4263c5c067589bc69a7d3e2029ff9c69_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

4263c5c067589bc69a7d3e2029ff9c69_JaffaCakes118
Size

133KB
MD5

4263c5c067589bc69a7d3e2029ff9c69
SHA1

2945c990399d441d03b15e84701c85d21c1a00d4
SHA256

958a7f1f5a5128e0fefa4ae4e91582919f0033a8895277f80c1ad2d3998cc40c
SHA512

ae505d15dc828b46625f6de5ce5e1d1b6a38c5100d47dbe0db2eecf63da09da1d719c6daf1f6b91a2f99f187ef397f48fbad6bee403e0eaef55a6000b3c94c95
SSDEEP

3072:VCxRUckhaFmwPP5hj6OBmUYzlb/FnLB2+uCxsj:VBvaZ56O9ylb/Zl2ek

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4263c5c067589bc69a7d3e2029ff9c69_JaffaCakes118

Files

4263c5c067589bc69a7d3e2029ff9c69_JaffaCakes118
.exe windows:5 windows x86 arch:x86

19b2822aeeebc75a137782e5febc4d02

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

J:\nTecEnMP\dposxebrCirA\sZxtznrvjhxs\tyoyuDcqwbmeZl.pdb

Imports

user32

OpenDesktopW
CreateCaret
GetClassLongW
SwitchToThisWindow
IsCharAlphaW
CheckMenuItem
DrawFocusRect
EnumChildWindows
EnableScrollBar
AppendMenuA
wsprintfW
WaitForInputIdle
GetScrollRange
CharNextA
DragObject
RegisterWindowMessageW
SystemParametersInfoA
GetSystemMetrics
GetShellWindow
DeferWindowPos
AttachThreadInput
IsRectEmpty
GetWindowRect
CharLowerBuffW
GetFocus
CallWindowProcA
GetDialogBaseUnits
CharLowerW
SetCursorPos
IsZoomed
GetDC
MapWindowPoints
RegisterClassExW
ShowWindow
DispatchMessageA
GetSystemMenu
SetWindowTextW
DestroyWindow
SetPropW
LoadIconW
PeekMessageA
wvsprintfW
CreateIconIndirect
GetMenuItemID
LoadCursorW
UnionRect
MoveWindow
AdjustWindowRectEx
CallWindowProcW
IsChild
RegisterClassExA
SetDlgItemInt
GetWindowTextA
LoadStringW
FindWindowA
SetDlgItemTextW
GetWindowLongW
HiliteMenuItem
ActivateKeyboardLayout
RemovePropW
ChangeMenuW
EnableWindow
wsprintfA
ScreenToClient
GetPropW
GetMenuItemInfoW
OemToCharA
RegisterHotKey
InsertMenuItemW
GetIconInfo
CreateDialogIndirectParamW
LoadMenuW
GetMessageTime
GetClassNameW
GetDlgItemInt
CheckRadioButton
LookupIconIdFromDirectory
DefFrameProcW
ScrollWindow
GetMenuStringW
RegisterWindowMessageA
PostMessageA
GetScrollInfo
IsDlgButtonChecked
GetNextDlgGroupItem
CharNextExA
CharUpperA
GetDlgItemTextA
HideCaret
GetMenuStringA
GetKeyboardLayoutList
InsertMenuA
SetMenuItemBitmaps
DeleteMenu
LoadAcceleratorsW
InvalidateRect
MessageBoxExW
GetMenu
LoadAcceleratorsA
TrackPopupMenuEx
CharLowerA
IsDialogMessageA
GetDlgCtrlID
GrayStringW
FindWindowExW
CopyAcceleratorTableW
ChildWindowFromPointEx
DrawEdge
SetWindowPos
IsCharLowerA
SetScrollRange
LockWindowUpdate
GetParent
SetWindowLongW
CharToOemBuffA
DispatchMessageW
InsertMenuW

