4b81b5e428a5870b728663512a9d8d41_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

4b81b5e428a5870b728663512a9d8d41_JaffaCakes118
Size

221KB
MD5

4b81b5e428a5870b728663512a9d8d41
SHA1

4a40e9ef6754a0b937519717fcb0924cb6be5cbf
SHA256

f9022da9a137f605b2ff2dd2521aa5dee11908416233f6f0c98e27985301616a
SHA512

5adb8c061bd10e5be8d95cecb794217b1fc7cffe19307e2735425133fab732ad3cfe7c5e62e621618062612768dedcddfb7e06d5d61ca825f9688eab8f235e9f
SSDEEP

6144:dnSe49mxh1+9bvONTBY5aelNRN+ncs3W2q:NSe4uvivOtBIagNRqZT

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4b81b5e428a5870b728663512a9d8d41_JaffaCakes118

Files

4b81b5e428a5870b728663512a9d8d41_JaffaCakes118
.exe windows:5 windows x86 arch:x86

0684b5bab2581b9b30c9456c50557aaa

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

E:\wIFmpoQqTsj\ibvnSpc\uoUcmxRjvaa.pdb

Imports

gdi32

RestoreDC
SetWindowOrgEx
CreateCompatibleDC
GetTextExtentPoint32A
CreateFontIndirectW
GetMapMode
PathToRegion
GetDIBColorTable
GetSystemPaletteEntries
RealizePalette
OffsetRgn
StretchDIBits
UnrealizeObject
EnumFontsW
StretchBlt
SetViewportExtEx
DeleteObject
GetTextCharsetInfo
GetDIBits
CreateDIBSection
GetLayout
GetCurrentObject
SelectPalette
StartDocW
EnumFontFamiliesW
SetWindowExtEx
GetTextExtentPointA
CreatePen
CreateRectRgn
Polygon
SelectClipRgn
PatBlt
BeginPath
MoveToEx
LPtoDP
CreatePenIndirect
GetTextExtentExPointW
GetTextMetricsA
GetNearestColor
GetNearestPaletteIndex
ExtFloodFill
CreateRectRgnIndirect
DPtoLP
SetBkMode
ExtTextOutA
EndPath
TranslateCharsetInfo

user32

FindWindowExW
InsertMenuA
RegisterClassW
GetMenuItemCount
VkKeyScanW
ValidateRect
GetClassInfoA
SetWindowTextA
GetClipCursor
GetMenuState
SetFocus
DefDlgProcW
PeekMessageW
GrayStringW
CopyAcceleratorTableW
IsCharUpperA
DestroyCursor
HiliteMenuItem
TabbedTextOutW
SetScrollInfo
GetKeyNameTextW
GetMenu
CheckMenuRadioItem
CharNextA
FillRect
ShowWindow
CheckDlgButton
RegisterClassExW
EnumThreadWindows
GetPropW
GetUserObjectInformationA
FindWindowExA
GetDoubleClickTime
SetMenuDefaultItem
ScreenToClient
ChildWindowFromPoint
AppendMenuA
MoveWindow
CreateDialogParamA
SetClassLongW
FindWindowA
GetMessageExtraInfo
IsWindowVisible
MonitorFromPoint
DrawAnimatedRects
RedrawWindow
GetDC
GetDlgItemTextA
CreateAcceleratorTableW
FindWindowW
GetWindowDC
SendMessageA
GetFocus
GetMessageW
AdjustWindowRectEx
TranslateMessage
MessageBoxW
DrawTextW
DestroyMenu
GetKeyState
DialogBoxParamA
GetMessageA
SetCursorPos
LoadStringA
GetDCEx
DeleteMenu
CallWindowProcW
CharUpperBuffW
CharUpperBuffA
WaitMessage
DispatchMessageA
GetSystemMenu
GetWindow
GetWindowTextA
AttachThreadInput
InvertRect
GetKeyboardLayout
EndTask
ChangeMenuW
PostThreadMessageA
UnloadKeyboardLayout
BringWindowToTop
ModifyMenuW
SetMenu
ExitWindowsEx
wsprintfA
EnableMenuItem
ScrollWindowEx
SetCursor
wsprintfW
MapVirtualKeyA
IsDialogMessageW
GetMenuItemRect
PtInRect
InSendMessageEx
PostQuitMessage
ShowScrollBar
GetKeyboardLayoutList
CharPrevA
GetScrollRange
IsZoomed
SendMessageTimeoutA
DispatchMessageW
SetRect
DefWindowProcW
SendDlgItemMessageA
GetDlgItemInt
CloseDesktop
LoadMenuW
SetWindowPos
EqualRect
DrawMenuBar

comdlg32

CommDlgExtendedError
GetSaveFileNameA
ReplaceTextW
GetOpenFileNameA
ChooseColorW
FindTextW

