428bac8eff36fbec68442983b5f5a330_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

428bac8eff36fbec68442983b5f5a330_JaffaCakes118
Size

144KB
MD5

428bac8eff36fbec68442983b5f5a330
SHA1

3ece256bfb3880c74d16e0e4e699538e565c51f4
SHA256

370055207e24f45a93550bdd929f7be67847a068afea20ed1c0eded9288f6b37
SHA512

d28239ce4aca4b1e8936f377352a6d97bba91b9d0ded2eaf59ae360459de930369241f127c6b4411d232579da2b5568231ed9e3190916e9390063f72709a5e69
SSDEEP

3072:wvaRPT81AYB/WFcATg86ycyAKym2hXnHKIegZXi:ScbwB/WFcAN6yvZShXnHKIe

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
428bac8eff36fbec68442983b5f5a330_JaffaCakes118

Files

428bac8eff36fbec68442983b5f5a330_JaffaCakes118
.exe windows:5 windows x86 arch:x86

d104cd139e9986eff8765fdb2c26c021

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

V:\ltpYlvgKzezEA\YzxtXnbup\zjyxnbx\aplLwDcPMsyl.pdb

Imports

kernel32

IsBadCodePtr
GetAtomNameW
GlobalAddAtomA
RemoveDirectoryW
AddAtomW
SetLastError
GetFileAttributesExA
lstrlenA
GetTimeFormatA
SetHandleCount
GlobalFree
GetCurrentThread
SetCommBreak
FreeResource
SearchPathA
IsBadReadPtr
SetupComm
OpenFile
GetSystemDefaultUILanguage
GetLocalTime
DuplicateHandle
GetSystemWindowsDirectoryW
ExitThread
CreateSemaphoreA
FindCloseChangeNotification
DeviceIoControl
GetTempPathA
RaiseException
CopyFileW
GlobalAddAtomW
EnumResourceLanguagesA
GetDateFormatW
ConvertDefaultLocale
FlushFileBuffers
FormatMessageA
GetThreadLocale
TlsFree
GetVersionExA
HeapUnlock
MoveFileW
GetFileType
OpenFileMappingA
SetNamedPipeHandleState
SetSystemTime
lstrcpyA
SetEndOfFile
GetBinaryTypeA
CreateEventW
CreateWaitableTimerW
ResetEvent
LocalSize
SetThreadAffinityMask

comctl32

ImageList_Read
PropertySheetW
ImageList_ReplaceIcon
PropertySheetA
ImageList_Remove
CreateToolbarEx

msvcrt

wcstok
free
wcscoll
putchar
swscanf
_controlfp
fclose
setvbuf
__set_app_type
isprint
qsort
vswprintf
srand
clearerr
strstr
__p__fmode
__p__commode
sprintf
ftell
_amsg_exit
towlower
_initterm
toupper
_ismbblead
_XcptFilter
fprintf
wcscat
puts
_exit
wcslen
fgetc
wcstod
_cexit
fflush
__setusermatherr
malloc
floor
isupper
printf
memset
fputc
iswprint
strspn
wcscspn
putc
isalnum
__getmainargs
realloc
fgets
strcpy

shlwapi

PathIsUNCA

comdlg32

PageSetupDlgW
PrintDlgW
GetOpenFileNameW
CommDlgExtendedError
GetFileTitleW
ReplaceTextW

