf7
SSDEEP

3072:IMXvINQ3h9hbyTIuahWV1Wxe9VkuvySoPU0jJtxymHUc9La7Ae4ZLQFflgI6pn7I:9/xfbPKeKN+U0jJz5tLaGcFf7yn

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3a31d235098c452126e6f8dbd6a03921_JaffaCakes118

Files

3a31d235098c452126e6f8dbd6a03921_JaffaCakes118
.exe windows:5 windows x86 arch:x86

75a3d9177db092cb687d562a40a72b52

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

D:\NrmovKzkn\qikekewC\fjltlPi.pdb

Imports

comctl32

CreatePropertySheetPageA
ImageList_GetIconSize
ImageList_Write
ImageList_Create
ImageList_AddMasked
InitCommonControlsEx

user32

IsMenu
CharUpperBuffA
DrawEdge
DestroyMenu
KillTimer
DispatchMessageW
SetCaretPos
DefFrameProcA
ScreenToClient
VkKeyScanW
GetNextDlgTabItem
GetIconInfo
IsWindowVisible
SetScrollInfo
SystemParametersInfoW
CreateWindowExA
DefFrameProcW
keybd_event
AttachThreadInput
GetCursorPos
ChangeMenuW
WindowFromPoint
ModifyMenuW
CheckRadioButton
GetKeyboardLayoutNameW
SetMenu
SetClassLongW
SendMessageW
MonitorFromRect
MapWindowPoints
InvertRect
LoadCursorW
CreateDialogParamA
SetActiveWindow
GetMessagePos
GetTopWindow
LoadMenuW
GetDlgItem
PostThreadMessageA
CharLowerBuffW
SetMenuItemInfoW
IsZoomed
InSendMessageEx
SetWindowLongA
CharPrevA
GetAsyncKeyState
BeginPaint
SetLastErrorEx
AppendMenuA
GetClassInfoW
ChildWindowFromPoint
SetDlgItemTextA
CreateIconFromResource
CreateDialogIndirectParamW
OpenInputDesktop
PostMessageA
GetUserObjectInformationW
MessageBoxExA
SetDlgItemInt
RegisterClassExW
LoadAcceleratorsW
CharNextA
MoveWindow
GetFocus
FindWindowExW
FillRect
SendNotifyMessageW
CharLowerW
GetMessageTime
TrackPopupMenuEx
EqualRect
GetWindowPlacement
ScrollWindow
OemToCharA
GetDlgItemTextW
ShowWindowAsync
GetMenuStringW
AdjustWindowRectEx
LoadCursorA
CopyImage
EnumThreadWindows
CreateDialogParamW
OemToCharBuffA
DrawStateW
CallWindowProcA
GetMenuState
GetKeyState
SetWindowTextW
SetSysColors
CheckMenuRadioItem
DeleteMenu
SetCursorPos
MessageBoxA
GetMenu
GetForegroundWindow
DefWindowProcA
GetPropW
InsertMenuItemW
RedrawWindow
DispatchMessageA
GetUpdateRect
LoadMenuA
EnumChildWindows
IsDialogMessageA
ChildWindowFromPointEx
DestroyWindow
LoadImageA
TrackPopupMenu
InsertMenuA
DialogBoxIndirectParamA
GetMessageA
GetScrollInfo
GetDC
GetWindowTextA
GetMenuItemInfoW
SendMessageTimeoutW
SetWindowRgn
DestroyIcon
CreateMenu

