3beaafd89bc7e237f71bd27a42177360_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

3beaafd89bc7e237f71bd27a42177360_JaffaCakes118
Size

221KB
MD5

3beaafd89bc7e237f71bd27a42177360
SHA1

c84da5a2d73a3118e4656139e5e4b1ff5cfb2dab
SHA256

7db64d28bd4029f9fa1bfac4d1bd718551fcae6ae5b0cf8c73d07e91023f16a3
SHA512

4cb7da0a817b4b209f751e9a04ffe08778830e3ab8fd9f53feff73d99ae427dc07e91aa72035cd2d52f706f4746799724fcd3648c69ad751da917bd7df142a3c
SSDEEP

6144:C95W3R38FJWHsn2gwkyTcSK7Sw6oUWmw:13NM2gXYi6oUBw

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3beaafd89bc7e237f71bd27a42177360_JaffaCakes118

Files

3beaafd89bc7e237f71bd27a42177360_JaffaCakes118
.exe windows:5 windows x86 arch:x86

f628db8a887e9b6d5f2d44274d4d214f

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

K:\YfvevbeYv\LnyzchhuxvhxXw\eUSWwBidvg\mohHbEOrvzEqpw.pdb

Imports

comdlg32

GetSaveFileNameA
ChooseFontW
ReplaceTextW
GetOpenFileNameW

kernel32

CopyFileA
MoveFileExW
FindResourceA
lstrlenW
HeapLock
GetThreadTimes
GlobalFlags
CloseHandle
FindClose
HeapAlloc
GetCommModemStatus
WaitForMultipleObjects
GetVersionExW
SetFileAttributesW
MulDiv
CreateWaitableTimerW
GetOEMCP
Sleep
FindResourceW
WaitForSingleObjectEx
GetFileTime
GetComputerNameA
LocalSize
TransactNamedPipe
lstrcatA
DeleteCriticalSection
RaiseException
GlobalUnlock
GlobalGetAtomNameA
QueryDosDeviceW
AddAtomW
CreatePipe
CreateDirectoryW
FileTimeToDosDateTime
SetErrorMode
HeapFree
GlobalMemoryStatus
SetEndOfFile
GetBinaryTypeW
ConvertDefaultLocale
LoadResource
ReleaseSemaphore
VerSetConditionMask
CreateFileMappingA
GetSystemDirectoryA
MoveFileExA
GetCompressedFileSizeW
GetCommTimeouts
GetProcessHeap
GlobalAlloc
FreeResource
FindFirstFileA
DuplicateHandle
FileTimeToLocalFileTime
HeapReAlloc

user32

DrawFocusRect
GetWindowTextA
BeginDeferWindowPos
ShowScrollBar
FindWindowW
UnloadKeyboardLayout
OpenInputDesktop
CopyRect
CallWindowProcA
wsprintfA
InSendMessageEx
IsCharAlphaNumericW
CreateWindowExA
GetClassInfoW
MonitorFromPoint
AllowSetForegroundWindow
GetMessageW
CharNextA
InsertMenuItemW
CreateDialogParamW
MapVirtualKeyA
DrawTextA
GetKeyboardType
SetUserObjectInformationW
SetCursorPos
RegisterClassExW
mouse_event
GetClassLongW
CreateMenu
OemToCharBuffA
DestroyIcon
CharUpperW
CopyAcceleratorTableW
UpdateWindow
IsIconic
GetParent
DefFrameProcW
SetForegroundWindow
GrayStringW
IsRectEmpty
MessageBoxA
wvsprintfA
ChildWindowFromPointEx
GetScrollRange
GetUpdateRgn
SetMenu
CreateAcceleratorTableW
wvsprintfW
GetWindowTextW
CharToOemA
SetParent
SetDlgItemTextW
DestroyMenu
DefFrameProcA
VkKeyScanW
CharToOemBuffA
UnionRect
ShowOwnedPopups
AppendMenuA
LockWindowUpdate
LoadStringW
SendNotifyMessageW
LoadBitmapA
GetKeyboardLayout
SendMessageTimeoutA
GetMenuItemRect
GetUserObjectInformationW
DrawTextExW
DrawIconEx
DialogBoxParamW
GetMenuCheckMarkDimensions
InvertRect
MapWindowPoints
FrameRect
DeleteMenu
GetMenuStringW
MonitorFromRect
DrawIcon
GetMenuStringA
ShowCursor
CharToOemW
ScrollWindowEx
GetSystemMenu
ShowCaret
WaitForInputIdle
CreateIconFromResource
SetCursor
BringWindowToTop
TileWindows
EndTask
CreateCursor
MapDialogRect
TabbedTextOutW
SwitchToThisWindow
GetMessageA
IsDialogMessageA
GetMenuState
CheckMenuItem
RegisterWindowMessageW
GetIconInfo
DestroyAcceleratorTable
GetWindowTextLengthW
GetActiveWindow
keybd_event
TrackPopupMenu
DrawEdge
PeekMessageA
InternalGetWindowText

