41b25ae2f6720e53c70ccff4436d7088_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

41b25ae2f6720e53c70ccff4436d7088_JaffaCakes118
Size

207KB
MD5

41b25ae2f6720e53c70ccff4436d7088
SHA1

4d69665aebde7cf993a51a6a0f367c51a92b6c16
SHA256

3270029a67c0b8e4d4e2db866ef4f239fbcb0f9dc8dcb0ae11df4b42b0bcabd3
SHA512

332ed0034e82045d960bdbf200f04c9ecb5c2d0213e92138306808480fc70fcfced07f1b3667b77f511dff23d1e39429c156f95f850a239a9db4ea9d565467fa
SSDEEP

6144:PVChev67PaQZz9KLe56JK54ZdO3LXgYo+J:dAiQZz9ye54KaHO7wWJ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
41b25ae2f6720e53c70ccff4436d7088_JaffaCakes118

Files

41b25ae2f6720e53c70ccff4436d7088_JaffaCakes118
.exe windows:5 windows x86 arch:x86

fbb61b198c827ba931b5a007d0b3f6ef

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

N:\vrzrBtvruxqjr\xvDvtumgxspr\AuYsdpGlwjp.pdb

Imports

gdi32

GetBkMode
GetPixel
CreateBitmap
CreateDIBitmap
BitBlt
CreateRoundRectRgn
ResizePalette
GetTextMetricsW
RectInRegion
CreateFontW
EndDoc
ExtFloodFill
AddFontResourceW
CreatePatternBrush
Polygon
StartPage
LineTo
CreatePolygonRgn
TranslateCharsetInfo
GetTextFaceW
StretchBlt
CreateFontIndirectW
GetTextExtentPointW
SetMapMode
CombineRgn
GetTextCharsetInfo
GetTextColor
CreateCompatibleDC
CreateSolidBrush
GetDIBits
GetStockObject
EnumFontFamiliesW
MoveToEx
CreateRectRgn
RectVisible
SelectClipRgn
GetPaletteEntries
SaveDC
CreatePenIndirect
GetTextExtentPointA
SetViewportOrgEx
SetBrushOrgEx
GetSystemPaletteEntries
SetTextColor
ScaleViewportExtEx
SetAbortProc
BeginPath
SetBkMode
LPtoDP
SelectObject
SetWindowExtEx
GetTextExtentPoint32W
GetMapMode

msvcrt

perror
iswxdigit
_controlfp
isxdigit
sprintf
strtoul
malloc
wcstod
__set_app_type
__p__fmode
wcstol
realloc
getenv
__p__commode
strncmp
mktime
putchar
_amsg_exit
wcslen
tolower
wcscspn
wcstombs
islower
swscanf
_initterm
_acmdln
puts
vswprintf
atol
strpbrk
exit
clearerr
ftell
_ismbblead
iswspace
memset
strspn
isdigit
iswctype
iswalpha
wcscat
isprint
_XcptFilter
_exit
_cexit
isalpha
__setusermatherr
isspace
__getmainargs
fseek
getc

user32

MonitorFromPoint
IsWindowEnabled
GetWindowPlacement
SetMenuItemBitmaps
SetWindowTextW
ShowCursor
GetClassInfoExA
ShowCaret
RegisterClassA
ActivateKeyboardLayout
PtInRect
EnableScrollBar
FindWindowW
HiliteMenuItem
OemToCharA
IsChild
LoadImageW
InvalidateRect
ChangeMenuW
AllowSetForegroundWindow
LoadIconW
SetMenuItemInfoW
DrawEdge
SetTimer
GetMessageA
ReleaseDC
KillTimer
LoadAcceleratorsA
GetDCEx
GetCaretPos
GetDlgItemInt
CharNextA
GetMenuCheckMarkDimensions
WaitForInputIdle
DestroyMenu
InsertMenuItemW
BringWindowToTop
WindowFromPoint
SendMessageTimeoutW
GetKeyboardLayoutList
MessageBoxExW
GetClassInfoA
AttachThreadInput
GetClassLongA
UnionRect
CharNextExA
GetWindowTextA
GetNextDlgGroupItem
GetFocus
RegisterClassExA
CharToOemBuffA
IsWindow
OpenInputDesktop
IsMenu
CharToOemA
GetMessageExtraInfo
RegisterWindowMessageW
LoadIconA
IsDialogMessageA
MonitorFromRect
AppendMenuA
DestroyIcon
FindWindowExW
ValidateRect
PostQuitMessage
LoadMenuW
IsIconic
ToUnicodeEx
IsRectEmpty
GetDlgItemTextA
GetParent
ShowOwnedPopups
GetMessagePos
FindWindowExA
ScrollWindow
SetLastErrorEx
GetNextDlgTabItem
SetForegroundWindow
SendMessageTimeoutA
TranslateAcceleratorW
GetWindowDC
GetActiveWindow
LoadImageA
GetUpdateRect
MessageBoxExA
DrawMenuBar
DrawFocusRect
SendMessageA
ScrollWindowEx
SetRect
GetSubMenu
SetCursor
RegisterClassW
GetSystemMetrics
wsprintfW
PostMessageA
GetWindow
GetMenuStringA
SetCursorPos
ShowWindowAsync
MoveWindow
InvertRect
UnloadKeyboardLayout
DialogBoxParamW
SetScrollRange
wsprintfA
CreateCaret
DefFrameProcA
OffsetRect
BeginPaint
GetClientRect
IsDialogMessageW
GetLastActivePopup
DestroyAcceleratorTable
GetMonitorInfoW
LoadCursorA
VkKeyScanW
AppendMenuW
ScreenToClient
SetWindowPos
GetDlgCtrlID
GetMenuItemRect
GetScrollPos
AdjustWindowRect
BeginDeferWindowPos
SendDlgItemMessageA
DialogBoxParamA
UpdateWindow
EqualRect
DefWindowProcA
OemToCharBuffA