kernel32

CreateNamedPipeW
GetWindowsDirectoryA
GlobalMemoryStatus
FileTimeToSystemTime
CreateFileMappingW
SearchPathW
SetMailslotInfo
GetFileAttributesA
SetFileTime
GetProcAddress
GetStringTypeExW
SetLocalTime
GetTempPathW
GetOverlappedResult
OpenFileMappingA
GetDateFormatW
RaiseException
LockFile
EnumResourceLanguagesA
RegisterWaitForSingleObject
LocalAlloc
GlobalAddAtomA
OpenFile
LockResource
SetSystemTime
FreeLibrary
GetLocaleInfoA
HeapAlloc
SetFileAttributesA
GetTempPathA
GetCommState
TerminateThread
SetThreadExecutionState
SetNamedPipeHandleState
IsDBCSLeadByte
GetModuleFileNameA
GetThreadContext
DefineDosDeviceW
GetModuleHandleA
GetSystemDefaultUILanguage
IsBadWritePtr
GetVersion
GlobalDeleteAtom
GlobalReAlloc
SleepEx
CopyFileW
ConnectNamedPipe
LoadLibraryA
GlobalLock
GetSystemDirectoryW
GetSystemTimeAdjustment
VirtualFree
CreateDirectoryW
OpenEventA
DuplicateHandle
DeleteAtom
UnhandledExceptionFilter

gdi32

DeleteObject
GetPaletteEntries
MoveToEx
CreateBitmap
CreateCompatibleBitmap
RestoreDC
GetClipBox
ScaleWindowExtEx
StretchDIBits
RemoveFontResourceW
GetCharWidth32W
CreateFontIndirectW
CreateRectRgn
SetPaletteEntries
CreateSolidBrush
GetTextMetricsW
GetTextColor
SetRectRgn
CreateDiscardableBitmap
Ellipse
ExtTextOutA
WidenPath
GetTextCharsetInfo
GetNearestColor
CreateRectRgnIndirect
LPtoDP
AddFontResourceW
DPtoLP
SetStretchBltMode
LineDDA
TextOutW
CreatePenIndirect
RectVisible
EnumFontFamiliesExW
EndDoc
SetViewportOrgEx
GetObjectA
SetBkColor
BeginPath
SaveDC
CreateHatchBrush
SetBitmapBits
SetLayout
GetTextExtentPoint32A
GetDIBColorTable
SelectObject
GetNearestPaletteIndex
GetTextExtentExPointW
PtInRegion
GetMapMode
GetSystemPaletteEntries

msvcrt

iswdigit
strstr
mbtowc
fputs
_controlfp
tolower
swscanf
strncpy
calloc
strtok
__set_app_type
wcstoul
__p__fmode
__p__commode
printf
putc
_amsg_exit
localtime
fwrite
strcpy
_initterm
_acmdln
exit
fprintf
atol
strncmp
strerror
_ismbblead
atoi
fflush
system
clearerr
strrchr
_XcptFilter
wcscoll
fgets
bsearch
_exit
mktime
time
_cexit
islower
__setusermatherr
strcoll
__getmainargs
swprintf
towupper
putchar
rand

