42f8f420dfb011124bff2ca0932baef8_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

42f8f420dfb011124bff2ca0932baef8_JaffaCakes118
Size

206KB
MD5

42f8f420dfb011124bff2ca0932baef8
SHA1

e75718451eaa8a35d88689225b6388b550a57a70
SHA256

9a98b3214c33fb3014fa96382d0fecb5c391a44da317cae30f447af99606af46
SHA512

dfb69c67f8418df6c1d6696d36eb7906feb83096c14ceb9524689e172d20eed4798b88c730ff74c98b8934e5c1be26957dee33f83935d2b788c2e0b92af0d3f9
SSDEEP

3072:3pIVoiJGNfQMxxn0nh1rbfCZSR5MYWnIvZviXNPjjI+sopSX5OYR4WmWTJeZG:PiNQODv5Pes5yxjjQJ1R4WmW1eM

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
42f8f420dfb011124bff2ca0932baef8_JaffaCakes118

Files

42f8f420dfb011124bff2ca0932baef8_JaffaCakes118
.exe windows:5 windows x86 arch:x86

6621b835561a627389e22b3a321633d8

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

Q:\xXmcfvgzt\EFJbjgah\jwlbdhpabwe.pdb

Imports

user32

RegisterClassW
GetScrollPos
LoadBitmapA
ClipCursor
SetMenuDefaultItem
SetSysColors
IsWindowVisible
GetWindow
IsWindowEnabled
OpenIcon
LoadCursorA
TranslateAcceleratorW
CreatePopupMenu
CharUpperA
IsWindowUnicode
GetMessageExtraInfo
CloseDesktop
OpenInputDesktop
SystemParametersInfoA
SetMenuItemInfoW
ReleaseDC
InvalidateRect
SwitchToThisWindow
KillTimer
keybd_event
CheckRadioButton
IsRectEmpty
IsCharAlphaNumericW
DrawMenuBar
TabbedTextOutW
GetDCEx
SetWindowRgn
DestroyAcceleratorTable
SetPropW
PtInRect
SetUserObjectInformationW
PeekMessageA
CharToOemW
InflateRect
DrawIcon
DrawFrameControl
GetNextDlgGroupItem
SendInput
DefFrameProcA
DefWindowProcA
DialogBoxParamA
RegisterClassA
CopyAcceleratorTableW
GetSystemMenu
DrawStateW
FindWindowA
CreateWindowExA
EnableWindow
CharUpperW
RegisterHotKey
AdjustWindowRectEx
MessageBoxW
MessageBoxExA
GetTopWindow
SetMenu
FindWindowExA
LoadMenuA
MessageBoxA
EqualRect
ToUnicodeEx
GetWindowTextLengthW
TileWindows
GetClipCursor
MapDialogRect
LoadStringA
HiliteMenuItem
GetMenuItemCount
LookupIconIdFromDirectory
IntersectRect
GetDoubleClickTime
GetKeyboardType
GetAsyncKeyState
CharLowerBuffW
DialogBoxParamW
CharLowerW
ChangeMenuW
LockWindowUpdate
IsWindow
MapVirtualKeyExW
SetRectEmpty
GetClassLongA
MapWindowPoints
TranslateAcceleratorA
CheckMenuRadioItem
SetScrollInfo
AllowSetForegroundWindow
DispatchMessageA
CharNextW
FrameRect
OffsetRect
InvalidateRgn
SetForegroundWindow
SetActiveWindow
IsChild
UnloadKeyboardLayout
IsIconic
GetMenuStringA
LoadMenuW
RegisterWindowMessageW
SetCursor
GetMessageW
GetForegroundWindow
CreateDialogParamW
GetClassLongW

kernel32

RemoveDirectoryW
LeaveCriticalSection
SetFileAttributesW
VirtualQuery
HeapCreate
SetCurrentDirectoryA
OpenEventA
lstrlenA
GetThreadLocale
UnhandledExceptionFilter
VirtualFree
GetComputerNameA
CreateEventW
CancelIo
UnmapViewOfFile
Sleep
GetLastError
GetProcAddress
FreeLibrary
GetDateFormatA
GetTimeFormatA
VerifyVersionInfoW
GlobalReAlloc
CreateMailslotW
SetCommTimeouts
GetSystemTime
GetSystemDirectoryW
IsBadReadPtr
HeapAlloc
EnumResourceTypesA
LoadLibraryExA
CompareStringA
SetErrorMode
CreateRemoteThread
GlobalFlags
WaitForSingleObject
GetNumberFormatW
WideCharToMultiByte
GetSystemDefaultUILanguage
GetWindowsDirectoryW
AddAtomA
ClearCommError
lstrcmpiA
SetThreadContext
CreateWaitableTimerA
lstrcmpiW
CreateFileW
SizeofResource
LoadLibraryW
GetACP
LockFile

comdlg32

ChooseFontW
PrintDlgW
GetOpenFileNameW
FindTextW

msvcrt

_controlfp
__set_app_type
__p__fmode
fgetc
__p__commode
mbstowcs
_amsg_exit
fseek
_initterm
wcstok
isalnum
time
wcscat
strcpy
strcoll
wcstombs
clearerr
strcspn
strchr
swscanf
_ismbblead
qsort
towlower
malloc
system
wcspbrk
vswprintf
_XcptFilter
vsprintf
fputc
localtime
fflush
wcschr
_exit
calloc
setvbuf
isprint
ungetc
wcstoul
_cexit
bsearch
__setusermatherr
__getmainargs
putchar

comctl32

InitCommonControlsEx
ImageList_LoadImageW
CreatePropertySheetPageW
ImageList_ReplaceIcon
ImageList_GetIconSize
ImageList_GetIcon

gdi32

EnumFontFamiliesExW
SetDIBColorTable
ExtTextOutW
CreateICW
CombineRgn
DeleteDC
GetDeviceCaps
GetBitmapBits
SaveDC
BeginPath
GetTextExtentPoint32A
CreatePolygonRgn
CreateDIBitmap
DeleteObject
GetPixel
CreateBrushIndirect
GetTextMetricsA
CreateBitmap
SetBitmapDimensionEx
CreateFontIndirectA
SelectPalette
RoundRect
CreateSolidBrush
GetCurrentObject
CreateRectRgn
SetAbortProc
SelectClipRgn
CreateFontW
EnumFontsW
GetFontData
MoveToEx
GetPaletteEntries
TextOutW
SetBitmapBits
PatBlt
OffsetViewportOrgEx
FillRgn
CreateEllipticRgnIndirect
GetTextExtentPointW
ResizePalette
SetBrushOrgEx
OffsetRgn
TextOutA
RealizePalette

shlwapi

PathFindExtensionA

Exports

Exports

?GenerateState@@YGPAJPAFHMPAF<V

Sections

.text
Size: 68KB - Virtual size: 67KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 134KB - Virtual size: 199KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

6621b835561a627389e22b3a321633d8

Headers

File Characteristics

PDB Paths

Imports

user32

kernel32

comdlg32

msvcrt

comctl32

gdi32

shlwapi

Exports

Exports

Sections

.text Size: 68KB - Virtual size: 67KB

.data Size: 134KB - Virtual size: 199KB

.rsrc Size: 512B - Virtual size: 16B

.reloc Size: 2KB - Virtual size: 1KB

.text
Size: 68KB - Virtual size: 67KB

.data
Size: 134KB - Virtual size: 199KB

.rsrc
Size: 512B - Virtual size: 16B

.reloc
Size: 2KB - Virtual size: 1KB