448d4d86715918b3ff1174b586017ba5_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

448d4d86715918b3ff1174b586017ba5_JaffaCakes118
Size

43KB
MD5

448d4d86715918b3ff1174b586017ba5
SHA1

28db4f3d5a59f1d9ffdb5de15df9dc4ce851c01e
SHA256

0f3c61026a095fb8cec94a950e5be289a44c89ed46ca428d8b38509b0aca6e13
SHA512

39e5a664547088fa20dfee2df7e660e7e680d58479121a292ce206a7727d10605b1c3156e3163fd62ecbd2919e1eada301f29f7122b14c2ea3f50681662e7f58
SSDEEP

768:4aqHXxbYEAAUNNksHsXxDx+OqHywRoVjBMcUabeFhexlx4/:4a+xbY/AUN64sXxDx+OqHBMRbWIxc

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
448d4d86715918b3ff1174b586017ba5_JaffaCakes118

Files

448d4d86715918b3ff1174b586017ba5_JaffaCakes118
.exe windows:5 windows x86 arch:x86

99c85dae399e2adcede32f494e8b96ec

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

L:\gkiZqtsxvrdhT\veliilaft\MuKrgrhehtzzA.pdb

Imports

user32

SetDlgItemTextA
InsertMenuItemW
CreatePopupMenu
GetNextDlgTabItem
GetMenuStringW
EnumWindows
SetLastErrorEx
InSendMessageEx
MonitorFromPoint
GetClassInfoExA
SetWindowRgn
DialogBoxParamW
GrayStringW
HiliteMenuItem
DispatchMessageA
GetSysColorBrush
MessageBoxExW
OemToCharBuffA
ShowWindow
LoadMenuA
wsprintfW
SetTimer
SendMessageA
DrawMenuBar
GetDlgItemTextW
SetDlgItemTextW
LoadCursorA
GetDlgItem
ActivateKeyboardLayout
IsCharAlphaW
CreateDialogIndirectParamW
DefFrameProcA
LoadCursorW
SendDlgItemMessageA
SetRect
CheckMenuRadioItem
SetDlgItemInt
SendDlgItemMessageW
CharLowerW
DrawIcon
GetKeyboardLayout
LoadMenuW
SendMessageTimeoutW
OpenDesktopW
IsMenu
IntersectRect
MapDialogRect
BeginPaint
SetWindowPos
DrawAnimatedRects
GetWindowTextW
IsWindowUnicode
SetScrollInfo
CreateIconIndirect
RegisterClassExW
CharNextExA
CheckMenuItem
InternalGetWindowText
GetCursorPos
CreateDialogParamW
CheckDlgButton
GetUpdateRect
InvalidateRgn
SetMenuItemInfoW
UpdateWindow
CreateAcceleratorTableW
AdjustWindowRectEx
ReplyMessage
UnionRect
CallWindowProcW
RegisterWindowMessageA
GetScrollPos
GetClientRect
IsChild
SetWindowPlacement
RegisterClassExA
AdjustWindowRect
CopyImage
IsCharAlphaA
CharUpperW
GetClassInfoW
SendNotifyMessageW
CharUpperA
ReleaseDC

msvcrt

strerror
_controlfp
mktime
isalnum
strstr
__set_app_type
wcscmp
perror
fgets
iswxdigit
__p__fmode
fprintf
swscanf
qsort
isprint
__p__commode
_amsg_exit
ftell
iswalpha
iswspace
atoi
printf
_initterm
srand
malloc
_ismbblead
sprintf
_XcptFilter
exit
_exit
memset
_cexit
wcscat
tolower
__setusermatherr
__getmainargs
fseek

shlwapi

UrlGetLocationA

comdlg32

PrintDlgExW
GetSaveFileNameA
PrintDlgW

kernel32

EnumResourceLanguagesA
GetFileType
FindResourceA
GlobalHandle
WinExec
SetHandleCount
GetModuleHandleW
FindResourceExW
ConvertDefaultLocale
DeleteFileA
ClearCommError
SetFileTime
GetFileSize
GetWindowsDirectoryW
GetModuleFileNameA
ConnectNamedPipe
GetSystemDirectoryW
EnumResourceTypesA
SetCurrentDirectoryW
GetBinaryTypeW
GetUserDefaultLCID
GetModuleHandleA
LeaveCriticalSection
TransactNamedPipe
TlsFree
LCMapStringW
lstrcpynA
FindFirstFileW
CreateFileA
CreateRemoteThread
CompareStringW
HeapFree
GetLocaleInfoW
GetCompressedFileSizeW
RaiseException
lstrcpyW
SearchPathA

comctl32

InitCommonControlsEx
ImageList_Create
PropertySheetA
ImageList_GetImageCount
ImageList_Write
CreatePropertySheetPageW

Exports

Exports

?HistoryLoggingOn@@YGKDKPAX:O

Sections

.text
Size: 24KB - Virtual size: 23KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.eplan
Size: 512B - Virtual size: 91B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.ainit
Size: 1024B - Virtual size: 864B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdbg
Size: 512B - Virtual size: 97B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.iplan
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.run
Size: 1024B - Virtual size: 580B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.0dat
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

99c85dae399e2adcede32f494e8b96ec

Headers

File Characteristics

PDB Paths

Imports

user32

msvcrt

shlwapi

comdlg32

kernel32

comctl32

Exports

Exports

Sections

.text Size: 24KB - Virtual size: 23KB

.eplan Size: 512B - Virtual size: 91B

.ainit Size: 1024B - Virtual size: 864B

.rdbg Size: 512B - Virtual size: 97B

.data Size: 2KB - Virtual size: 1KB

.iplan Size: 4KB - Virtual size: 4KB

.run Size: 1024B - Virtual size: 580B

.0dat Size: 6KB - Virtual size: 6KB

.rsrc Size: 2KB - Virtual size: 1KB

.text
Size: 24KB - Virtual size: 23KB

.eplan
Size: 512B - Virtual size: 91B

.ainit
Size: 1024B - Virtual size: 864B

.rdbg
Size: 512B - Virtual size: 97B

.data
Size: 2KB - Virtual size: 1KB

.iplan
Size: 4KB - Virtual size: 4KB

.run
Size: 1024B - Virtual size: 580B

.0dat
Size: 6KB - Virtual size: 6KB

.rsrc
Size: 2KB - Virtual size: 1KB