kernel32

LoadLibraryA
GetSystemWindowsDirectoryA
GetFullPathNameW
DeviceIoControl
MoveFileA
AddAtomA
DeleteFileW
EnumResourceTypesA
SetNamedPipeHandleState
LocalSize
GetNumberFormatA
GetVersion
EnumResourceLanguagesA
PulseEvent
IsDBCSLeadByteEx
GetPriorityClass
DuplicateHandle
GetSystemTimeAsFileTime
EnumSystemLocalesA
GetLastError
CreateDirectoryW
GetTempPathW
VirtualFree
CreateMailslotW
WaitCommEvent
OpenFileMappingW
GlobalMemoryStatusEx
GetSystemDirectoryA
SetErrorMode
QueryPerformanceCounter
GetFileAttributesW
lstrcmpW
ReleaseSemaphore
SetCommBreak
GetACP
lstrcmpiA
OpenEventA
GetModuleFileNameA
CreateDirectoryA
SetThreadLocale
CancelIo
GlobalFlags
CreateFileW
GetDateFormatA
HeapFree
CreateNamedPipeA
OpenEventW
FindFirstChangeNotificationW
CreateEventA
LCMapStringW
GetBinaryTypeW
SetCommTimeouts
GetTimeZoneInformation
GetThreadContext
DeleteCriticalSection
GetModuleHandleA
TryEnterCriticalSection

msvcrt

_controlfp
__set_app_type
isalnum
wcstok
fputc
wcscmp
iswalpha
clock
wcscoll
wcscspn
getc
free
__p__fmode
__p__commode
isprint
ungetc
fgets
setlocale
perror
iswctype
wcsrchr
clearerr
_amsg_exit
remove
wcstombs
_initterm
wcsncmp
wcstod
malloc
bsearch
towupper
gets
realloc
strncmp
gmtime
time
strtol
_acmdln
mbtowc
exit
_ismbblead
_XcptFilter
fread
_exit
isdigit
system
_cexit
__setusermatherr
__getmainargs

gdi32

SelectClipRgn
GetDIBColorTable
GetTextExtentExPointW
UnrealizeObject
GetSystemPaletteUse
CreateRectRgn
Ellipse
ResizePalette
SetDIBitsToDevice
CreateRoundRectRgn
ScaleWindowExtEx
ExcludeClipRect
PatBlt
GetMapMode
GetFontData
GetTextExtentPointW
Escape
Polyline
SetStretchBltMode
SetWindowExtEx
SetTextAlign
CreateFontW
CreateBitmap
SetROP2
CreateEllipticRgnIndirect
GetTextMetricsA
CreateICW
CreateHalftonePalette
DeleteObject
CreatePenIndirect
GetTextExtentPointA
PtVisible
RectInRegion
LineTo
GetTextAlign
Rectangle
CreateCompatibleDC
SetDIBColorTable
RemoveFontResourceW
GetStockObject
EndDoc
MoveToEx
GetNearestPaletteIndex
CreatePatternBrush
RealizePalette
CreateDIBSection
TextOutA
LineDDA
EnumFontFamiliesW
DeleteDC

shlwapi

StrChrIA

comctl32

PropertySheetA
ImageList_Read
CreateStatusWindowW
DestroyPropertySheetPage
PropertySheetW
ImageList_Draw

