4585860661a2e9c939591bf0075cf3b3_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

4585860661a2e9c939591bf0075cf3b3_JaffaCakes118
Size

76KB
MD5

4585860661a2e9c939591bf0075cf3b3
SHA1

df087ab6b9c5b3a2a7b7a7e5079b677e723080c2
SHA256

8b125efc96c4fdbf9443be3b4c980ad7c3424eda29b0315a1c7adf66ba456a8b
SHA512

259ce56adccb52113e00d26c44b6310615084893bf0594005c7c7b2b4b1d42a780494c9395364aac98c25247855edfd9f6a67e012a541414af18465e29d521ba
SSDEEP

1536:fSThkdmziorVhMCMW/xgFZsIx0/YGx9KuoXnVRgu:fSTh/8b6S/sIlgKblSu

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4585860661a2e9c939591bf0075cf3b3_JaffaCakes118

Files

4585860661a2e9c939591bf0075cf3b3_JaffaCakes118
.exe windows:5 windows x86 arch:x86

a7d2df82879ae43a51f30e2cf751a958

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

W:\baRtoozjjns\tDSFTvnzznu\seqnwtftxottxe\RutezdEcuc.pdb

Imports

user32

DestroyIcon
SetDlgItemInt
SetDlgItemTextW
GetScrollRange
WaitMessage
CreateWindowExW
FindWindowExW
ShowScrollBar
SetWindowTextA
GetMessageW
HiliteMenuItem
VkKeyScanW
GetDlgItemTextW
IsWindow
ToUnicodeEx
GetClipCursor
SendMessageA
GetWindowRect
GetMenuItemInfoW
LoadIconW
GetClassLongA
SetCursor
CreateAcceleratorTableW
GetForegroundWindow
PostQuitMessage
wsprintfW
DrawFocusRect
GetMonitorInfoW
GetKeyboardLayoutList
LoadAcceleratorsA
GetUpdateRect
SystemParametersInfoW
DrawTextA
DeferWindowPos
SetRect
ValidateRect
GetSubMenu
FindWindowW
SetSysColors
IsCharAlphaW
EnableMenuItem
MessageBoxW
AttachThreadInput
OpenIcon
EndDialog
DestroyCursor
DestroyAcceleratorTable
ModifyMenuW
LoadBitmapA
GetWindowTextW
SendDlgItemMessageA
SetWindowLongA
DispatchMessageA
LoadStringA
EnableWindow
TranslateMessage
IsCharUpperA
SetPropW
MapWindowPoints
SetActiveWindow
GetUserObjectInformationW
ScrollWindowEx
GetSystemMetrics
DrawMenuBar
GetShellWindow
GetDlgItemInt
GetMessageTime
SetDlgItemTextA
RegisterHotKey
GetDialogBaseUnits
GetClientRect
MoveWindow
mouse_event
CharNextExA
DrawTextW
GetKeyState
OpenDesktopW
DrawStateA
BeginDeferWindowPos
GetLastActivePopup
CharUpperBuffW
DrawIconEx
SendMessageTimeoutW
ClipCursor
CascadeWindows
SetCaretPos
OemToCharBuffA
SetWindowLongW
WindowFromPoint
ScreenToClient
TranslateAcceleratorW
SetFocus
DispatchMessageW
FrameRect
InflateRect
ActivateKeyboardLayout
InvalidateRect
SetMenu
FillRect
LoadAcceleratorsW
RegisterClassA
SendDlgItemMessageW
SetCursorPos
ShowWindowAsync
ReplyMessage
IntersectRect
GetNextDlgGroupItem
GetDC
GetKeyNameTextW
LoadCursorA
InSendMessage
CopyImage
RegisterWindowMessageW
MessageBoxExW
SetMenuItemBitmaps
IsCharLowerA
CallWindowProcW
WaitForInputIdle
GetDoubleClickTime
CreateCursor

shlwapi

StrToIntW

kernel32

GetFullPathNameA
WaitCommEvent
GetCommConfig
GetSystemDefaultUILanguage
lstrcpyA
TlsFree
LoadLibraryA
GetPriorityClass
GetThreadPriority
CreateEventA
CreateNamedPipeW
GetShortPathNameA
EnumResourceNamesA
MulDiv
SetSystemTimeAdjustment
LoadLibraryExA
lstrcatA
FreeResource
GetCurrentDirectoryW
SetHandleInformation
HeapFree
LocalLock
AddAtomA
lstrlenW
AddAtomW
lstrcpyW
GetCompressedFileSizeW
TerminateThread
lstrcmpiA
lstrlenA
CancelIo
CreateFileMappingW
FileTimeToDosDateTime
SetPriorityClass
FileTimeToLocalFileTime
GetComputerNameExA
GetUserDefaultLCID
lstrcpynA
GetSystemDirectoryW
WriteFile
GetNumberFormatA
FindResourceA
GetWindowsDirectoryW
GetFileType
SetFileAttributesA
LocalUnlock
RegisterWaitForSingleObject
GetLastError
GetSystemTimeAsFileTime
GetComputerNameExW
GlobalCompact
GetLongPathNameW
GetModuleFileNameA
GetTempFileNameA
CloseHandle
CreatePipe

msvcrt

toupper
gets
wcsncmp
iswdigit
setlocale
strcspn
fputs
exit
_controlfp
getenv
isalpha
iswspace
__set_app_type
fgets
atoi
wcscpy
__p__fmode
mbtowc
__p__commode
_amsg_exit
wcscmp
_initterm
fgetc
_ismbblead
towlower
strstr
clearerr
strspn
swscanf
isdigit
_XcptFilter
_exit
gmtime
_cexit
strncpy
wcstoul
time
fread
fwrite
strtoul
wcscspn
wcslen
__setusermatherr
mktime
wcscat
isalnum
__getmainargs

Exports

Exports

?GetShiftAltInfo@@YGK_KHE:O

Sections

.text
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.bit
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.insec
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.inmin
Size: 512B - Virtual size: 86B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.wall
Size: 1024B - Virtual size: 38KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.zdata
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 512B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 42KB - Virtual size: 42KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a7d2df82879ae43a51f30e2cf751a958

Headers

File Characteristics

PDB Paths

Imports

user32

shlwapi

kernel32

msvcrt

Exports

Exports

Sections

.text Size: 7KB - Virtual size: 7KB

.bit Size: 1KB - Virtual size: 1KB

.insec Size: 6KB - Virtual size: 5KB

.inmin Size: 512B - Virtual size: 86B

.wall Size: 1024B - Virtual size: 38KB

.zdata Size: 12KB - Virtual size: 12KB

.data Size: 2KB - Virtual size: 1KB

.tls Size: 512B - Virtual size: 512B

.rsrc Size: 42KB - Virtual size: 42KB

.reloc Size: 1KB - Virtual size: 1KB

.text
Size: 7KB - Virtual size: 7KB

.bit
Size: 1KB - Virtual size: 1KB

.insec
Size: 6KB - Virtual size: 5KB

.inmin
Size: 512B - Virtual size: 86B

.wall
Size: 1024B - Virtual size: 38KB

.zdata
Size: 12KB - Virtual size: 12KB

.data
Size: 2KB - Virtual size: 1KB

.tls
Size: 512B - Virtual size: 512B

.rsrc
Size: 42KB - Virtual size: 42KB

.reloc
Size: 1KB - Virtual size: 1KB