41066b6237f993ee01b42bbc08db67b1_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

41066b6237f993ee01b42bbc08db67b1_JaffaCakes118
Size

143KB
MD5

41066b6237f993ee01b42bbc08db67b1
SHA1

9ac0d606583a8ac66711b13b7a954844ccb4a065
SHA256

7bba585f2d345f42844e5493f5c2434d66e8ed1a24c3fcfc774eb043e892cd7c
SHA512

49efa31a3a337be79a9afa899eb5c0898ff3d63e35fb35b5d6d535e8ccbe6136b57a5fbcb9f98b0bdefbbcac9e5c4f304b7a44b83966ea8e40df9bab545a9905
SSDEEP

3072:L3WpmI43YP7bLdux8Lgnc/LnDb9EP3u75yOZyg:rWpmZITbLD/LnSy5

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
41066b6237f993ee01b42bbc08db67b1_JaffaCakes118

Files

41066b6237f993ee01b42bbc08db67b1_JaffaCakes118
.exe windows:5 windows x86 arch:x86

dc02b007b2400dfedd382ebf90581d8e

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

D:\rseVyhb\mxoyKni\hmUoiuwn.pdb

Imports

user32

MapWindowPoints
LockWindowUpdate
GetCursorPos
GetMenu
GetActiveWindow
IsMenu
GetNextDlgGroupItem
SetWindowRgn
OffsetRect
OpenInputDesktop
RegisterClassA
ShowScrollBar
GetAsyncKeyState
keybd_event
IsCharAlphaNumericW
GetSubMenu
BringWindowToTop
GetWindowTextW
GetCaretPos
SetSysColors
RemoveMenu
TranslateAcceleratorA
CopyRect
GetMonitorInfoW
MonitorFromRect
DrawTextA
DeleteMenu
RegisterHotKey
GetMessageW
PostMessageA
UnloadKeyboardLayout
InsertMenuW
WindowFromPoint
GetClassLongW
ReleaseDC
ArrangeIconicWindows
SetRectEmpty
IsWindowEnabled
GetClassInfoExA
GetShellWindow
SetActiveWindow
CharNextExA
DestroyAcceleratorTable
SwitchToThisWindow
LoadBitmapA
SystemParametersInfoW
VkKeyScanW
SetUserObjectInformationW
GetWindowLongW
GetFocus
DrawAnimatedRects
DefWindowProcW
SetMenuItemInfoW
SendMessageTimeoutA
GetKeyboardLayoutNameW
GetMessageExtraInfo
GetDialogBaseUnits
ActivateKeyboardLayout
RemovePropW
SendInput
CallWindowProcA
FindWindowA
GetDlgItemInt
GetDlgItemTextA
SendDlgItemMessageA
InSendMessageEx
EndPaint
SetWindowTextA
CharLowerA
RegisterClassExA
GetDlgItem
SetCursorPos
GetScrollRange
GetMessagePos
WaitForInputIdle
GetScrollInfo
DrawStateA
GetUpdateRgn
InvalidateRgn
GetUserObjectInformationW
SetDlgItemInt
LoadIconW
DestroyCursor
LoadMenuA
DrawIconEx
DrawFocusRect
CharLowerW
GetMenuState
AllowSetForegroundWindow
EnableWindow
GetClassInfoA
AdjustWindowRectEx
SetWindowPos
SetTimer
IsZoomed
CreatePopupMenu
GetWindowPlacement
GetClassLongA
ShowWindow
GetKeyState
ClipCursor
CheckRadioButton
DialogBoxParamW
CreateWindowExW
CreateMenu
RegisterWindowMessageW
InflateRect
HideCaret
IsRectEmpty
CreateWindowExA
PeekMessageA
SetPropW
ShowWindowAsync
SendNotifyMessageW
MapVirtualKeyExW
DialogBoxParamA
PostThreadMessageW
EnableScrollBar
TrackPopupMenuEx
ValidateRect
FrameRect

shlwapi

PathIsUNCA

msvcrt

fprintf
fflush
strpbrk
fseek
wcscat
gets
strrchr
bsearch
towupper
_controlfp
printf
isspace
isupper
swscanf
__set_app_type
wcsrchr
fputs
calloc
time
perror
__p__fmode
__p__commode
_amsg_exit
strncmp
iswctype
free
malloc
wcstoul
wcspbrk
strncpy
mbtowc
_initterm
_ismbblead
strchr
_XcptFilter
getc
strtok
memset
atol
wcstod
puts
_exit
ungetc
_cexit
wcscoll
__setusermatherr
__getmainargs
getenv
strspn

comdlg32

GetOpenFileNameW
GetSaveFileNameW
ChooseColorW
ChooseFontW

kernel32

GetOverlappedResult
OpenFileMappingA
IsBadReadPtr
LoadLibraryExA
ResetEvent
SetSystemTimeAdjustment
lstrlenW
lstrcpyA
HeapValidate
FormatMessageW
SetTimerQueueTimer
CreateSemaphoreW
HeapAlloc
GetThreadTimes
TerminateThread
EnumResourceNamesA
GetCommState
GetWindowsDirectoryA
LockFile
GetLastError
GetAtomNameW
CloseHandle
CreateFileMappingW
GetFileAttributesW
MapViewOfFile
SetLocalTime
GetNumberFormatA
GetFullPathNameW
SetThreadExecutionState
lstrcpynW
GetFileTime
GetFileType
GlobalDeleteAtom
FlushFileBuffers
GetLocaleInfoA
SearchPathA
SetPriorityClass
GetSystemDirectoryA
CreateFileMappingA
OpenFile
TlsFree
GetUserDefaultUILanguage
GetCompressedFileSizeW
CreateNamedPipeA
GlobalMemoryStatusEx
CreateFileA
ConvertDefaultLocale
EnumResourceLanguagesA
GetPriorityClass
HeapFree
IsValidLanguageGroup
HeapWalk
WriteFile
GetFileAttributesExA
EnumSystemLocalesA

Exports

Exports

?ForwardControlItem@@YGK_KK:O

Sections

.text
Size: 22KB - Virtual size: 21KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.ips1
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ips2
Size: 512B - Virtual size: 88B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.read
Size: 512B - Virtual size: 123KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.ips3
Size: 1024B - Virtual size: 704B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ips4
Size: 31KB - Virtual size: 31KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 76KB - Virtual size: 75KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

dc02b007b2400dfedd382ebf90581d8e

Headers

File Characteristics

PDB Paths

Imports

user32

shlwapi

msvcrt

comdlg32

kernel32

Exports

Exports

Sections

.text Size: 22KB - Virtual size: 21KB

.ips1 Size: 6KB - Virtual size: 5KB

.ips2 Size: 512B - Virtual size: 88B

.read Size: 512B - Virtual size: 123KB

.ips3 Size: 1024B - Virtual size: 704B

.data Size: 3KB - Virtual size: 2KB

.ips4 Size: 31KB - Virtual size: 31KB

.rsrc Size: 76KB - Virtual size: 75KB

.reloc Size: 2KB - Virtual size: 1KB

.text
Size: 22KB - Virtual size: 21KB

.ips1
Size: 6KB - Virtual size: 5KB

.ips2
Size: 512B - Virtual size: 88B

.read
Size: 512B - Virtual size: 123KB

.ips3
Size: 1024B - Virtual size: 704B

.data
Size: 3KB - Virtual size: 2KB

.ips4
Size: 31KB - Virtual size: 31KB

.rsrc
Size: 76KB - Virtual size: 75KB

.reloc
Size: 2KB - Virtual size: 1KB