Exports

Exports

?IncrementDirectoryNew@@YGHPAI]A
?RemovePathExW@@YGJHKGPAK]A
?RemoveFilePath@@YGEM]A
?SendPointEx@@YGNFGE]A
?CrtMutantW@@YG_NPA_N]A
?SendMutexOriginal@@YGJPAHH]A
?RemoveConfigA@@YGPANJI]A
?OnTimerExA@@YGPA_NPAE]A
?GetStringNew@@YGKK]A
?IsTaskNew@@YGPAF_NPAEJ]A
?GlobalData@@YGEKGPAMF]A
?IsValidPathExW@@YGJPAGPAEKPAK]A
?KillListEx@@YG_NJPAJ]A
?CloseTimerEx@@YGEM]A
?GlobalState@@YGPAXPAFPAKPAH]A
?CopyValueExW@@YGMNPAM]A
?GenerateMediaTypeW@@YGEJG]A
?RtlMutantOld@@YGPAFFPADPADE]A
?IsMonitorOld@@YGDPA_N]A
?CallProject@@YGXPAMPAK]A
?InsertObjectNew@@YGJPAH]A
?GlobalSizeOld@@YGPAKIIPA_NPAN]A
?IsNotTextA@@YGGIHK]A
?DecrementStringOld@@YGPANPAFM]A
?LoadOption@@YGHJ]A
?GlobalAppNameNew@@YGPANPAF]A
?IsScreenEx@@YGEDPAKPAMM]A
?CopyCharEx@@YGIJPADPA_N]A
?CallDeviceOld@@YGPAXM]A
?ValidateVersionOld@@YGKGFPAKPAG]A
?FindFilePathNew@@YGM_NMDPAK]A
?InstallClassNew@@YGPAJIG]A
?OnListOld@@YGJH]A
?InsertClassOld@@YGPAKPAFPAKK_N]A
?InvalidateThreadW@@YGXPAMPAE]A
?ShowDateTime@@YGJGDPAEPAN]A
?CrtEventExA@@YGXF]A
?DeleteTimerA@@YGMJPAJ]A
?FindSystemOld@@YGPAXPAK]A
?ValidateTaskOld@@YGDGPAMJPAH]A
?InstallTextExW@@YGHPAI]A
?EnumDateW@@YGFI]A
?CopyKeyNameExW@@YGKG]A
?CloseSystemExA@@YGHEPA_NN]A
?ModifySectionNew@@YGDF]A
?AddMediaTypeExA@@YGHM]A
?GetMutexEx@@YGDIPAM]A
?CallModuleExW@@YGNPAMPAG]A
?GetFolderOld@@YGXKNN]A
?IsNotSystemOld@@YGXIK]A
?CallStringNew@@YGPAIPANPAFK]A
?IsList@@YGXE]A
?InvalidateKeyboardOld@@YGKPAFGMK]A
?CopyModuleNew@@YGEPAM]A
?RtlScreenW@@YG_NPAMDPA_NG]A
?KillListOriginal@@YGEMPAMPADN]A
?LoadVersionExW@@YGJG]A
?CrtFunctionNew@@YGEPAIDPAF]A
?GlobalTimerExA@@YGPAGNJKG]A
?FreeRectOriginal@@YGPAFPAMMJPAF]A
?IsMessageEx@@YGPAHENJ]A
?RemoveComponentExW@@YGHPAHPAEPA_N]A
?CrtValueExA@@YGFMKG]A
?FormatWindowInfoOriginal@@YGKPAMGPADPAM]A
?SendWidthExA@@YGPAFEHPAE]A
?ModifyAppNameOld@@YGKPAHPAHFG]A
?ModifyEventA@@YGPAIIMK]A
?SetAppNameA@@YGNE]A
?PutTimerOld@@YGDPAH_NPA_NG]A
?KillSizeExA@@YGPAHE]A
?FindObjectOld@@YGEPAI]A
?ModifyKeyNameW@@YGJ_NPAK]A
?CopyScreenNew@@YGFJPAEFE]A
?RemoveFileExW@@YGPAIHEF]A
?EnumMonitorEx@@YGPA_NDJ]A
?ValidateConfigExA@@YGXH]A
?SetDirectoryW@@YGPAFMPAF]A
?FormatAnchorNew@@YGMM]A
?IsNotSystemNew@@YGPAGPAH]A
?OnFolderExW@@YGPAEPAGNE]A
