3c9ddcf261a2b29e0acec4951787ceee_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

3c9ddcf261a2b29e0acec4951787ceee_JaffaCakes118
Size

221KB
MD5

3c9ddcf261a2b29e0acec4951787ceee
SHA1

5e78c37b28917a4585c60dac93cfe20b4b5cb8d0
SHA256

5680a70fbf2f0de4a0d09765870428a8e7fa2f6f12c24210f3a5afffcee47879
SHA512

9ca12c8a7b4ffb24b90651f40faf1c71fe1da12cdbcad5a5251af49d14da589c733c92cb23419c9e8d8cffdf42d444d1aa084f43d3a3a70ab02f61c447ada223
SSDEEP

6144:ErNrriWwut/evdGOKHbdUQF8NQuex+jjqC:eheW7/Wd8HbdUQZuM

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3c9ddcf261a2b29e0acec4951787ceee_JaffaCakes118

Files

3c9ddcf261a2b29e0acec4951787ceee_JaffaCakes118
.exe windows:5 windows x86 arch:x86

5e0784f36f56e979ca6441ee0e249354

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

T:\cmAoDrmXeZE\noyyfsj\andsywq.pdb

Imports

msvcrt

_controlfp
fgetc
__set_app_type
iswdigit
__p__fmode
setlocale
srand
__p__commode
fwrite
gets
_amsg_exit
ungetc
wcstombs
getenv
_initterm
printf
_acmdln
exit
islower
bsearch
_ismbblead
strchr
swprintf
localtime
towlower
puts
wcspbrk
iswprint
towupper
malloc
_XcptFilter
strtoul
strerror
rand
strcoll
_exit
clearerr
remove
setvbuf
wcstok
mktime
_cexit
isupper
__setusermatherr
wcscpy
__getmainargs

kernel32

WriteConsoleInputW
GetSystemDefaultLangID
FlushViewOfFile
LoadLibraryW
WaitForSingleObjectEx
GetCurrentProcessId
GetWindowsDirectoryW
SetTimerQueueTimer
GetStringTypeExW
lstrcmpiA
SleepEx
SetNamedPipeHandleState
ConvertDefaultLocale
lstrcmpiW
CreateNamedPipeW
GetVersion
IsValidLanguageGroup
OpenFileMappingW
CreateFileW
GetTempPathA
GetDateFormatW
GetCommProperties
SetSystemTimeAdjustment
GetCommModemStatus
SetEvent
FindResourceExW
CloseHandle
MoveFileExW
GetShortPathNameA
OpenFile
GetAtomNameW
Sleep
HeapWalk
CreateMutexA
SearchPathA
LoadLibraryExA
HeapUnlock
FindResourceExA
GetCommTimeouts
DisconnectNamedPipe
GetFileAttributesW
SetFileAttributesA
LocalUnlock
GetCurrentProcess
GlobalHandle
CreateWaitableTimerW
SetSystemTime
CreateDirectoryA
SetCommBreak
GetTempFileNameW
lstrcpyW
GlobalSize
GetBinaryTypeA
GlobalGetAtomNameA

comdlg32

FindTextW
PrintDlgExW
PrintDlgW
ChooseColorW

user32

AppendMenuA
SetMenu
ActivateKeyboardLayout
GetWindowPlacement
RemovePropW
GetActiveWindow
PostThreadMessageW
GetWindowRect
MapVirtualKeyW
TrackPopupMenu
DialogBoxIndirectParamA
MonitorFromPoint
DestroyCaret
OffsetRect
GetFocus
ShowWindowAsync
KillTimer
OemToCharBuffA
CreateDialogParamW
GetScrollRange
CharUpperA
SetLastErrorEx
CallWindowProcA
GetDlgItemTextA
GetClipCursor
FillRect
ToUnicodeEx
FindWindowW
CreateAcceleratorTableW
IsWindowUnicode
LoadAcceleratorsW
ShowOwnedPopups
GetDlgItemInt
GetKeyState
SendInput
DialogBoxParamW
GetPropW
RegisterClassW
SetParent
CreateWindowExW
IsChild
GetSystemMenu
OpenInputDesktop
PeekMessageW
GetClassInfoA
ShowCursor
SetDlgItemInt
EnumThreadWindows
CreatePopupMenu
LookupIconIdFromDirectory
GetUserObjectInformationW
GetMenuStringW
PostMessageA
IsCharLowerA
DestroyMenu
GetUpdateRect
WindowFromPoint
CreateIconIndirect
EqualRect
InvertRect
HideCaret
DrawIconEx
CopyImage
IsCharAlphaW
ScrollWindowEx
CheckMenuRadioItem
DrawAnimatedRects
DeleteMenu
FindWindowExW
DrawIcon
LoadIconW
MapDialogRect
MapVirtualKeyA
SendMessageA
ScreenToClient
GetKeyboardLayoutList
FrameRect
GetScrollPos
LoadMenuA
SetRect
CreateIconFromResource
SetWindowLongW
DialogBoxParamA
GetTopWindow
IsZoomed
DragObject
GetNextDlgGroupItem
SendMessageTimeoutA
GetMessageW
IsIconic
GetAsyncKeyState
DefDlgProcA
SetForegroundWindow
CharLowerA
CharNextExA
RegisterWindowMessageW
CharNextA
DefWindowProcW
PostQuitMessage
GetDC
DefFrameProcW
GetForegroundWindow
SetMenuItemInfoW
CopyAcceleratorTableW
DefWindowProcA
GetKeyboardLayout
TrackPopupMenuEx
SetUserObjectInformationW
ChildWindowFromPointEx
EnableMenuItem
VkKeyScanW
GetCaretPos

