45ce9e1caa512c95733cf4291b2a1d8a_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

45ce9e1caa512c95733cf4291b2a1d8a_JaffaCakes118
Size

217KB
MD5

45ce9e1caa512c95733cf4291b2a1d8a
SHA1

e88f94a15f3e6acad685df0067f8b2534a8aaa2f
SHA256

0762305e94575852400c043b8a2465162db4b8aa3be28aadf8eaa4b9f9e28412
SHA512

193354f2ffafa7e234ef4a979bcf4f03658e0ed296112e581702af73bd5ee722e1d7d220bb28aba2205086770847f354d11e5b280175ba0027a509e913c26231
SSDEEP

3072:4wsSWCyRbBkQgOzt8j/wm4XY3z2sNIo6oHyFfNRMh6cm7WoQ7FYRqFJfNHu+k+H4:4FJCy/t8b+I3zNz6CyhzMhdm3Q7Lvi+

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
45ce9e1caa512c95733cf4291b2a1d8a_JaffaCakes118

Files

45ce9e1caa512c95733cf4291b2a1d8a_JaffaCakes118
.exe windows:5 windows x86 arch:x86

e0413e95e4f534a0a778bcf5a8c16ae1

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

F:\ElpfzsPvbk\Jfgjyhmaka\ueszpzxhIKkR\hwpSdhPtrYsbS.pdb

Imports

comctl32

ImageList_Write
PropertySheetW
ImageList_Create
CreatePropertySheetPageW
ImageList_AddMasked
ImageList_GetImageCount

msvcrt

_controlfp
qsort
atoi
__set_app_type
__p__fmode
strrchr
swscanf
__p__commode
realloc
malloc
_amsg_exit
wcschr
_initterm
_acmdln
exit
vsprintf
mktime
_ismbblead
wcscpy
strtoul
_XcptFilter
remove
strspn
localtime
mbtowc
isdigit
_exit
_cexit
ungetc
__setusermatherr
wcscat
setlocale
__getmainargs
tolower
clearerr
swprintf
iswdigit
wcscoll
getenv
iswprint
toupper
isprint
srand
towupper
wcstod
strstr

gdi32

GetTextAlign
PtInRegion
SetBitmapBits
GetStockObject
SetBitmapDimensionEx
Escape
SetBkMode
RealizePalette
SaveDC
DeleteDC
PolyBezier
AddFontResourceW
GetDIBColorTable
UnrealizeObject
SetPixel
CreateFontA
TranslateCharsetInfo
GetPaletteEntries
DeleteObject
GetNearestPaletteIndex
ExcludeClipRect
ExtFloodFill
LPtoDP
GetBkMode
Rectangle
ExtTextOutA
PathToRegion
CreateDiscardableBitmap
TextOutA
SelectPalette
RectInRegion
ScaleWindowExtEx
StretchDIBits
SetBkColor
CreatePolygonRgn
GetLayout
CreateEllipticRgnIndirect
CreateRoundRectRgn
SetDIBitsToDevice
SetLayout
PtVisible
GetFontData
Ellipse
GetObjectA

user32

InternalGetWindowText
GetScrollPos
GetClassInfoExA
CharPrevW
CreateDialogParamA
LockWindowUpdate
GetWindow
OffsetRect
IsZoomed
TrackPopupMenuEx
GetDlgItemTextW
GetDlgItemTextA
GetWindowLongA
ShowWindowAsync
CopyAcceleratorTableW
LookupIconIdFromDirectory
EnableMenuItem
CharUpperA
MessageBoxExA
CreateCaret
AppendMenuA
GetAsyncKeyState
DialogBoxParamW
MoveWindow
SetTimer
InflateRect
TranslateMessage
LoadCursorA
DrawMenuBar
RegisterClassExA
DispatchMessageW
CheckRadioButton
WindowFromPoint
SetWindowLongW
GetKeyboardLayoutNameW
RemovePropW
FindWindowExA
TranslateAcceleratorW
GetWindowTextW
CreateMenu
SetDlgItemTextW
BeginDeferWindowPos
KillTimer
ValidateRect
SetScrollInfo
EqualRect
SetLastErrorEx
SetUserObjectInformationW
ChildWindowFromPointEx
UpdateWindow
DrawTextA
CharNextA
PostMessageA
GetParent
GetWindowTextA
DefWindowProcW
mouse_event
IsCharUpperA
BeginPaint
ReplyMessage
SetMenuDefaultItem
DrawIcon
EndTask
CallWindowProcW
AllowSetForegroundWindow
SendInput
ClientToScreen
GetClipCursor
GetIconInfo
DestroyCursor
GetDoubleClickTime
SendMessageA
DrawTextW
CascadeWindows
SetPropW
GetClassNameW
GetMenuCheckMarkDimensions
SetRectEmpty
GetCaretPos
SetWindowTextA
DefDlgProcW
GetSystemMenu
SendMessageTimeoutW
CheckMenuItem
CharNextExA
InvalidateRgn
GetUserObjectInformationW
ShowOwnedPopups
EndPaint
OpenIcon
OemToCharBuffA
SwitchToThisWindow
SendDlgItemMessageA
wsprintfW
GetDC
GetKeyboardLayout
IsDialogMessageW
RegisterClassW
GetTopWindow
ScreenToClient
GetSysColorBrush
IsCharLowerA
LoadStringW
CreateDialogParamW
SetSysColors
InSendMessageEx
LoadBitmapW
LoadBitmapA
LoadImageA