Exports

Exports

?ValidateArgumentExW@@YGXMPAJIM]A
?GenerateRectExA@@YGPAX_NEFPAE]A
?CancelExpressionA@@YGPAEF_N]A
?ShowWidthEx@@YGIPADEPAKH]A
?IsValidFilePathW@@YGPAGPAE]A
?KillPointerOriginal@@YGDJPAMGF]A
?SetKeyNameExW@@YGJ_NHJE]A
?ShowAppNameExW@@YGHG]A
?CancelAppName@@YGPAHPAM]A
?CancelMutexNew@@YGIJMEE]A
?DialogOriginal@@YGXI]A
?RtlTextEx@@YGMPAFPAK]A
?IsMutantOriginal@@YGPAIPAJF]A
?SendRectA@@YGPAHPAMK]A
?ClosePointerW@@YGPANPAII]A
?IsProjectOld@@YGJPAGGPAI]A
?InsertFile@@YGPAXH]A
?CloseExpressionExA@@YGEGFPAH]A
?SetFileA@@YGPAXKKPAKE]A
?IsValidDirectoryExW@@YGK_NPAEK]A
?CancelTimerW@@YGPADPAJH]A
?KillClassExA@@YGXENPAM]A
?InvalidateProviderEx@@YGPAMPAKPAMMPAF]A
?SetFolderA@@YGNEIKK]A
?GenerateSemaphoreA@@YGPAMPADPAFJI]A
?EnumFolderOriginal@@YGNFK]A
?GlobalClassEx@@YGDPAMPA_N]A
?LoadKeyNameOriginal@@YGKHPAFH]A
?RtlEventW@@YGPAN_NPAJG]A
?EnumTimeA@@YGXIIPAE]A
?GenerateSystemA@@YGJPAM]A
?LoadDeviceW@@YGFIJ]A
?EnumDirectoryW@@YGPANPAH_ND]A
?InsertWindow@@YGDPA_NPAD]A
?IsNotProcessNew@@YGHMMEE]A
?OnMutexExW@@YGI_NMPAM]A
?IncrementMutant@@YGPAMD]A
?GlobalProviderOriginal@@YGKD]A
?SendStateNew@@YGPANDPAIPAI]A
?InsertWindowInfoW@@YGPAXDKK]A
?KillListNew@@YGPAHPAIPAI_N]A
?FileW@@YGXPAEIJD]A
?HideFullNameEx@@YGGPA_NH_N]A
?FreeHeaderW@@YGPAFKE]A
?IsValidMediaTypeEx@@YGMG]A
?IncrementProjectExA@@YGGMIPAD]A
?RemoveClassOriginal@@YGIPANIG_N]A
?Device@@YGPADIPAFPAHI]A
?DataNew@@YGMJPAEPAMPAJ]A
?FreeDirectoryOld@@YGHPAGJ]A
?CloseDirectoryOld@@YGMFF_NPAM]A
?OnPathNew@@YGGG]A
?AddScreenExA@@YGMHPAF]A
?IsNotAppNameW@@YGPAFJPAK]A
?CancelProviderEx@@YGXIPA_NH]A
?GenerateMessageEx@@YGX_N]A
?DeleteDirectoryNew@@YGFPADJPAI]A
?AddValueOld@@YGPAXPAGG]A
?ValidateProcessEx@@YGEPAKIHH]A
?RemoveThreadExW@@YGDHEPAI]A
?OnMutexEx@@YGXGGPAJ]A
?PutHeightA@@YGPAXM_N_NPAM]A
?KillKeyboardExA@@YGPAHKJPAI]A
?InsertDateEx@@YGMEPAMJE]A
?DecrementFullNameA@@YGEPAKPAKE]A
?FreeFolderExW@@YGFF]A
?GenerateRectNew@@YGPAJDGPANPA_N]A
?GenerateListA@@YGXNE]A
?KeyNameA@@YGFEKM]A
?IsNotTimerA@@YGPAEEE_N]A
?InstallObjectW@@YGMJ]A
?RemoveStringA@@YGGF]A
?IsValidMediaTypeW@@YGEMPAK]A
?CancelPoint@@YGEIIK]A
?CallTaskA@@YGIG]A
?PutTimerExW@@YGNGFJ]A
?AddNameOriginal@@YGJEMI]A
?InvalidateDataOriginal@@YGPAXFPAJH]A
?AddFolderOriginal@@YGHDJPAG]A
?LoadThreadExA@@YGEH]A
?CrtDateNew@@YGMJPAJ]A
?CrtProcessA@@YGEEJE]A
?CloseListItemEx@@YGGIPAKPAG]A
?FormatOptionExA@@YGPANDGPAEE]A
