40f45ef4424498fb9df7ec8efb5b9c9d_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

40f45ef4424498fb9df7ec8efb5b9c9d_JaffaCakes118
Size

158KB
MD5

40f45ef4424498fb9df7ec8efb5b9c9d
SHA1

dfbdd7ac3a737206c7faa3c7690efd2bc8cbadcd
SHA256

36dc45dee89b6df9eb0b40c640c7fad66ea97a359615cdd3210913a791ea7c42
SHA512

ff4b6e4e61883e0e8a28fe6249ed0f23b81a3c90ffa059313dcc7e29f7698fc2cbbe313c13815ef0491c08d2c63f33b362f941c409cefd5cd0cf40c0643a1a24
SSDEEP

3072:NoQDs0eyO2n5S/vy+qawEj2YtvixPhdjJLuf7WIhpzi21:mqHQ/vfRjJix/d6fBi21

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
40f45ef4424498fb9df7ec8efb5b9c9d_JaffaCakes118

Files

40f45ef4424498fb9df7ec8efb5b9c9d_JaffaCakes118
.exe windows:5 windows x86 arch:x86

488922af77a7bb8f428e8b98bac8308b

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

M:\hZpryhYpewx\KBpeuKWkv\dykoyywlxQ\zhyrwaHXXfg\zezazqaJufxvn.pdb

Imports

user32

ShowWindowAsync
IsCharUpperA
LoadBitmapW
GetMenu
PostQuitMessage
SendMessageTimeoutW
WaitForInputIdle
ShowCursor
InternalGetWindowText
FindWindowExA
wsprintfA
EqualRect
OpenDesktopW
IsWindowVisible
GetDlgItemTextW
IsCharLowerA
FindWindowExW
SetScrollPos
RegisterClassExA
DrawMenuBar
wsprintfW
CharUpperBuffW
AdjustWindowRectEx
GetClassLongA
EnableScrollBar
CreateAcceleratorTableW
ModifyMenuW
SetRectEmpty
SetDlgItemTextW
RemovePropW
GetForegroundWindow
MessageBoxA
IsDialogMessageW
CreateCaret
wvsprintfA
IsWindowEnabled
IsCharAlphaW
IsRectEmpty
SetWindowLongA
GetKeyNameTextW
GetMenuCheckMarkDimensions
SendInput
DrawTextExW

gdi32

GetDeviceCaps
SetDIBitsToDevice
GetCharWidth32W
SetBkMode
Ellipse
CreateCompatibleDC
GetStockObject
CreateCompatibleBitmap
ResizePalette
SetAbortProc
RectInRegion
SetViewportExtEx
GetBitmapBits
RestoreDC
GetTextExtentPoint32A
TranslateCharsetInfo
CreateBitmap
PathToRegion

kernel32

SetEndOfFile
GlobalLock
SizeofResource
MoveFileA
SetFileAttributesA
WaitForMultipleObjectsEx
HeapAlloc
SetHandleCount
IsBadWritePtr
GetProcessHeap
PulseEvent
GlobalMemoryStatusEx
LoadLibraryW
DeleteFileA
FindResourceExA
RaiseException
GetModuleHandleW
GetSystemDirectoryA
HeapFree
CreateMutexA
SetLastError
ConnectNamedPipe
FindResourceW
LoadLibraryExA

shlwapi

StrToIntA
PathRemoveBlanksW
StrNCatA

comdlg32

GetOpenFileNameA
GetFileTitleW
ChooseFontW
GetOpenFileNameW

msvcrt

_controlfp
__set_app_type
__p__fmode
__p__commode
getc
printf
strcspn
_amsg_exit
_initterm
_acmdln
exit
wcstod
_ismbblead
_XcptFilter
gets
_exit
malloc
setvbuf
_cexit
__setusermatherr
wcscpy
isprint
system
__getmainargs
strncpy
sprintf
strtoul

comctl32

CreatePropertySheetPageW
ImageList_Destroy
ImageList_GetIcon

Exports

Exports

?SetConfig@@YGXH*Z
?GlobalPenExA@@YGXPAJE*Z
?RemoveDataW@@YGMPAHPAI*Z
?InvalidateFileExA@@YGHPA_N*Z
?ValidateDate@@YGHDPAJ*Z
?IsNotDirectoryOriginal@@YGJPAI*Z
?Argument@@YGFPAINPAK*Z
?AddExpressionNew@@YGPAHPAM*Z
?KillConfig@@YGFH*Z
?IncrementSectionW@@YGPANDPAKPAH*Z

Sections

.text
Size: 129KB - Virtual size: 128KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.ditxt
Size: 1024B - Virtual size: 516B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.dbug
Size: 512B - Virtual size: 28B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.dimp
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.dbg
Size: 512B - Virtual size: 90B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.dvr
Size: 512B - Virtual size: 140B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.dpt
Size: 1024B - Virtual size: 823B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.dcode
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 71KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

488922af77a7bb8f428e8b98bac8308b

Headers

File Characteristics

PDB Paths

Imports

user32

gdi32

kernel32

shlwapi

comdlg32

msvcrt

comctl32

Exports

Exports

Sections

.text Size: 129KB - Virtual size: 128KB

.ditxt Size: 1024B - Virtual size: 516B

.dbug Size: 512B - Virtual size: 28B

.dimp Size: 3KB - Virtual size: 2KB

.dbg Size: 512B - Virtual size: 90B

.dvr Size: 512B - Virtual size: 140B

.dpt Size: 1024B - Virtual size: 823B

.dcode Size: 12KB - Virtual size: 12KB

.data Size: 2KB - Virtual size: 71KB

.rsrc Size: 6KB - Virtual size: 5KB

.reloc Size: 2KB - Virtual size: 1KB

.text
Size: 129KB - Virtual size: 128KB

.ditxt
Size: 1024B - Virtual size: 516B

.dbug
Size: 512B - Virtual size: 28B

.dimp
Size: 3KB - Virtual size: 2KB

.dbg
Size: 512B - Virtual size: 90B

.dvr
Size: 512B - Virtual size: 140B

.dpt
Size: 1024B - Virtual size: 823B

.dcode
Size: 12KB - Virtual size: 12KB

.data
Size: 2KB - Virtual size: 71KB

.rsrc
Size: 6KB - Virtual size: 5KB

.reloc
Size: 2KB - Virtual size: 1KB