43cf922df5b6edb145d2d7b1db3f59da_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

43cf922df5b6edb145d2d7b1db3f59da_JaffaCakes118
Size

294KB
MD5

43cf922df5b6edb145d2d7b1db3f59da
SHA1

82e7494b523e9d404e9a48b3012d69fd30b0244c
SHA256

dac81c8efeda0ae6e16724a0ef9294d2156dc90b11ff8697a9ec29ca4bd08323
SHA512

c39ac9905e3774251ff07a436de08d5f049403a23956099461f76c6f0bc36593219384755c04980db0b9fb234d13c7f8e023a9b4a8bca6e6187e7fe8ea2cad2f
SSDEEP

6144:x1sUcbJPYC5XAyGsti4/hozaU48siFzW5ngYq3bmp:x/cSCJYyi4ZoGKsQWGB8

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
43cf922df5b6edb145d2d7b1db3f59da_JaffaCakes118

Files

43cf922df5b6edb145d2d7b1db3f59da_JaffaCakes118
.exe windows:5 windows x86 arch:x86

c67d22b04ec7401dfcb5edca60104ed8

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

S:\qBpldxvrptxte\zdxKpjwtqhs\LzoALfueWv.pdb

Imports

msvcrt

fwrite
clearerr
iswprint
_controlfp
__set_app_type
__p__fmode
__p__commode
_amsg_exit
swscanf
_initterm
fclose
isspace
atol
_acmdln
wcslen
wcstoul
exit
fflush
time
fseek
calloc
wcstol
toupper
isalpha
clock
floor
free
_ismbblead
mbstowcs
_XcptFilter
wcscmp
_exit
vswprintf
sprintf
wcsstr
setlocale
fread
strncpy
_cexit
puts
__setusermatherr
strchr
strpbrk
__getmainargs
iswspace

user32

DefWindowProcW
GetDCEx
LoadBitmapW
CharUpperW
InflateRect
DeferWindowPos
DrawIconEx
GetPropW
SetWindowLongA
GetUserObjectInformationW
SetDlgItemTextW
IsIconic
IsCharAlphaW
IsWindowUnicode
ChangeMenuW
GetWindowRect
SetScrollPos
UpdateWindow
IsWindowVisible
CreateCursor
DrawFrameControl
InSendMessage
DrawMenuBar
ValidateRect
SetForegroundWindow
DrawTextW
AdjustWindowRect
PtInRect
wvsprintfA
PeekMessageW
GetSystemMetrics
SetMenuItemBitmaps
IntersectRect
GetWindowPlacement
LoadCursorW
CharUpperBuffA
GetDialogBaseUnits
ModifyMenuW
RegisterClassA
MessageBoxExA
CheckDlgButton
GetScrollInfo
SetRect
DestroyWindow
LoadImageA
LoadAcceleratorsW
GetAsyncKeyState
GetTopWindow
GetMessagePos
GetNextDlgGroupItem
SetRectEmpty
CreateAcceleratorTableW
DialogBoxParamA
AttachThreadInput
IsDlgButtonChecked
SetWindowTextW
RegisterClassExA
LoadBitmapA
PeekMessageA
CharToOemW
DefDlgProcW
IsWindow
TabbedTextOutW
SetTimer
WaitForInputIdle
CreateIconFromResource
ActivateKeyboardLayout
CallWindowProcW
GetMenuStringW
PostQuitMessage
MessageBoxW
MessageBoxExW
SetUserObjectInformationW
LoadIconW
ArrangeIconicWindows
SendMessageTimeoutA
CallWindowProcA
FindWindowExW
MapVirtualKeyExW
GetWindowTextW
EnableWindow
InvalidateRect
SetActiveWindow
SetMenuDefaultItem
DestroyCaret
RegisterClassW
SetLastErrorEx
DrawIcon
GetDoubleClickTime
AdjustWindowRectEx
GetKeyboardLayoutNameW
SendDlgItemMessageA
EnableMenuItem
GetMessageExtraInfo
GetScrollPos
GetKeyNameTextW
FrameRect
RedrawWindow
IsMenu
SetWindowTextA
SwapMouseButton
IsCharAlphaNumericW
DefDlgProcA
wvsprintfW
DefWindowProcA
GetMenuItemID
GetClientRect
RegisterClassExW
ToUnicodeEx

comctl32

PropertySheetA
ImageList_GetImageCount
ImageList_GetIconSize
CreateStatusWindowW
PropertySheetW
InitCommonControlsEx

