3aaad236be30f3030b760df4ad1560c7_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

3aaad236be30f3030b760df4ad1560c7_JaffaCakes118
Size

137KB
MD5

3aaad236be30f3030b760df4ad1560c7
SHA1

3be97bdc2d0c3d2291e5d6a14642a1c3fafa47f0
SHA256

a596bb97f959075456fc2e9ec142786551aa2843fd096d242cef9f25f6d62238
SHA512

d18bf3307665422c8fb5fdbda54d0ae10811eb5920e1b21318d65bc5d437075dcb6374852fb5346007a4299f24d4a5ef7c11af2a8137931128d9a1f12608c351
SSDEEP

3072:uPTT/idUftxdwqPAU420lwYmj2tiYjnW+:4TrbMwAZnlwYU2fnW+

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3aaad236be30f3030b760df4ad1560c7_JaffaCakes118

Files

3aaad236be30f3030b760df4ad1560c7_JaffaCakes118
.exe windows:5 windows x86 arch:x86

4917f67b40ecd097646b0637f59d62ac

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

R:\tkwOCwxzrbwM\bYzjBvyKincAU\twgdxgpw\pfurvkqsn.pdb

Imports

user32

CreateIconFromResource
GetCaretPos
RedrawWindow
LookupIconIdFromDirectory
ScreenToClient
LoadCursorW
ReplyMessage
SystemParametersInfoW
CheckRadioButton
GetUpdateRgn
TrackPopupMenu
GetLastActivePopup
SetScrollPos
MonitorFromPoint
SetFocus
LoadImageW
IsCharUpperA
GetDC
EndPaint
GetWindowLongW
SetCaretPos
GetClipCursor
GetPropW
LoadBitmapW
SetRect
SetCursorPos
MessageBoxA
ShowCaret
GetMessageExtraInfo
DefWindowProcW
CascadeWindows
OpenInputDesktop
HideCaret
CharNextExA
GetDlgCtrlID
DestroyCaret
SetWindowPlacement
SendMessageA
SendMessageTimeoutA
GetWindowPlacement
InflateRect
RegisterClassExA
ShowWindowAsync
CreateDialogParamW
SetMenuItemBitmaps
CallWindowProcW
GetMenuCheckMarkDimensions
DrawStateW
GetClassInfoA
keybd_event
GetWindow
SetMenu
PostMessageA
SetClassLongW
IsIconic
CharUpperBuffA
OemToCharA
ChangeMenuW
ArrangeIconicWindows
CharLowerBuffW
OemToCharBuffA
IsZoomed
SetParent
GrayStringW
MessageBoxExW
UnloadKeyboardLayout
GetSystemMenu
CreateWindowExA
RemovePropW
IsMenu
GetClassInfoW
ModifyMenuW
GetActiveWindow
EnumChildWindows
MessageBoxW
IsDlgButtonChecked
ShowWindow
GetScrollRange
GetForegroundWindow
InsertMenuItemW
GetMenu
DrawTextA
DrawFrameControl
MapWindowPoints
DestroyAcceleratorTable
RemoveMenu
GetMenuItemRect
TranslateAcceleratorA
IsDialogMessageA
SetWindowTextA
PostThreadMessageW
GetSysColor
GetMenuItemInfoW
SetUserObjectInformationW
KillTimer
DrawIconEx
LoadMenuW
CreateWindowExW
AllowSetForegroundWindow
CreateDialogIndirectParamW
DrawStateA
SendMessageTimeoutW
GetUserObjectInformationA
GetWindowDC
LoadBitmapA
SetLastErrorEx
SendMessageW
LoadImageA
CopyRect
InvertRect
PostThreadMessageA
SetTimer
GetSysColorBrush
InSendMessageEx
GetKeyboardLayout
CharLowerW
MapDialogRect
wvsprintfW
ScrollWindowEx

kernel32

SetFileApisToOEM
CancelWaitableTimer
ResumeThread
lstrcpyW
OpenFileMappingA
GetCommandLineW
AddAtomW
FlushViewOfFile
SetCurrentDirectoryW
HeapSize
CreateNamedPipeW
GetSystemWindowsDirectoryW
MulDiv
GlobalCompact
MoveFileW
TlsFree
CreateWaitableTimerA
FindClose
CreateNamedPipeA
DisconnectNamedPipe
DeleteCriticalSection
GetShortPathNameA
OpenFileMappingW
CreateEventA
LoadResource
VerifyVersionInfoW
SystemTimeToFileTime
GetLocalTime
OpenSemaphoreW
SetThreadLocale
SuspendThread
GetModuleFileNameA
SetThreadAffinityMask
FindResourceA
GetSystemDirectoryW
LocalFree
TryEnterCriticalSection
OpenFile
AddAtomA
EnumSystemLocalesA
CloseHandle
GetFileType
ReleaseMutex
GetSystemWindowsDirectoryA
CreateFileW
GetComputerNameExW
GlobalAddAtomW
GetHandleInformation
IsValidLanguageGroup
GetComputerNameW
LoadLibraryW
GlobalHandle
GlobalGetAtomNameW
FileTimeToSystemTime

msvcrt

isspace
_controlfp
wcstod
remove
fread
fprintf
__set_app_type
strrchr
isalpha
sprintf
vsprintf
wcsncmp
__p__fmode
iswspace
mbtowc
clearerr
__p__commode
wcstoul
_amsg_exit
_initterm
time
wcscoll
malloc
_ismbblead
wcspbrk
wcscpy
strtoul
setvbuf
towlower
_XcptFilter
getenv
_exit
_cexit
fwrite
wcslen
memset
strpbrk
strncpy
printf
puts
fputs
fgets
isalnum
__setusermatherr
__getmainargs
bsearch
tolower
gmtime

shlwapi

PathIsUNCW

comctl32

ImageList_Create
ImageList_Remove
DestroyPropertySheetPage
CreatePropertySheetPageW
CreateStatusWindowW
ImageList_GetIconSize

Exports

Exports

?OwnerInitDescriptor@@YGK_KK:O

Sections

.itext
Size: 21KB - Virtual size: 21KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.ips1
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ips2
Size: 512B - Virtual size: 89B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.ntrs
Size: 512B - Virtual size: 305B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.ips3
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.mode
Size: - Virtual size: 103KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 100KB - Virtual size: 100KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

4917f67b40ecd097646b0637f59d62ac

Headers

File Characteristics

PDB Paths

Imports

user32

kernel32

msvcrt

shlwapi

comctl32

Exports

Exports

Sections

.itext Size: 21KB - Virtual size: 21KB

.ips1 Size: 6KB - Virtual size: 5KB

.ips2 Size: 512B - Virtual size: 89B

.ntrs Size: 512B - Virtual size: 305B

.ips3 Size: 2KB - Virtual size: 2KB

.data Size: 3KB - Virtual size: 2KB

.mode Size: - Virtual size: 103KB

.rsrc Size: 100KB - Virtual size: 100KB

.reloc Size: 2KB - Virtual size: 2KB

.itext
Size: 21KB - Virtual size: 21KB

.ips1
Size: 6KB - Virtual size: 5KB

.ips2
Size: 512B - Virtual size: 89B

.ntrs
Size: 512B - Virtual size: 305B

.ips3
Size: 2KB - Virtual size: 2KB

.data
Size: 3KB - Virtual size: 2KB

.mode
Size: - Virtual size: 103KB

.rsrc
Size: 100KB - Virtual size: 100KB

.reloc
Size: 2KB - Virtual size: 2KB