kernel32

GetFullPathNameA
lstrcmpiW
DuplicateHandle
SetLastError
GetVersionExA
OpenFileMappingA
CreateMailslotW
LCMapStringW
FlushFileBuffers
Sleep
LoadLibraryW
CompareFileTime
WideCharToMultiByte
GetSystemDirectoryW
CreateFileW
LoadLibraryA
EnumResourceTypesA
CloseHandle
GetCPInfo
GetTimeFormatW
DeleteFileA
HeapUnlock
GlobalGetAtomNameA
lstrcmpA
CreateFileA
GetTempPathW
ReleaseSemaphore
GlobalSize
GetHandleInformation
ClearCommBreak
CompareStringW
GetCurrentProcess
GlobalDeleteAtom
WriteConsoleInputW
WinExec
LCMapStringA
GetVersion
DeleteAtom
CreateEventA
LockFile
LocalLock
GetSystemTimeAdjustment
GetCurrentProcessId
SetHandleInformation
LocalReAlloc
IsBadReadPtr
GetCommConfig
GetTimeFormatA
VirtualQuery
CreateMutexW
FindNextChangeNotification
TlsFree
GlobalAddAtomW
MoveFileA
MoveFileExA

msvcrt

_controlfp
strtoul
iswspace
wcstol
mktime
getenv
sprintf
strrchr
__set_app_type
__p__fmode
__p__commode
_amsg_exit
mbtowc
isprint
swprintf
_initterm
_acmdln
towupper
perror
strtol
fwrite
wcstod
exit
atoi
bsearch
fputc
_ismbblead
toupper
vsprintf
_XcptFilter
wcscmp
qsort
ungetc
_exit
mbstowcs
_cexit
__setusermatherr
fread
iswxdigit
strcoll
putchar
__getmainargs
isxdigit
clock
wcschr
wcscoll

Exports

Exports

?RtlCommandLine@@YGPAHPAE~U
?CopyPoint@@YGXIPAK~U
?GlobalKeyboardExW@@YGPAJPAMII~U
?CrtAppNameOld@@YGPAJHJH_N~U
?EnumFolderPathOld@@YGPAEPAG~U
?IsValidOptionOriginal@@YGMPAKFPAE~U
?FreeFileExA@@YGI_NPAHH~U
?DecrementHeightNew@@YGDD~U
?GlobalDialogW@@YGPAJPAJ~U
?CloseFileOld@@YGPAXPAFMPAK~U
?OnMessageExW@@YGPAHMPAF~U
?LoadVersionNew@@YGFPANN~U
?FreeFolderPathW@@YGDDPAGNPAE~U
?GetDeviceW@@YGPAFPAK~U
?PutDirectoryOld@@YGPAJNFEF~U
?InstallNameW@@YGXPAKG~U
?ValidateConfigA@@YGNJFPAMPAJ~U
?EnumFolderPathNew@@YGPADMPAJK~U
?GetMonitorA@@YGPAXJIPAKPAK~U
?OnCharOld@@YGJDPADPAHI~U
?SetMemoryOriginal@@YGKPAJMM~U
?SendStateOld@@YGXM~U
?SetComponentNew@@YGJME~U
?ValidateDataOld@@YGPAKD~U
?RemoveTimerEx@@YGHH~U
?CrtCommandLineOld@@YGMD~U
?CopyRectEx@@YGPA_NMM~U
?HidePen@@YGXPAJ~U
?DeleteMediaTypeOld@@YGHPAFPAMJM~U
?FreePathEx@@YGIID~U
?FreeWindowW@@YGPAHPAE~U
?DecrementFullNameEx@@YGDPAHJK~U
?DecrementSizeA@@YGXJ~U
?InvalidateProfileW@@YGFGFG~U

Sections

.text
Size: 192KB - Virtual size: 191KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.tbl_i
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tbl_e
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bdat3
Size: 512B - Virtual size: 32B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bdat0
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bdat1
Size: 512B - Virtual size: 32B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bdat2
Size: 512B - Virtual size: 44B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.vptr4
Size: 512B - Virtual size: 32B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 1024B - Virtual size: 615B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

0684b5bab2581b9b30c9456c50557aaa

Headers

File Characteristics

PDB Paths

Imports

gdi32

user32

comdlg32

kernel32

msvcrt

Exports

Exports

Sections

.text Size: 192KB - Virtual size: 191KB

.tbl_i Size: 1KB - Virtual size: 1KB

.tbl_e Size: 1KB - Virtual size: 1KB

.bdat3 Size: 512B - Virtual size: 32B

.bdat0 Size: 5KB - Virtual size: 5KB

.bdat1 Size: 512B - Virtual size: 32B

.bdat2 Size: 512B - Virtual size: 44B

.vptr4 Size: 512B - Virtual size: 32B

.data Size: 13KB - Virtual size: 13KB

.rdata Size: 1024B - Virtual size: 615B

.rsrc Size: 512B - Virtual size: 16B

.reloc Size: 2KB - Virtual size: 2KB

.text
Size: 192KB - Virtual size: 191KB

.tbl_i
Size: 1KB - Virtual size: 1KB

.tbl_e
Size: 1KB - Virtual size: 1KB

.bdat3
Size: 512B - Virtual size: 32B

.bdat0
Size: 5KB - Virtual size: 5KB

.bdat1
Size: 512B - Virtual size: 32B

.bdat2
Size: 512B - Virtual size: 44B

.vptr4
Size: 512B - Virtual size: 32B

.data
Size: 13KB - Virtual size: 13KB

.rdata
Size: 1024B - Virtual size: 615B

.rsrc
Size: 512B - Virtual size: 16B

.reloc
Size: 2KB - Virtual size: 2KB