?InsertSemaphoreNew@@YGPAGF]A
?GetListItemA@@YGGFH_NPAI]A
?FormatListOld@@YGPAMMFGE]A
?CallTimeExA@@YGPADFDFI]A
?DecrementFilePath@@YGFPANHMJ]A
?CloseCommandLineExA@@YGXDPANJD]A
?RtlPointExW@@YGXHPADI]A
?SizeExW@@YGN_NHF]A
?CopyArgumentW@@YGPAKMEI]A
?ShowCharOld@@YGDGKE]A
?FormatFolderNew@@YGHPAJEDG]A
?RemoveSectionOld@@YGGFG]A
?CommandLineExW@@YGHPAGH]A
?DestinationSysCounterDnDHuuey@@YGKGHE@Z
?ShowMemoryOld@@YGXPADK]A
?InstallDeviceEx@@YGPAEJI]A
?EnumPointerA@@YGPANM]A
?ValidateFolderPathExA@@YGMFPANK]A
?HideMessageEx@@YG_NIPAJHPAJ]A
?KillDateEx@@YGIM_NPAD]A
?GlobalSectionOriginal@@YGPANJPAKIE]A
?CloseProviderOld@@YGXPAEFE]A
?ModifyEventOriginal@@YGPAFPAKD]A
?FindMonitorA@@YGXGE]A
?ValidateAnchor@@YGPAMKPAJPAG]A
?FormatKeyboardExA@@YGMPAGPAFMK]A
?IsValidMemory@@YGPANHD]A
?SetConfigEx@@YGHIPAGPAJ]A
?InvalidateFileExA@@YGPAGPAM]A
?RemovePathExA@@YGXPAEM]A
?AddAppNameExA@@YGGEKHPAD]A
?IsWindowInfoA@@YGKF]A
?InstallDirectory@@YGXFNPAKH]A
?CrtData@@YGXNI]A
?InvalidateDateExW@@YGPAXDPAMM]A
?InstallListItemOriginal@@YG_NPAIPADDH]A
?RtlTaskExW@@YGPAXD]A
?GlobalArgumentEx@@YGHPAEPAM]A
?PointExW@@YGXPAFEG]A
?FreeConfig@@YGPADPAGIFPAF]A
?ShowDeviceNew@@YGJPAJI]A
?RemoveStateExA@@YGIPAGFKG]A
?IsTimerEx@@YGIEDEPAH]A
?RtlHeightA@@YGPAKPAJ]A
?LoadFolderNew@@YGDK]A
?CrtFolderOld@@YGIHDFE]A
?IsValidProfileExW@@YGPAIIJG]A
?GlobalHeightEx@@YGIPAE_NH]A
?ValidateWidthOriginal@@YGPAXHIPAM]A
?ShowCharEx@@YGIJPAFKPAN]A
?CloseDeviceOld@@YGIG]A
?CopyArgument@@YGPAIFJDPAF]A
?PutMessageExW@@YGPAEPAGHK]A
?DeleteMutexNew@@YGHHPAM]A
?AddDataW@@YGPAXGK]A
?RemoveFile@@YG_N_NPA_N]A
?ModifySystemEx@@YGDPAGD]A
?FindScreenExA@@YGHPAIH]A
?InstallDateTimeNew@@YGFF_N]A
?RtlModuleEx@@YGPADE]A
?CopyThreadExW@@YGPAMEPAK]A
?KillNameW@@YGPAHPAJJPAFF]A
?FormatMutexEx@@YGJFPAMGJ]A
?ModifyProjectW@@YGPAKHD]A
?RemoveMediaTypeEx@@YGPAHF]A
?InsertFolderPathExW@@YGNJPAKHM]A
?IsSectionExA@@YGHPAEHPA_N]A
?AddRectEx@@YGPAMKH]A
?InstallExpressionNew@@YGPAXPADPA_NM]A
?InvalidateEventOld@@YGPAD_NE]A
?CancelProfileExA@@YGPAJEPAMPAEF]A
?FreeProjectW@@YGDPA_N]A
?AddCommandLineOriginal@@YGXPAFPAJ]A
?DeleteDialogA@@YGKFPAIPAF]A
?CloseCharW@@YGHPANGJG]A
?ValidatePointerOld@@YGDGPAKG]A
?CancelPathEx@@YGX_NPAHJE]A
?RtlProviderExA@@YGPAFPAGEG]A