comdlg32

GetOpenFileNameA
ChooseFontW
GetFileTitleW
PrintDlgExW
ChooseColorW

kernel32

lstrcmpA
FindNextChangeNotification
CreateFileA
CopyFileW
SetFileApisToOEM
GlobalDeleteAtom
SetMailslotInfo
CloseHandle
IsBadStringPtrW
TerminateThread
GlobalAlloc
GetCurrentThreadId
lstrlenA
SetWaitableTimer
lstrcpynW
SetEvent
EnumResourceNamesW
TryEnterCriticalSection
GetTimeFormatW
SetThreadPriority
LocalSize
CallNamedPipeW
ConvertDefaultLocale
GetCurrentDirectoryW
GetVersionExW
lstrcmpiW
FreeResource
HeapWalk
VirtualAlloc
CreateWaitableTimerW
SetNamedPipeHandleState
LocalUnlock
GetModuleFileNameW
SetThreadExecutionState
RtlUnwind
QueryPerformanceCounter
GetExitCodeThread
CreateSemaphoreW
GlobalAddAtomA
RemoveDirectoryA
GetWindowsDirectoryA
HeapSize
GetDateFormatW
FlushFileBuffers
GetTickCount
GetCommTimeouts
CreateNamedPipeA
RegisterWaitForSingleObject
HeapValidate
EnumResourceLanguagesA
OpenEventW

gdi32

CreatePatternBrush
SetViewportOrgEx
SetTextColor
SetBkColor
GetClipBox
GetROP2
EndPath
RestoreDC
GetPaletteEntries
OffsetViewportOrgEx
GetTextMetricsA
RemoveFontResourceW
GetObjectA
CreateFontIndirectA
SetBitmapDimensionEx
CreateDIBitmap
GetWindowOrgEx
PatBlt
ScaleWindowExtEx
RoundRect
CreateDCW
SetLayout
FillRgn
CombineRgn
GetTextMetricsW
BeginPath
GetNearestPaletteIndex
CreateICW
SetStretchBltMode
CreateBrushIndirect
SetPaletteEntries
GetViewportOrgEx
TranslateCharsetInfo
SetViewportExtEx
CreateCompatibleBitmap
CreatePolygonRgn
GetSystemPaletteEntries
GetRgnBox
SetBkMode
GetCurrentObject
EndPage
RealizePalette
MoveToEx
RectVisible

Exports

Exports

?KillStateA@@YGEPAI@Z
?ModifyKeyNameOriginal@@YGXEENPAH@Z
?RemovePathExW@@YGJPAMNF@Z
?GlobalProviderEx@@YGKK@Z
?EnumPointerOld@@YGPAFG@Z
?InstallDataW@@YGMI@Z
?CrtFullName@@YGPAGIKPAF@Z
?HideMessageOriginal@@YGFFPAFI@Z
?CrtStateA@@YGKPAJ@Z
?DeleteThreadExW@@YGPAII@Z
?GetListNew@@YGIIIE@Z
?GetProcessNew@@YGPADPAKPAHPANPAD@Z
?CloseTimeA@@YGKGG@Z
?KillKeyboardA@@YGDPAHPAJ@Z
?FindMemoryExW@@YGPAGMENE@Z
?FormatListItem@@YGPAFPAHDI_N@Z
?PutHeaderExA@@YGPAEMPANI@Z
?IncrementScreenA@@YGHDEHM@Z
?SetOptionW@@YGHPAGPAJHK@Z
?FindSectionW@@YGFPANEPAJPAE@Z
?KillFunctionExA@@YGXPAJ@Z
?EnumMediaType@@YGPAKFPAEPAF@Z
?CrtClassEx@@YGEPAHF_NF@Z
?IsNotCharW@@YGENPAMPAI@Z
?EnumFunctionW@@YGPADPAGN@Z
?CrtListW@@YGPAKPA_NPAH@Z
?InsertAppNameNew@@YGPAXI@Z
?CrtTextA@@YGKFJ@Z
?RtlSemaphoreW@@YGXPADKI@Z
?InvalidateRectOld@@YGDIGPAN@Z
?CopyOptionOld@@YGJMIM@Z
?ValidateEventOriginal@@YGHDMGPAJ@Z

Sections

.text
Size: 59KB - Virtual size: 58KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.dt_i
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.dt_e
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 79KB - Virtual size: 78KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 131KB - Virtual size: 131KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

c67d22b04ec7401dfcb5edca60104ed8

Headers

File Characteristics

PDB Paths

Imports

msvcrt

user32

comctl32

comdlg32

kernel32

gdi32

Exports

Exports

Sections

.text Size: 59KB - Virtual size: 58KB

.dt_i Size: 6KB - Virtual size: 6KB

.dt_e Size: 1KB - Virtual size: 1KB

.data Size: 13KB - Virtual size: 13KB

.rdata Size: 79KB - Virtual size: 78KB

.rsrc Size: 131KB - Virtual size: 131KB

.reloc Size: 2KB - Virtual size: 1KB

.text
Size: 59KB - Virtual size: 58KB

.dt_i
Size: 6KB - Virtual size: 6KB

.dt_e
Size: 1KB - Virtual size: 1KB

.data
Size: 13KB - Virtual size: 13KB

.rdata
Size: 79KB - Virtual size: 78KB

.rsrc
Size: 131KB - Virtual size: 131KB

.reloc
Size: 2KB - Virtual size: 1KB