3fb1c8cf22ccaae12c5e2c359353644a_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

3fb1c8cf22ccaae12c5e2c359353644a_JaffaCakes118
Size

218KB
MD5

3fb1c8cf22ccaae12c5e2c359353644a
SHA1

eb903395c492b5bac8597cdf9508e11c6e8126f3
SHA256

bb67d221354060d47459f99c8d8dde1232eae26f3d96a88c847eef428c62e7ec
SHA512

75d0f5671bc72d2e3d079f46f3eb98a6182c8e5a7310b5f3938b4622ecd5d40275ef17ec9f247cf5bbec27b150db0c215f2180f869e4e178dba16b3e796e8ae5
SSDEEP

6144:tXJsTI1ykVzCbaOrobTf+nFZgCMs6IiTrJ5oHdYJgRCuvI5:t5EkVGbaOrov6kIDH8Dv5

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3fb1c8cf22ccaae12c5e2c359353644a_JaffaCakes118

Files

3fb1c8cf22ccaae12c5e2c359353644a_JaffaCakes118
.dll windows:5 windows x86 arch:x86

fdcc49c17a6a3c139d781e8c480e2b4b

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

T:\ruHzVeYUdqe\bqpNUhictparha\YTabwdccy\DjiIvaXlmBJ\pmZJSStjuWij.pdb

Imports

msvcrt

mktime
strcoll
islower
wcstok
iswxdigit
_controlfp
fclose
__set_app_type
wcstod
wcsstr
getenv
wcscspn
atol
isprint
strpbrk
srand
__p__fmode
__p__commode
fread
mbtowc
_amsg_exit
wcscoll
puts
towlower
_initterm
_acmdln
exit
_ismbblead
wcschr
_XcptFilter
wcscmp
wcslen
time
_exit
gets
toupper
swscanf
_cexit
strncmp
ungetc
wcsncmp
isspace
tolower
__setusermatherr
floor
__getmainargs

kernel32

IsDBCSLeadByteEx
FindCloseChangeNotification
GetSystemDirectoryW
CreateFileMappingA
CreateWaitableTimerW
VirtualProtect
CallNamedPipeW
GetCommState
WaitForMultipleObjects
CloseHandle
GetCompressedFileSizeW
lstrlenA
SetupComm
GetSystemDefaultUILanguage
HeapCreate
CreateFileMappingW
lstrlenW
GetCurrentThread
ReadConsoleInputA
WaitCommEvent
GetSystemWindowsDirectoryA
FoldStringW
GetFileSize
IsValidLanguageGroup
QueryPerformanceCounter
CompareStringW
GetTempPathA
MulDiv
QueryDosDeviceW
GetShortPathNameW
GlobalCompact
WriteFile
IsBadStringPtrW
GetCurrentProcessId
CreateWaitableTimerA
SizeofResource
FindResourceW
DeleteFileW
GlobalFlags
FreeLibrary
SetThreadPriority
IsValidLocale
SetNamedPipeHandleState
TlsGetValue
GetStringTypeExW
GetComputerNameExW
LCMapStringW
lstrcpyW
HeapUnlock
MoveFileExW
FindFirstFileA
SearchPathA

gdi32

SaveDC
GetCharWidth32W
SetDIBColorTable
RemoveFontResourceW
GetDIBColorTable
PtVisible
UnrealizeObject
GetCurrentObject
EndPath
SetBkColor
MoveToEx
GetTextExtentPointW
CreatePalette
EndPage
SetROP2
RestoreDC
ExcludeClipRect
GetTextExtentPoint32A
CreatePen
SetBkMode
Escape
GetDeviceCaps
StretchDIBits
RectInRegion
ExtTextOutW
SelectClipRgn
TextOutW
Rectangle
PatBlt
IntersectClipRect
ExtFloodFill
CreateRectRgnIndirect
SetPaletteEntries
GetViewportOrgEx
SetPixel
CreateBitmap
FillRgn
LPtoDP
GetPaletteEntries
CreateRoundRectRgn
DeleteDC
EnumFontFamiliesW
GetBkMode
PathToRegion
ExtTextOutA
SetWindowOrgEx