user32

ValidateRect
FindWindowExW
SetWindowTextW
GetMonitorInfoW
OpenDesktopW
SwitchToThisWindow
EnumChildWindows
TileWindows
EqualRect
GetIconInfo
GetClassLongW
LockWindowUpdate
ShowCaret
RegisterClassExA
GetNextDlgGroupItem
SendMessageTimeoutA
DrawStateW
OpenIcon
DefFrameProcW
CreateCaret
GetActiveWindow
GetSystemMenu
CharToOemW
IsCharUpperA
GetMessageExtraInfo
CharNextW
IsCharAlphaNumericW
IsDialogMessageW
DestroyCursor
CharToOemBuffA
InvalidateRect
GetDlgItemTextA
OemToCharBuffA
ToUnicodeEx
InSendMessageEx
VkKeyScanW
GetKeyState
CharNextA
TranslateMessage
GetDlgItemInt
WindowFromPoint
DrawTextW
InternalGetWindowText
DestroyCaret
CharLowerW
GetClipCursor
GetMenu
HideCaret
GetWindowRect
CharUpperBuffW
DestroyMenu
GetScrollPos
DestroyAcceleratorTable
CheckDlgButton
IntersectRect
GetWindowDC
GetKeyNameTextW
GetSubMenu
GetMenuStringA
CreateMenu
BeginDeferWindowPos
ChildWindowFromPointEx
CreatePopupMenu
ShowWindowAsync
GetKeyboardLayout
DrawMenuBar
DragObject
MessageBoxA
GetWindowTextA
DialogBoxIndirectParamW
CreateWindowExW
CharLowerA
GetSysColorBrush
InflateRect
GetParent
InsertMenuA
CharUpperA
LoadStringA
GetSysColor
SendInput
MessageBoxW
CreateIconFromResource
GetAsyncKeyState
LoadImageW
LoadImageA
DefDlgProcW
PostQuitMessage
CheckRadioButton
AttachThreadInput
SetUserObjectInformationW
BeginPaint
FindWindowA
CharUpperW
keybd_event
DispatchMessageA
ShowWindow
GetMessageTime
SetSysColors
DialogBoxParamA
ModifyMenuW
LookupIconIdFromDirectory
IsDialogMessageA
DefDlgProcA
CharPrevA
DefWindowProcA
ReplyMessage
TranslateAcceleratorA
GetCaretPos
ReleaseDC
CloseDesktop
ShowOwnedPopups
MapWindowPoints
SetCaretPos
PostMessageW
CreateDialogIndirectParamW
TrackPopupMenu
SendMessageTimeoutW
wvsprintfW
SetCursorPos

Exports

Exports

?ForwardControlItem@@YGK_KK:O

Sections

.text
Size: 21KB - Virtual size: 21KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.ips1
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ips2
Size: 512B - Virtual size: 88B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.read
Size: 512B - Virtual size: 168KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.ips3
Size: 512B - Virtual size: 192B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ips4
Size: 30KB - Virtual size: 29KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tls
Size: 512B - Virtual size: 512B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 78KB - Virtual size: 78KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d104cd139e9986eff8765fdb2c26c021

Headers

File Characteristics

PDB Paths

Imports

kernel32

comctl32

msvcrt

shlwapi

comdlg32

user32

Exports

Exports

Sections

.text Size: 21KB - Virtual size: 21KB

.ips1 Size: 6KB - Virtual size: 5KB

.ips2 Size: 512B - Virtual size: 88B

.read Size: 512B - Virtual size: 168KB

.ips3 Size: 512B - Virtual size: 192B

.data Size: 3KB - Virtual size: 3KB

.ips4 Size: 30KB - Virtual size: 29KB

.tls Size: 512B - Virtual size: 512B

.rsrc Size: 78KB - Virtual size: 78KB

.reloc Size: 2KB - Virtual size: 1KB

.text
Size: 21KB - Virtual size: 21KB

.ips1
Size: 6KB - Virtual size: 5KB

.ips2
Size: 512B - Virtual size: 88B

.read
Size: 512B - Virtual size: 168KB

.ips3
Size: 512B - Virtual size: 192B

.data
Size: 3KB - Virtual size: 3KB

.ips4
Size: 30KB - Virtual size: 29KB

.tls
Size: 512B - Virtual size: 512B

.rsrc
Size: 78KB - Virtual size: 78KB

.reloc
Size: 2KB - Virtual size: 1KB