msvcrt

_controlfp
strtoul
puts
wcsncmp
wcsncpy
__set_app_type
strncmp
wcsrchr
getc
mktime
__p__fmode
__p__commode
_amsg_exit
mbstowcs
_initterm
setlocale
atoi
fseek
_ismbblead
_XcptFilter
fread
wcstoul
wcsstr
setvbuf
_exit
printf
isspace
localtime
wcstol
wcslen
_cexit
__setusermatherr
mbtowc
fwrite
__getmainargs
atol
bsearch
islower
strcspn
sprintf
isdigit
sscanf
swscanf
srand

comctl32

CreateToolbarEx
ImageList_GetIcon
ImageList_Remove
ImageList_Draw
DestroyPropertySheetPage
CreatePropertySheetPageA

gdi32

GetMapMode
CreatePatternBrush
GetSystemPaletteUse
SetMapMode
SetViewportExtEx
CreateCompatibleBitmap
SetDIBitsToDevice
ScaleViewportExtEx
ExcludeClipRect
CreateFontIndirectW
StretchDIBits
SelectObject
CreatePen
SetTextColor
GetCharWidth32W
SetStretchBltMode
SetBitmapBits
ExtTextOutW
OffsetViewportOrgEx
EndDoc
TextOutW
CreateRoundRectRgn
SaveDC
EnumFontsW
GetSystemPaletteEntries
MoveToEx
TextOutA
OffsetRgn
GetBitmapBits
BeginPath
CreateSolidBrush
SetPaletteEntries
AddFontResourceW
GetViewportOrgEx
SetBkMode
LPtoDP
CreateHatchBrush
SelectClipRgn
GetTextExtentPoint32W
StartPage
DeleteDC
LineDDA
CreateHalftonePalette
GetNearestColor

psapi

GetProcessImageFileNameA

Exports

Exports

?GetFileNew@@YGPAHPAFPAJPAH]A
?EnumTimeNew@@YGPAEDPAIK]A
?CloseDataOriginal@@YGKGD]A
?ValidateThreadExA@@YGPAX_NPAH]A
?ShowKeyNameA@@YGHPAGM]A
?AddAppName@@YGPADI]A
?SendExpressionNew@@YGPAIPAENH]A
?IsNotFunctionExW@@YGIPAEPA_NG]A
?FreeEventEx@@YGXN]A
?DeleteDeviceExA@@YGPAKHJK]A
?SendProcessOld@@YGHGPAKE]A
?LoadWidth@@YGMPAF]A
?FindDateTimeEx@@YGXJ_N]A
?ValidateTextOriginal@@YGMEPAG]A
?LoadDirectoryExW@@YGPAEPAHPAFPAIK]A
?IsNotEventOld@@YGPAEPAFIKI]A
?CopyComponentOriginal@@YGMFK]A
?ModifyProjectEx@@YGPAHPAFPAH]A
?FindDirectoryW@@YGPAJHINPAG]A
?GetProfileEx@@YGPA_NPAMEN]A
?AddDirectoryEx@@YGIDGDE]A
?AddTask@@YGPA_NPA_NFPAE]A
?PutDateEx@@YGPAXPAJ]A
?IncrementDateExW@@YGKPAH_NFM]A
?SetTimeA@@YGKPADEH]A
?GlobalDate@@YGIFPA_NJ]A
?PointerOld@@YGEPAJHH]A
?IsValueExA@@YGXH]A
?PutFileExW@@YGPAKGPAD]A
?DecrementAppNameEx@@YGIPAJJDF]A
?CancelSystemOld@@YGPAXI]A
?FormatRectOld@@YGPAJMPANPAFM]A
?IsNotKeyboardOriginal@@YGGEPAKKJ]A

Sections

.text
Size: 193KB - Virtual size: 193KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 24KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f628db8a887e9b6d5f2d44274d4d214f

Headers

File Characteristics

PDB Paths

Imports

comdlg32

kernel32

user32

msvcrt

comctl32

gdi32

psapi

Exports

Exports

Sections

.text Size: 193KB - Virtual size: 193KB

.data Size: 24KB - Virtual size: 23KB

.rsrc Size: 512B - Virtual size: 16B

.reloc Size: 2KB - Virtual size: 1KB

.text
Size: 193KB - Virtual size: 193KB

.data
Size: 24KB - Virtual size: 23KB

.rsrc
Size: 512B - Virtual size: 16B

.reloc
Size: 2KB - Virtual size: 1KB