44f77efe2eb36f2e1996f8330644e186_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

44f77efe2eb36f2e1996f8330644e186_JaffaCakes118
Size

160KB
MD5

44f77efe2eb36f2e1996f8330644e186
SHA1

12fec84959ca743192deac78e64635b47767e4da
SHA256

5bd8ac1739c76930f0622da92f4422e363f00258b254d031ff788c5bf3352881
SHA512

f31fe30c0a13f370020a79e37ee8dcc3eeb358ac5acd5454d93a426484afa7682c0c1c7fa35901df08caa45d2d51fbd494efbd19db5da1d3d068b86e3d49f399
SSDEEP

3072:h9Hdi7yssk0zoTypc6p8Bx1Fh2QOwlBQfeqLLdn2+T6t5LRIzPTVCvEKHK:fHfssPcTyu6yBedYq/d2kC51IrTUEKHK

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
44f77efe2eb36f2e1996f8330644e186_JaffaCakes118

Files

44f77efe2eb36f2e1996f8330644e186_JaffaCakes118
.exe windows:5 windows x86 arch:x86

15115dad032fd2cb2c9479dd331d40a1

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

O:\fLFcekcCbhsJj\lykoovvvWuOc\bbsatcMmVDpafr\DUbdqoziqmc.pdb

Imports

comctl32

ImageList_AddMasked
ImageList_Write
PropertySheetA
ImageList_Destroy
InitCommonControlsEx
ImageList_Remove

kernel32

ReadFile
CreateRemoteThread
GetFileTime
FlushViewOfFile
GetVersion
DeleteCriticalSection
OpenSemaphoreW
GetSystemDirectoryW
HeapCreate
GetSystemTimeAsFileTime
GlobalGetAtomNameA
GetUserDefaultUILanguage
SetWaitableTimer
GetFileAttributesExW
WaitForMultipleObjectsEx
LocalUnlock
GetVersionExA
GetNumberFormatA
SearchPathA
GlobalAddAtomW
SizeofResource
GetStdHandle
CompareStringW
HeapUnlock
ResumeThread
SuspendThread
LocalFree
LoadLibraryA
ReleaseMutex
GetThreadPriority
CreateMutexA
GlobalFree
GetCommConfig
lstrcmpA
GlobalCompact
GetCommandLineA
LoadLibraryW
GetModuleHandleA
GetFileInformationByHandle
HeapWalk
UnhandledExceptionFilter
SetThreadPriority
GetWindowsDirectoryA
FreeResource
LoadLibraryExW
SetCurrentDirectoryA
GetCompressedFileSizeW
CreateEventW
GetTempFileNameA
SetFileAttributesW
GetModuleFileNameW
QueryDosDeviceW
PulseEvent
GetComputerNameW
TransactNamedPipe
FreeLibrary
lstrcpynA

gdi32

RealizePalette
CreateFontA
GetTextExtentPoint32W
GetNearestPaletteIndex
GetTextColor
SetWindowExtEx
CreateBitmap
Escape
SelectObject
StretchBlt
CreateBrushIndirect
ExtTextOutA
GetSystemPaletteEntries
SetTextColor
SetTextAlign
StretchDIBits
UnrealizeObject
PatBlt
GetClipBox
PathToRegion
RemoveFontResourceW
GetBitmapBits
GetRgnBox
FillRgn
SaveDC
GetFontData
GetDIBits
ScaleViewportExtEx
DPtoLP
Polyline
GetTextExtentExPointW
CreatePolygonRgn
SetViewportExtEx
PtInRegion
RoundRect
CreateEllipticRgnIndirect
GetROP2
EndPath
OffsetViewportOrgEx
ExtFloodFill
GetSystemPaletteUse
GetStockObject
SetStretchBltMode
ResizePalette
CreateDiscardableBitmap
CreateFontIndirectA
SetBkMode
CreatePen
MoveToEx
GetCurrentObject
CreatePalette

msvcrt

_controlfp
wcscoll
mbstowcs
wcstod
isalpha
__set_app_type
wcspbrk
wcsrchr
isalnum
isprint
__p__fmode
__p__commode
wcstoul
_amsg_exit
mbtowc
iswdigit
swprintf
clearerr
_initterm
strstr
wcstol
_acmdln
swscanf
exit
_ismbblead
gmtime
malloc
iswalpha
fwrite
wcscmp
iswctype
_XcptFilter
towupper
wcscpy
wcstok
islower
_exit
gets
isspace
floor
_cexit
sprintf
__setusermatherr
__getmainargs
iswprint
puts
fread
strpbrk
wcslen