gdi32

GetDIBits
CreateFontA
AddFontResourceW
EnumFontsW
SetMapMode
SetLayout
DeleteObject
CreateSolidBrush
SetStretchBltMode
SetViewportExtEx
GetObjectA
GetMapMode
PolyBezier
ExtFloodFill
CreatePalette
GetTextMetricsA
SetDIBitsToDevice
BeginPath
CreatePolygonRgn
IntersectClipRect
CreateICW
CreateBrushIndirect
CreateRoundRectRgn
EndDoc
CreatePatternBrush
RemoveFontResourceW
GetFontData
GetSystemPaletteEntries
SetPaletteEntries
GetTextAlign
EnumFontFamiliesExW
GetCharWidth32W
SetDIBits
GetDIBColorTable
Polyline
CreateDiscardableBitmap
GetObjectW
CreateFontIndirectA
CreateEllipticRgnIndirect
ExtTextOutA
CreatePenIndirect
EnumFontFamiliesW
PtInRegion
SetTextColor
SetTextAlign
CreateFontIndirectW
Escape

Exports

Exports

?AddObject@@YG_NNPAD~U
?InvalidateKeyNameEx@@YGPAFHPAE~U
?IncrementArgumentA@@YGMPAMPAJPAFG~U
?DecrementHeaderOld@@YGPAKG~U
?CloseValueExW@@YGEN~U
?GeneratePathW@@YGPADNN~U
?RtlProjectA@@YGIPAGGPAD~U
?SetRectW@@YGMNPAE~U
?CloseFileEx@@YGHHN~U
?NameW@@YGDPAIG~U
?DeleteOptionExA@@YGPAIPAJPAHPAHK~U
?PutStringEx@@YGPA_NFPAI~U
?HideTimeOld@@YGPAHMH~U
?OnTimerEx@@YGPANPADNPADPA_N~U
?CancelHeaderA@@YGHPAME~U
?RemoveDialogExA@@YGPAFEM~U
?DecrementWindowW@@YGGMPAEJK~U
?GlobalFunctionA@@YGXPAJIPAF~U
?CallThreadNew@@YGHKPAHPAH~U
?ShowAnchorOriginal@@YGKPAD~U
?ScreenA@@YGPAD_N~U
?OnSectionOriginal@@YGEPAIMPAMM~U
?LoadModuleExW@@YGPAXDEJPAE~U
?RtlFilePathOriginal@@YGHPADPAIPADPAJ~U
?HideSemaphoreW@@YGGPADGGPAJ~U
?GenerateMediaTypeOriginal@@YGIPAGPAK~U
?ShowDirectoryW@@YGJPAI_N~U
?GetDialogNew@@YGPAXMPAD~U
?CloseModuleW@@YGHJ~U
?FreeScreenExA@@YGPAIPAHPAG~U
?GlobalMutexExA@@YGPAIPA_N~U
?SetListItem@@YGPAEPAGMKPAK~U
?ModifyFunctionEx@@YGPAJG~U
?GenerateScreenNew@@YGPAFPAKPAE~U

Sections

.text
Size: 192KB - Virtual size: 191KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.tbl_i
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tbl_e
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bdat3
Size: 512B - Virtual size: 32B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bdat0
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bdat1
Size: 512B - Virtual size: 32B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bdat2
Size: 512B - Virtual size: 44B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.vptr4
Size: 512B - Virtual size: 32B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 1024B - Virtual size: 619B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

5e0784f36f56e979ca6441ee0e249354

Headers

File Characteristics

PDB Paths

Imports

msvcrt

kernel32

comdlg32

user32

gdi32

Exports

Exports

Sections

.text Size: 192KB - Virtual size: 191KB

.tbl_i Size: 1KB - Virtual size: 1KB

.tbl_e Size: 1KB - Virtual size: 1KB

.bdat3 Size: 512B - Virtual size: 32B

.bdat0 Size: 5KB - Virtual size: 5KB

.bdat1 Size: 512B - Virtual size: 32B

.bdat2 Size: 512B - Virtual size: 44B

.vptr4 Size: 512B - Virtual size: 32B

.data Size: 13KB - Virtual size: 13KB

.rdata Size: 1024B - Virtual size: 619B

.rsrc Size: 512B - Virtual size: 16B

.reloc Size: 2KB - Virtual size: 2KB

.text
Size: 192KB - Virtual size: 191KB

.tbl_i
Size: 1KB - Virtual size: 1KB

.tbl_e
Size: 1KB - Virtual size: 1KB

.bdat3
Size: 512B - Virtual size: 32B

.bdat0
Size: 5KB - Virtual size: 5KB

.bdat1
Size: 512B - Virtual size: 32B

.bdat2
Size: 512B - Virtual size: 44B

.vptr4
Size: 512B - Virtual size: 32B

.data
Size: 13KB - Virtual size: 13KB

.rdata
Size: 1024B - Virtual size: 619B

.rsrc
Size: 512B - Virtual size: 16B

.reloc
Size: 2KB - Virtual size: 2KB