?IsNotMutexW@@YGGPAI]A
?GenerateFullNameOriginal@@YGFJKPAEI]A
?IsNotMemoryExW@@YGJHEE]A
?InvalidateTaskNew@@YGEPAG]A
?IncrementDateNew@@YGXFNPAHM]A
?LoadFunctionOriginal@@YGEM]A
?AddAnchorNew@@YGIG_NPAN]A
?CopyMutantExW@@YG_NIE]A
?LoadRectExW@@YGGH]A
?FormatWidthExW@@YGPAE_N]A
?IsValidTimeOld@@YGGGHPA_ND]A
?LoadDataEx@@YGPAEHJ]A
?CancelTask@@YGDHPAHH]A
?DeleteProjectNew@@YGPAIPAI]A
?IsNotAppName@@YGXEI]A
?FormatRectOld@@YGIH]A
?FindExpressionOld@@YGPADF]A
?FormatFolderExA@@YGXI_NFM]A
?DecrementWindowOld@@YGJG]A
?IsStateExW@@YGPAXEEF]A
?FindWindowExA@@YGPAFPANF]A
?DeleteObjectNew@@YGHPAGKPADPAH]A
?ModifyRectA@@YGPAKPADJPAIF]A
?FindModule@@YGKEID]A
?CancelDevice@@YGDHN]A
?RtlPointExA@@YGFPAFPAIGPAI]A
?SetHeightOld@@YGIKPAMPAE]A
?EnumOptionNew@@YGDPAK_NFPAG]A
?CrtDirectoryNew@@YGPADGPAM]A
?InvalidateRectOld@@YGPADPAI]A
?GetAnchor@@YGNPAD]A
?FormatMonitorW@@YGFHHPAFF]A
?GlobalNameOld@@YGEPAEPAFPANPAJ]A
?IncrementMutexA@@YG_NFPANPAD]A
?IsNotCommandLineEx@@YGIEEPA_N]A
?GlobalProviderA@@YGFPAMN]A
?InstallClassEx@@YGHHPAMPAH]A
?SendExpressionExW@@YGX_NH]A
?GenerateMemoryW@@YGJD]A
?OnWindowInfoA@@YGXK]A
?IsDirectoryNew@@YGDPADHPAJ]A
?RemoveMediaTypeOriginal@@YGXEPA_NG]A
?IsNotMediaType@@YGPAFPAG_N]A
?InsertFileOriginal@@YGJDKE]A
?InsertSizeOld@@YGPADPAHGKI]A
?GetDirectoryExW@@YGPAHDPADM]A
?LoadPointNew@@YGJFPAH]A
?GenerateModuleExA@@YGKPADPAGGE]A
?IncrementCommandLineOriginal@@YGPAKDMPAJ]A
?CloseObjectW@@YGEEEPAG]A
?IncrementVersionExW@@YGGJPAI]A
?PutMonitorEx@@YGFDPAJ]A
?IsTextOriginal@@YGPAXGIHE]A
?IsNotExpressionExA@@YGNPAGGJPAF]A
?AddPathW@@YGGD]A
?CrtSizeNew@@YGXJFD]A
?LoadPointerOriginal@@YGPAGPAE]A
?CallConfigExW@@YGHGPAJPAJ]A
?AddFilePathOld@@YGPAEEH_N]A
?SendKeyNameExA@@YGFPAMM]A
?RtlSystemNew@@YGIIEPAJE]A
?IncrementMonitorNew@@YGNPADHPAGM]A
?CopyDirectoryA@@YGPAXMFD]A
?GetMutantW@@YGPAFPAFPAHPAEPAI]A
?DeleteFileNew@@YGNHPAHNE]A
?InstallStringExW@@YGGNPAMGF]A
?GetHeightW@@YGIK]A
?InvalidateWindowW@@YGPAKPAM]A
?InvalidateSectionExA@@YGHMK]A
?PutHeader@@YGKPAGPADPAH]A
?ValidateProject@@YGPAXDJG]A
?DestinationSysCounterDnDHuuey@@YGKGHE@Z
?IsNotFileExW@@YGPAFE]A
?IsValidSemaphoreEx@@YGGJI]A
?HideSizeExW@@YGMDEDI]A
?CallWidthW@@YGXJEG]A
?CrtDeviceA@@YGHD]A
?InvalidateArgumentExW@@YGPAXPAKJ]A
?GetProviderOriginal@@YGXHGE]A
?AddFullNameA@@YGEIPAHM]A
?SystemOriginal@@YGPAXPAJ]A
?InvalidateEventEx@@YGMM]A
?CloseKeyNameExA@@YGIPAFEHPAE]A
