3db4dc36a265dedabb809cbfc5090f44_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

3db4dc36a265dedabb809cbfc5090f44_JaffaCakes118
Size

182KB
MD5

3db4dc36a265dedabb809cbfc5090f44
SHA1

f958c5d4072f2788b3e1cc2d16a2b37f5fbb34d5
SHA256

a488e99259d89f13c246af44a18f0dddfe4c887d1702fcbfe704f0a707be4e1e
SHA512

1e224ffc7d13da7b8dd1d21876111d9a7a30c761dfd8b94cd3fdb8d526e579291ab0f78930e3c60bc982793fab4dd7f7efd6e9d248ba549d66d80e44cffa3195
SSDEEP

3072:EOVfrEfixGGP3At6TXSe+xK48f7tUyISdgOpOLTFN:EOVrgGvAtAXSeL4Q7ndgOu7

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3db4dc36a265dedabb809cbfc5090f44_JaffaCakes118

Files

3db4dc36a265dedabb809cbfc5090f44_JaffaCakes118
.exe windows:5 windows x86 arch:x86

171e0da9503ca9d3dab0e487962e1783

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

Z:\mIyoetlSe\mcCyoGqgHfojjb\GmPOlyiFzojnf\jrejmssmWvAfS.pdb

Imports

comctl32

ImageList_Write
ImageList_Create
ImageList_LoadImageW

kernel32

GetDateFormatW
HeapAlloc
EscapeCommFunction
CreateWaitableTimerA
GetFileAttributesW
FindFirstFileA
GetTempPathA
SetFileAttributesA
GetThreadLocale
GlobalSize
SetUnhandledExceptionFilter
GetNumberFormatA
HeapReAlloc
DisconnectNamedPipe
CreateFileW
AddAtomA
CreateEventA
LocalFree
GetDateFormatA
GetModuleHandleW
SetHandleCount

advapi32

OpenEventLogW

gdi32

SelectPalette
GetPixel
GetViewportOrgEx
CreatePen
StretchDIBits
CreateBitmapIndirect
GetLayout
CreateFontA
BitBlt
SelectObject
PtVisible
CreateDIBSection
CreateHalftonePalette
CreateRoundRectRgn
Rectangle
PathToRegion
GetTextCharsetInfo
CombineRgn

shlwapi

ord29
ord157

user32

DestroyAcceleratorTable
CharNextExA
VkKeyScanW
TileWindows
IsDlgButtonChecked
SetDlgItemInt
SetWindowPlacement
RegisterWindowMessageW
GetMessagePos
FindWindowW
CopyAcceleratorTableW
SetUserObjectInformationW
GetMenuItemCount
CharToOemW
IsMenu
CopyRect
DialogBoxParamA
SetPropW
GetWindowTextW
DestroyIcon
TrackPopupMenuEx
CreateIconFromResource
DrawTextW
AdjustWindowRectEx
MapVirtualKeyW
DialogBoxIndirectParamW
GetDlgItemTextW
SendMessageW
CheckDlgButton
CallWindowProcA
SendDlgItemMessageA
OpenIcon
InvalidateRect
WaitForInputIdle
FrameRect
SetMenuDefaultItem
DispatchMessageW
PostThreadMessageW
SendDlgItemMessageW
GetSystemMenu
RegisterClassA
HideCaret
GetMonitorInfoW

msvcrt

_controlfp
getc
__set_app_type
clock
__p__fmode
wcsstr
__p__commode
swscanf
_amsg_exit
ftell
_initterm
fwrite
wcstod
_acmdln
exit
fgets
_ismbblead
_XcptFilter
wcschr
tolower
_exit
wcsrchr
_cexit
__setusermatherr
__getmainargs
clearerr

Exports

Exports

?InvalidatePenNew@@YGFEGM*Z
?DeleteSystemW@@YGPA_NKFDM*Z
?SetDateA@@YGFPAKPAI*Z
?DeleteClassA@@YGXFDPADI*Z
?GenerateListA@@YGPAKPAK*Z
?AddArgumentExW@@YGKE*Z
?FreeStringExW@@YGPAKPAEPAGPAHPAN*Z
?InvalidateStateW@@YGXKHEPAJ*Z
?DecrementWindowInfoA@@YGHIKG_N*Z

Sections

.text
Size: 151KB - Virtual size: 151KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.itext
Size: 512B - Virtual size: 484B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.etdir
Size: 512B - Virtual size: 433B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.dbgdir
Size: 512B - Virtual size: 28B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.itdir
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 117KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.vtdir
Size: 512B - Virtual size: 140B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ptdir
Size: 512B - Virtual size: 140B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.stdir
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

171e0da9503ca9d3dab0e487962e1783

Headers

File Characteristics

PDB Paths

Imports

comctl32

kernel32

advapi32

gdi32

shlwapi

user32

msvcrt

Exports

Exports

Sections

.text Size: 151KB - Virtual size: 151KB

.itext Size: 512B - Virtual size: 484B

.etdir Size: 512B - Virtual size: 433B

.dbgdir Size: 512B - Virtual size: 28B

.itdir Size: 3KB - Virtual size: 2KB

.data Size: 3KB - Virtual size: 117KB

.vtdir Size: 512B - Virtual size: 140B

.ptdir Size: 512B - Virtual size: 140B

.stdir Size: 13KB - Virtual size: 13KB

.rsrc Size: 6KB - Virtual size: 6KB

.reloc Size: 1KB - Virtual size: 1KB

.text
Size: 151KB - Virtual size: 151KB

.itext
Size: 512B - Virtual size: 484B

.etdir
Size: 512B - Virtual size: 433B

.dbgdir
Size: 512B - Virtual size: 28B

.itdir
Size: 3KB - Virtual size: 2KB

.data
Size: 3KB - Virtual size: 117KB

.vtdir
Size: 512B - Virtual size: 140B

.ptdir
Size: 512B - Virtual size: 140B

.stdir
Size: 13KB - Virtual size: 13KB

.rsrc
Size: 6KB - Virtual size: 6KB

.reloc
Size: 1KB - Virtual size: 1KB