comdlg32

CommDlgExtendedError
GetSaveFileNameW
GetFileTitleW
GetOpenFileNameA
ChooseColorW

kernel32

GetAtomNameW
lstrcatA
Sleep
ExitThread
CompareStringW
GetUserDefaultLCID
GetThreadPriority
GetComputerNameA
GlobalSize
SetPriorityClass
GetModuleHandleA
lstrcpynA
GlobalFindAtomW
LeaveCriticalSection
OpenEventA
GetShortPathNameW
SetFileAttributesA
FormatMessageW
ResumeThread
GlobalFlags
GetNumberFormatW
GlobalHandle
GetCommModemStatus
ReadFile
MultiByteToWideChar
ResetEvent
FreeLibrary
SetFileTime
lstrcmpiW
GlobalAlloc
ConvertDefaultLocale
GetOEMCP
MulDiv
LocalLock
TlsSetValue
GetSystemDefaultUILanguage
TransactNamedPipe
GetFileInformationByHandle
GlobalAddAtomW
GetTimeFormatW
IsValidLanguageGroup
GetLocalTime
lstrcmpiA
LCMapStringW
GetBinaryTypeA
SetFileAttributesW
ClearCommError
CreateNamedPipeW
LoadLibraryA
LoadLibraryW
VirtualAlloc
GetModuleFileNameA
GetSystemDefaultLangID
CreateDirectoryW
DefineDosDeviceW
SystemTimeToFileTime
GetStdHandle
DeleteAtom
SuspendThread
SetThreadAffinityMask

Exports

Exports

?EnumFolderOriginal@@IJPA_NPAKKPAIG@X
?InvalidateProcessOriginal@@IJEPAEHPAHD@X
?IsNotVersionA@@IJHPAKJPAG@X
?IsKeyboardEx@@IJEPANPA_NPAE@X

Sections

.text
Size: 124KB - Virtual size: 124KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.import
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.cfg1
Size: 512B - Virtual size: 44B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pcode
Size: 13KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.cfg2
Size: 512B - Virtual size: 44B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.cfg3
Size: 512B - Virtual size: 386B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 55KB - Virtual size: 54KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

fbb61b198c827ba931b5a007d0b3f6ef

Headers

File Characteristics

PDB Paths

Imports

gdi32

msvcrt

user32

comdlg32

kernel32

Exports

Exports

Sections

.text Size: 124KB - Virtual size: 124KB

.import Size: 1KB - Virtual size: 1KB

.rdata Size: 6KB - Virtual size: 6KB

.cfg1 Size: 512B - Virtual size: 44B

.pcode Size: 13KB - Virtual size: 12KB

.cfg2 Size: 512B - Virtual size: 44B

.cfg3 Size: 512B - Virtual size: 386B

.data Size: 2KB - Virtual size: 4KB

.rsrc Size: 55KB - Virtual size: 54KB

.reloc Size: 2KB - Virtual size: 2KB

.text
Size: 124KB - Virtual size: 124KB

.import
Size: 1KB - Virtual size: 1KB

.rdata
Size: 6KB - Virtual size: 6KB

.cfg1
Size: 512B - Virtual size: 44B

.pcode
Size: 13KB - Virtual size: 12KB

.cfg2
Size: 512B - Virtual size: 44B

.cfg3
Size: 512B - Virtual size: 386B

.data
Size: 2KB - Virtual size: 4KB

.rsrc
Size: 55KB - Virtual size: 54KB

.reloc
Size: 2KB - Virtual size: 2KB