?SendProfileOld@@YGFK]A
?IsValidSemaphoreNew@@YGDKHHPAK]A
?CopyOption@@YGPAJPANPAHPA_N]A
?FreeListItem@@YGPAMMIMG]A
?PutComponentExA@@YGPAIMG]A
?GenerateProjectEx@@YGXNPAJJ]A
?FindDataA@@YGPAXPAIMF]A
?ModifyMessageNew@@YGIPAFPAJ]A
?IsNotComponentExA@@YGDIPAH]A
?FreeMessageExW@@YGPANKPAH]A
?EnumConfigA@@YGPAFJPADPAGK]A
?SetComponentA@@YGKMNPAH]A
?IsValidWindow@@YGXJ_NHE]A
?ShowPointExW@@YGPAMIPAGF]A
?GetExpressionEx@@YGHPAEPAJ]A
?RemoveValueW@@YGJPAHF]A
?IncrementFullNameW@@YGXK]A
?RtlMessageA@@YGGK]A
?AddTimeW@@YGDPAMPAE]A
?RemoveMessageExA@@YGFH]A
?IsValidNameA@@YGPAXPAM]A
?EnumPath@@YGPAXKHPAJPAG]A
?InstallKeyNameEx@@YGXIHGPAG]A
?KillAnchorA@@YGFKGM]A
?IsThreadEx@@YGFN]A
?ModifyDirectoryNew@@YGMMMDH]A
?LoadObject@@YGXMI]A
?LoadWindowOld@@YGEPAMGPAJ]A
?SendWindowExA@@YGPAHI]A
?PutScreenExA@@YGGPAEJ]A
?KillMutexW@@YGKPAMPAGMG]A
?LoadModule@@YGFD]A
?RtlProviderExW@@YGHHJ]A
?KillMediaTypeExA@@YGXPAF]A
?GetFullNameA@@YGGPAGJ]A
?IsExpression@@YGKPAEPAM]A
?GetSystemNew@@YGDPAHM]A
?KeyboardNew@@YGPAXF]A
?LoadSemaphore@@YGNKPAE]A
?InvalidateVersionExW@@YGPADMPA_NH]A
?ModifyTimeOld@@YGXPAGH]A
?GlobalDate@@YGJG]A
?RemoveProject@@YGPAKJI]A
?KillRectNew@@YGXGPAI]A
?AddProfileOld@@YGEGD]A
?ValidateAnchorW@@YGPADKPAI]A
?OnFilePathExA@@YGXJPAD]A
?DecrementThread@@YGEN]A
?ValidateMutexOriginal@@YGPAKFPAEK]A
?DeleteDateOriginal@@YGJPAM]A
?DeleteAnchorOriginal@@YGPAX_NPAKH]A
?InvalidateNameEx@@YGKEHF]A
?ShowWidthOld@@YGIPAK]A
?GenerateProcess@@YGPAFGE]A
?ModifyPenNew@@YGPAJGPADG]A
?FreeAppNameOriginal@@YG_NKENPAE]A
?ModifyKeyboard@@YGPAMFIPAM]A

Sections

.text
Size: 31KB - Virtual size: 30KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 3KB - Virtual size: 345KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 152KB - Virtual size: 152KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

75a3d9177db092cb687d562a40a72b52

Headers

File Characteristics

PDB Paths

Imports

comctl32

user32

kernel32

gdi32

msvcrt

Exports

Exports

Sections

.text Size: 31KB - Virtual size: 30KB

.idata Size: 6KB - Virtual size: 5KB

.data Size: 3KB - Virtual size: 345KB

.rsrc Size: 152KB - Virtual size: 152KB

.reloc Size: 1KB - Virtual size: 1KB

.text
Size: 31KB - Virtual size: 30KB

.idata
Size: 6KB - Virtual size: 5KB

.data
Size: 3KB - Virtual size: 345KB

.rsrc
Size: 152KB - Virtual size: 152KB

.reloc
Size: 1KB - Virtual size: 1KB