kernel32

LocalReAlloc
GetStartupInfoW
HeapReAlloc
GetLocaleInfoW
CancelIo
GetThreadTimes
GetCommProperties
SetThreadAffinityMask
DeviceIoControl
GetWindowsDirectoryA
WriteFile
ReleaseMutex
lstrcmpW
GetModuleHandleW
RaiseException
UnlockFile
SystemTimeToFileTime
CreateDirectoryW
GetTempPathA
GetThreadContext
EnumResourceNamesA
GlobalReAlloc
SetHandleCount
ConvertDefaultLocale
SearchPathA
ResetEvent
LockFile
GetFileAttributesExA
GetFileInformationByHandle
LeaveCriticalSection
GetDateFormatW
SetThreadContext
GetNumberFormatA
lstrcmpiW
EnumResourceTypesA
FindClose
SetMailslotInfo
GetCommConfig
IsBadReadPtr
SetCurrentDirectoryW
IsBadStringPtrW
GetComputerNameExA
GlobalAlloc
GetFileTime
CopyFileA
SetFileTime
lstrlenA
GetCurrentThread
VirtualAlloc
GetWindowsDirectoryW
FindFirstChangeNotificationW

Exports

Exports

?InvalidateAppNameEx@@YGPAEMPAKD~U
?CopyMutant@@YGPAXPANPAH~U
?SetSemaphoreW@@YGPAJM~U
?PutExpressionA@@YGKDDJH~U
?RemoveTimeExA@@YGXPAHGJ~U
?HideDateOriginal@@YGHI~U
?ModifySizeOld@@YGXPAF_N~U
?CopyCharExA@@YGPAFFPAJPAI~U
?PutHeaderEx@@YGPAEPAKMPAN~U
?EnumNameNew@@YGPAGIJ~U
?DecrementConfigExA@@YGIPAFM~U
?GetEventNew@@YGPAEPAIED~U
?InstallHeightA@@YGPADPAHPAM~U
?FreeListItem@@YGFH_N~U
?KillMutexA@@YGXPAKPAN~U
?FolderEx@@YGDPAKJ~U
?CancelFunctionEx@@YGPADPAFKK~U
?RtlAnchorNew@@YGK_NME~U
?HideFunctionEx@@YGMN~U
?ObjectEx@@YGXG~U
?DeleteComponent@@YG_NPA_NPAIPAH~U
?InstallAnchorExW@@YGHPAD~U
?FindDateTimeExA@@YGEI~U
?CancelWindowInfoExA@@YGGDGPADK~U
?SetMutantW@@YGPAMPAE_N~U
?CloseTimerNew@@YGXIPAJ~U
?InvalidateRectW@@YGPAGJMPADK~U
?InsertMessage@@YGEF~U
?KillFunctionOld@@YGIPAHII~U
?AddKeyboardExA@@YGPAJNPAN~U
?DecrementPenW@@YGPAGJJPAMPAG~U
?Directory@@YGXKPAHM~U
?ModifyPointOld@@YGEPAN~U
?RtlListOld@@YGEGJE~U

Sections

.text
Size: 188KB - Virtual size: 188KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.tbl_i
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tbl_e
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bdat3
Size: 512B - Virtual size: 32B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bdat0
Size: 512B - Virtual size: 32B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bdat1
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bdat2
Size: 512B - Virtual size: 44B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.vptr4
Size: 512B - Virtual size: 32B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 1024B - Virtual size: 697B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e0413e95e4f534a0a778bcf5a8c16ae1

Headers

File Characteristics

PDB Paths

Imports

comctl32

msvcrt

gdi32

user32

kernel32

Exports

Exports

Sections

.text Size: 188KB - Virtual size: 188KB

.tbl_i Size: 1KB - Virtual size: 1KB

.tbl_e Size: 1KB - Virtual size: 1KB

.bdat3 Size: 512B - Virtual size: 32B

.bdat0 Size: 512B - Virtual size: 32B

.bdat1 Size: 5KB - Virtual size: 5KB

.bdat2 Size: 512B - Virtual size: 44B

.vptr4 Size: 512B - Virtual size: 32B

.data Size: 13KB - Virtual size: 13KB

.rdata Size: 1024B - Virtual size: 697B

.rsrc Size: 512B - Virtual size: 16B

.reloc Size: 2KB - Virtual size: 1KB

.text
Size: 188KB - Virtual size: 188KB

.tbl_i
Size: 1KB - Virtual size: 1KB

.tbl_e
Size: 1KB - Virtual size: 1KB

.bdat3
Size: 512B - Virtual size: 32B

.bdat0
Size: 512B - Virtual size: 32B

.bdat1
Size: 5KB - Virtual size: 5KB

.bdat2
Size: 512B - Virtual size: 44B

.vptr4
Size: 512B - Virtual size: 32B

.data
Size: 13KB - Virtual size: 13KB

.rdata
Size: 1024B - Virtual size: 697B

.rsrc
Size: 512B - Virtual size: 16B

.reloc
Size: 2KB - Virtual size: 1KB