user32

KillTimer
CreateWindowExA
SetWindowTextA
EndTask
CreateCaret
CreateDialogParamW
DeferWindowPos
RegisterClassW
CharPrevW
GetCaretPos
GetSubMenu
GetDialogBaseUnits
CreatePopupMenu
DrawTextW
GetWindowTextLengthW
MapVirtualKeyExW
GetFocus
ShowWindow
IsIconic
CascadeWindows
CharToOemBuffA
ClipCursor
IsCharAlphaW
SetMenuItemBitmaps
RegisterClassExA
GetMenuStringW
GetClassNameW
DestroyCaret
GetMessageW
RemoveMenu
ToUnicodeEx
ShowScrollBar
ValidateRect
IsMenu
IsCharAlphaNumericW
InternalGetWindowText
SetClassLongW
SetWindowTextW
PeekMessageW
SetFocus
CharNextExA
SetWindowLongW
IsDlgButtonChecked
SetTimer
InsertMenuItemW
CopyRect
CreateDialogIndirectParamW
CreateCursor
AppendMenuW
GetDlgItem
LoadCursorW
GetKeyboardLayout
GetScrollRange
ClientToScreen
GetKeyState
GetClassInfoA
LoadIconA
GetMessagePos
AdjustWindowRect
CheckRadioButton
SetScrollInfo
CharUpperBuffW
SetParent
VkKeyScanW
GetScrollPos
IsZoomed
SendDlgItemMessageW
LoadMenuW
EnumChildWindows
DrawMenuBar
SetForegroundWindow
AdjustWindowRectEx
SystemParametersInfoA
UnloadKeyboardLayout
IsCharLowerA
CharPrevA
GetMessageTime
GetAsyncKeyState
DefWindowProcW
GetClassLongW
CharNextA
SetDlgItemInt
PostQuitMessage
GetDlgItemInt
LookupIconIdFromDirectory
GetClassInfoExW
ExitWindowsEx
GetShellWindow
GetMenuItemInfoW
EnableMenuItem
TileWindows
CharUpperA
LoadIconW
GetWindowTextW
GetNextDlgGroupItem
SendNotifyMessageW
MapWindowPoints
CheckMenuRadioItem
ChildWindowFromPointEx
RemovePropW
MessageBoxExA
SetCursor
GetMenuItemRect
CreateMenu
TranslateMessage
IsChild
GetWindowLongA
GetSystemMenu
RegisterWindowMessageA
CallWindowProcA

Exports

Exports

?CancelStateA@@YGKIF&U
?IsProviderEx@@YGKN&U
?InstallHeightA@@YGMKEPAKG&U
?RemoveDialogA@@YGDPAFMI&U
?RtlKeyName@@YGXGFF&U
?FormatStateExA@@YGPAGJPAJDE&U
?CallData@@YGPAHPAHH&U
?ModifyPenEx@@YGPAHPAIHPAMI&U
?LoadProject@@YGKPAMG&U
?SendTextExA@@YGPADKGGPAI&U
?CloseNameExA@@YGIPAMHPAJD&U
?RtlKeyNameOriginal@@YGPAMPAMI&U
?ModifyMediaTypeA@@YGDHFH&U
?FreeFolderPathExA@@YG_NPAG_NPAKN&U
?IncrementRectNew@@YGFH&U
?HideRectA@@YGXJFPAJPAI&U
?SendMutantExW@@YGMM_NJPAH&U
?GetSectionA@@YGPAIGPAG&U
?DeleteTextW@@YGPAMJPAH&U
?EnumHeader@@YGPAE_NJMPAF&U
?CopyProfileOriginal@@YGMPAEPAD&U
?GlobalWindowOld@@YGDPADPAEHN&U
?CopyClassExW@@YGXM&U
?InsertCharOriginal@@YGKJ&U
?GlobalFullNameOriginal@@YGKJPADPA_N&U
?InsertCommandLineExW@@YGPAMGI&U
?CancelScreenExA@@YGMD&U
?CallKeyNameW@@YGPAXEPANH&U
?CallRectOriginal@@YGNJJM&U
?LoadDateNew@@YGPAKPAKPAEJPAD&U
?DecrementProviderExW@@YGKI&U
?ModifyPointEx@@YGPAGEE&U
?EnumVersionEx@@YGMDJFPAM&U
?InsertCharNew@@YGGEPAHH&U
?ModifyFolderEx@@YGJMPAHD&U
?KillExpressionOriginal@@YGXHPAKIG&U

Sections

.text
Size: 71KB - Virtual size: 71KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.imdat
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.edata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.vars3
Size: 512B - Virtual size: 32B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 6KB - Virtual size: 71KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 120KB - Virtual size: 120KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

fdcc49c17a6a3c139d781e8c480e2b4b

Headers

File Characteristics

PDB Paths

Imports

msvcrt

kernel32

gdi32

user32

Exports

Exports

Sections

.text Size: 71KB - Virtual size: 71KB

.imdat Size: 1KB - Virtual size: 1KB

.edata Size: 1KB - Virtual size: 1KB

.vars3 Size: 512B - Virtual size: 32B

.data Size: 13KB - Virtual size: 13KB

.rdata Size: 6KB - Virtual size: 71KB

.rsrc Size: 120KB - Virtual size: 120KB

.reloc Size: 2KB - Virtual size: 1KB

.text
Size: 71KB - Virtual size: 71KB

.imdat
Size: 1KB - Virtual size: 1KB

.edata
Size: 1KB - Virtual size: 1KB

.vars3
Size: 512B - Virtual size: 32B

.data
Size: 13KB - Virtual size: 13KB

.rdata
Size: 6KB - Virtual size: 71KB

.rsrc
Size: 120KB - Virtual size: 120KB

.reloc
Size: 2KB - Virtual size: 1KB