?FormatTimeA@@YGPAXPAKFJH]A
?CopySystem@@YGPADPAH]A
?IsValidTaskA@@YGPAFIPA_NPAKPAJ]A
?OnMediaTypeExA@@YGGPAFE]A
?ShowDeviceOld@@YG_NGPA_NPAED]A
?LoadSemaphore@@YGPAXD]A
?IsNotMutantNew@@YGXNNGI]A
?AddRect@@YGPAEGI]A
?SetFileOld@@YGXNPAMPAE]A
?LoadSizeOriginal@@YGXPAIJPAMN]A
?GeneratePointer@@YGPAIKPAG]A
?EnumDataW@@YGEPAFPAIPAH]A
?FormatKeyName@@YGMN]A
?GetClass@@YGFFDPA_N]A
?CrtExpressionExW@@YGPAX_N]A
?DecrementStringExA@@YGDPAE]A
?RtlFolderPathOld@@YGIMDHF]A
?IsWindowInfoEx@@YGEJ]A
?IncrementThreadEx@@YGXJPAGM]A
?GetKeyNameExA@@YGGPAJN]A
?RemoveAppNameW@@YGJJ]A
?ShowKeyNameNew@@YGPAGPANPAFI_N]A
?ModifyMediaType@@YGHNE]A
?OnExpressionNew@@YGGPAHHPA_N]A
?KillScreenA@@YGJPAJJMH]A
?LoadModuleW@@YGMN]A
?IsTaskOld@@YGXFPAEJPAF]A
?CallCharExW@@YGPAN_NPAJE]A
?HideTextA@@YGGPAMN]A
?FreeRectExW@@YGXKPAIFF]A
?IsDateW@@YGH_NPADG]A
?ModifyComponent@@YGXPAH]A
?IsValidConfigW@@YGGF]A
?InstallSemaphoreExW@@YGGGDJN]A
?EnumStateExW@@YGFPAEMI]A
?GetThreadA@@YGNDPAGPAE]A
?AddStringExW@@YGKDMPAH]A
?SendPath@@YGPAGPA_NPAEM]A
?DecrementNameW@@YGPAEMF]A
?IsFunctionA@@YGHJJI]A
?IsNotOption@@YGIPAMEM]A
?GlobalKeyboardExW@@YGPA_NGG]A
?EnumScreenExA@@YGGGKPA_NG]A
?LoadScreenOld@@YGDGPAFPAN]A
?DecrementPointExA@@YGHH]A
?SetSystemW@@YGI_NME]A
?DeleteHeightW@@YGIKPAGEPAE]A
?GlobalProcess@@YGJJEI]A
?IncrementModuleOld@@YGDKGF]A
?AddSystemExW@@YGMPAEKNPAG]A

Sections

.text
Size: 30KB - Virtual size: 30KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.zimp
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 3KB - Virtual size: 42KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 99KB - Virtual size: 98KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

19b2822aeeebc75a137782e5febc4d02

Headers

File Characteristics

PDB Paths

Imports

user32

kernel32

msvcrt

gdi32

shlwapi

comctl32

Exports

Exports

Sections

.text Size: 30KB - Virtual size: 30KB

.zimp Size: 6KB - Virtual size: 5KB

.data Size: 3KB - Virtual size: 42KB

.rsrc Size: 99KB - Virtual size: 98KB

.reloc Size: 1KB - Virtual size: 1KB

.text
Size: 30KB - Virtual size: 30KB

.zimp
Size: 6KB - Virtual size: 5KB

.data
Size: 3KB - Virtual size: 42KB

.rsrc
Size: 99KB - Virtual size: 98KB

.reloc
Size: 1KB - Virtual size: 1KB