4ba07b62cd6e09c198032ca3efc42c97_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

4ba07b62cd6e09c198032ca3efc42c97_JaffaCakes118
Size

57KB
MD5

4ba07b62cd6e09c198032ca3efc42c97
SHA1

a45db5e7adeece4bde5670c065361dd3508565a6
SHA256

3cf75da931091fb19ec1bb09d07f9e4ccfcb7f4280124d8028cd88a4ace85543
SHA512

4f8d3799ec5c983b0e662b87a50dbee50721d4e6c77c6a95a6f814892e9f61c5b7a51c84b8898a46dfa7fb4517720205aa6659c6bc2fb70f81cf4534b00d43d3
SSDEEP

1536:IaZcgFe3gusjWo2YhyZuTbU7QfHxsL8AEQ1E:DcgFfTWo2YiMfH651

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4ba07b62cd6e09c198032ca3efc42c97_JaffaCakes118

Files

4ba07b62cd6e09c198032ca3efc42c97_JaffaCakes118
.exe windows:5 windows x86 arch:x86

a76152c4b9c02044643606c69f7d3391

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

V:\mdjaGnbx\fmaVQzmfq\clLqHOaOvuts\qYsdcmjxoCu.pdb

Imports

msvcrt

towlower
strspn
iswxdigit
_controlfp
__set_app_type
wcscpy
mbstowcs
__p__fmode
__p__commode
fprintf
gmtime
putchar
strtol
_amsg_exit
perror
rand
strcpy
wcstol
_initterm
wcspbrk
atoi
_ismbblead
getenv
setlocale
wcscspn
vsprintf
wcslen
wcsrchr
exit
strpbrk
fflush
_XcptFilter
setvbuf
ungetc
fread
strtok
malloc
_exit
strncpy
wcsncmp
fgetc
strtoul
_cexit
__setusermatherr
wcsncpy
strstr
__getmainargs

kernel32

InitializeCriticalSection
CreateEventA
GetModuleHandleA
GetOverlappedResult
HeapFree
CreateFileMappingA
AddAtomW
GetFullPathNameW
SetEndOfFile
SizeofResource
SetThreadContext
WinExec
SetUnhandledExceptionFilter
CompareStringW
GetBinaryTypeW
HeapAlloc
ResetEvent
GetSystemDirectoryW
GetCommTimeouts
FindResourceExW
TerminateThread
GetComputerNameExW
SetLastError
GetBinaryTypeA
CreateDirectoryA
DeleteAtom
SetFileApisToOEM
FindCloseChangeNotification
GetThreadTimes
CreateNamedPipeW
SetThreadAffinityMask
FindFirstChangeNotificationW
WaitForSingleObject
OpenFile
GetComputerNameExA
EnumResourceNamesA
FlushFileBuffers
GetFileType
LoadLibraryW
GetVersionExW
SetCurrentDirectoryA
GetProcessHeap
GetTempFileNameA
CreateFileA
EscapeCommFunction
GetFileTime
GlobalLock
FindFirstFileW
UnlockFile
CancelIo
GetShortPathNameA
lstrcmpA
GetTickCount
DeleteCriticalSection
ReadFile
SetupComm
CopyFileA

user32

SetWindowTextW
IsCharAlphaA
SetWindowPos
GetDlgItemTextW
MapVirtualKeyExW
DeleteMenu
EnumWindows
ToUnicodeEx
CreateDialogIndirectParamW
SetWindowLongW
GetWindowLongA
MonitorFromRect
DestroyCursor
ShowWindow
CreateMenu
GetClientRect
CreateDialogParamA
OffsetRect
ArrangeIconicWindows
GetWindowRect
GetMenuStringA
InternalGetWindowText
MessageBoxExA
AppendMenuA
GetUserObjectInformationA
IntersectRect
ActivateKeyboardLayout
SetWindowPlacement
CreatePopupMenu
HideCaret
GetDlgItemTextA
GetNextDlgTabItem
CreateAcceleratorTableW
AdjustWindowRect
CharUpperBuffA
MapWindowPoints
GetActiveWindow
LoadIconA
CascadeWindows
CharUpperA
LoadStringA
GetMenuStringW
LoadBitmapA
GetMessageTime
GetGUIThreadInfo
DrawStateW
SetFocus
RedrawWindow
LookupIconIdFromDirectory
DrawTextW
SetUserObjectInformationW
GetNextDlgGroupItem
ShowScrollBar
TranslateMessage
GetSysColorBrush
CharToOemBuffA
DrawFrameControl
UpdateWindow
LoadMenuW
SendInput
FindWindowExW
GetShellWindow
GetSysColor
EnumChildWindows
CharLowerA
LoadCursorW
PostThreadMessageA
GetWindow
CharUpperW
IsZoomed
GetCaretPos
GetUpdateRect
DestroyCaret
GetForegroundWindow
MapDialogRect
OpenDesktopW
GetMenuItemInfoW
DrawAnimatedRects
IsWindowEnabled
DrawTextA
CopyImage
VkKeyScanW
SetMenu
ShowWindowAsync
SetScrollRange
LoadIconW
CharLowerBuffW
GetCursorPos
LoadBitmapW
MoveWindow
GetWindowTextLengthW
GetClassInfoExW
ChildWindowFromPoint
ClipCursor
DrawMenuBar
SetForegroundWindow
GetWindowTextW
RegisterClassExA
GetWindowPlacement
IsChild
TranslateAcceleratorA
SetMenuItemBitmaps
DialogBoxParamA
MessageBoxExW
InsertMenuA
IsDialogMessageA
GetDlgItemInt
OemToCharA
WindowFromPoint
CharToOemW
SystemParametersInfoA
SetCaretPos
RemovePropW
GetDlgCtrlID
FindWindowExA
SendDlgItemMessageA
wvsprintfA
CharPrevA
IsIconic
EnableMenuItem
SetCursorPos
GetClassLongA
ChildWindowFromPointEx

Exports

Exports

?DialogReactivateIns@@YGK_KHE[D

Sections

.text
Size: 21KB - Virtual size: 20KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 31KB - Virtual size: 31KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a76152c4b9c02044643606c69f7d3391

Headers

File Characteristics

PDB Paths

Imports

msvcrt

kernel32

user32

Exports

Exports

Sections

.text Size: 21KB - Virtual size: 20KB

.data Size: 2KB - Virtual size: 6KB

.rsrc Size: 31KB - Virtual size: 31KB

.reloc Size: 1KB - Virtual size: 1KB

.text
Size: 21KB - Virtual size: 20KB

.data
Size: 2KB - Virtual size: 6KB

.rsrc
Size: 31KB - Virtual size: 31KB

.reloc
Size: 1KB - Virtual size: 1KB