user32

DispatchMessageA
GetTopWindow
RedrawWindow
GetFocus
GetDCEx
SetWindowPlacement
CharLowerW
AttachThreadInput
SendMessageW
GetClientRect
GetDlgItemTextW
GetIconInfo
CharLowerBuffW
RegisterWindowMessageW
IsIconic
ShowWindowAsync
DialogBoxIndirectParamW
WaitForInputIdle
SetFocus
EndPaint
GetKeyNameTextW
GetWindow
GetForegroundWindow
GetCaretPos
CopyAcceleratorTableW
DrawStateW
MessageBoxExA
SetDlgItemTextA
CharToOemW
EqualRect
CreatePopupMenu
ShowOwnedPopups
RegisterClassExW
GetMenuStringW
OpenDesktopW
GetMenuState
SetActiveWindow
IsWindowEnabled
SendMessageTimeoutW
GetDialogBaseUnits
CharNextA
GetKeyboardLayoutList
PostThreadMessageA
DefDlgProcA
SendInput
RegisterClassExA
GetSystemMetrics
InsertMenuItemW
GetWindowTextLengthW
TileWindows
ExitWindowsEx
SetUserObjectInformationW
CharPrevW
TrackPopupMenu
GetUpdateRgn
GetClassInfoA
mouse_event
IsChild
DestroyAcceleratorTable
LoadImageW
SetForegroundWindow
IsMenu
GetDlgItemTextA
SetCaretPos
DrawIcon
GetScrollInfo
IsZoomed
UnionRect
DefFrameProcA
PostQuitMessage
ClipCursor
SendMessageTimeoutA
DeferWindowPos
SetClassLongW
IsWindowVisible
LoadStringW
BringWindowToTop
OffsetRect
MessageBoxA
SetScrollInfo
GetWindowDC
ToUnicodeEx
DrawFrameControl
VkKeyScanW
GetKeyboardLayoutNameW
GetMenu
FindWindowA
EnumWindows
GetDC
InvertRect
ChildWindowFromPoint
SetScrollRange
GetWindowTextW
GetSysColor
MapWindowPoints
SetPropW
CharNextW
DrawIconEx
SendNotifyMessageW
SetMenu
AllowSetForegroundWindow
MonitorFromPoint
DestroyMenu
GetSubMenu
GetMessageTime
ShowCursor
CreateDialogParamW
CharLowerA
ChangeMenuW
CopyImage
ClientToScreen
DestroyCaret
AdjustWindowRect
wvsprintfA
OpenInputDesktop
GetMonitorInfoW
CloseDesktop
SetTimer

shlwapi

StrChrIA

Exports

Exports

?DeleteOptionA%%DFPAEPANHEPAK~U
?PutStateW%%DFDJ~U
?RemoveModule%%DFDFPAIK~U
?RtlProcessEx%%DFFFPAHGE~U
?RemoveEventEx%%DFGD~U
?GlobalWidthExW%%DFGPAJ~U
?OnConfigOld%%DFPAKMIPAGD~U
?IncrementStringExW%%DFEJ~U
?ExecuteLoaderTrayXBwyGD@@YGKGHE@Z
?SendMediaTypeExA%%DFPAHPAIF~U
?AddConfigOriginal%%DFNEFPAFPAG~U
?ShowHeight%%DFMPADDM~U
?SetObjectExW%%DFPAJPAN_NPAI~U
?ModifyThread%%DFPAJPAM~U
?RtlHeightExW%%DFPAXKJ~U
?LoadConfig%%DFI_N~U
?InstallSizeExW%%DFMPAG_N~U
?HideFileNew%%DFGPADN~U
?FormatExpressionOriginal%%DFGPA_N~U
?RemoveWindowInfoExA%%DFJM~U
?CrtNameA%%DFGNG~U
?AddCharW%%DFPAKKF~U
?GetDateTimeExW%%DFIPAKPAF~U
?IsNotTimerExA%%DFPAFPAMIPAKH~U
?EnumMemoryW%%DFXM~U
?RemoveStringEx%%DFPAXJG~U
?InvalidateDirectoryA%%DFPAIPA_NM~U
?CrtCommandLineExW%%DFPAHPAJ~U
?CloseMutex%%DFXPAEPAFF~U
?AddWindowA%%DF_NPAHPAGH~U
?FreePointerA%%DFPAHFGD~U
?InstallFilePathW%%DF_NKDE_N~U
?RtlStateEx%%DFHIDNPAN~U
?KillNameOriginal%%DFGJD~U
?IsClass%%DFGDEN~U

Sections

.text
Size: 21KB - Virtual size: 20KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ticx
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.zdata
Size: 512B - Virtual size: 236B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 3KB - Virtual size: 74KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 127KB - Virtual size: 127KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

15115dad032fd2cb2c9479dd331d40a1

Headers

File Characteristics

PDB Paths

Imports

comctl32

kernel32

gdi32

msvcrt

user32

shlwapi

Exports

Exports

Sections

.text Size: 21KB - Virtual size: 20KB

.ticx Size: 7KB - Virtual size: 7KB

.zdata Size: 512B - Virtual size: 236B

.data Size: 3KB - Virtual size: 74KB

.rsrc Size: 127KB - Virtual size: 127KB

.reloc Size: 1KB - Virtual size: 1KB

.text
Size: 21KB - Virtual size: 20KB

.ticx
Size: 7KB - Virtual size: 7KB

.zdata
Size: 512B - Virtual size: 236B

.data
Size: 3KB - Virtual size: 74KB

.rsrc
Size: 127KB - Virtual size: 127KB

.reloc
Size: 1KB - Virtual size: 1KB