47a5970045bb87fecfdf4848cb674a1a_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

47a5970045bb87fecfdf4848cb674a1a_JaffaCakes118
Size

42KB
MD5

47a5970045bb87fecfdf4848cb674a1a
SHA1

634cddd431cee652fa2c2544064edefc6aca3a4f
SHA256

12e0caae0a147c9a3d0323242d84c8b69365755f6814e48bc9d9f9fc7e0b1af5
SHA512

dbc2c0a9e7715dbbe4311ecf17f590de3549a35c0bdea9e4a6b652115ea209530281210a2f8feb9e8a6632a601428ba36443c2dfd46f50843ce1a3339541af52
SSDEEP

768:J2eAk+Boqi5dzKvUVmdtN2RBovhmTuDtJrRtIV+9XwLO8i/iN4fJ:qBhi5dzK3ZhmyDfVwS8+vR

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
47a5970045bb87fecfdf4848cb674a1a_JaffaCakes118

Files

47a5970045bb87fecfdf4848cb674a1a_JaffaCakes118
.exe windows:5 windows x86 arch:x86

7650d6e0ffc9d51a36857db056f18a75

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

L:\jpImDUZj\eqmfivnvYEl\vulevEwrevrnl.pdb

Imports

msvcrt

wcstok
qsort
isxdigit
wcscoll
free
_controlfp
fread
fflush
system
fgetc
iswprint
time
__set_app_type
__p__fmode
bsearch
mbtowc
atol
strtok
wcsncmp
__p__commode
_amsg_exit
puts
mbstowcs
fwrite
wcsrchr
mktime
fprintf
wcsncpy
iswdigit
_initterm
strpbrk
fseek
_ismbblead
isalnum
_XcptFilter
gmtime
wcscpy
towupper
_exit
strcpy
strcspn
strncpy
strerror
perror
_cexit
__setusermatherr
__getmainargs

user32

wsprintfW
CreateDialogParamW
GetClassInfoExW
DrawEdge
CharNextA
SetWindowLongW
ArrangeIconicWindows
PostThreadMessageW
OpenInputDesktop
FillRect
DispatchMessageW
FindWindowW
GetPropW
ShowOwnedPopups
DialogBoxIndirectParamA
IsMenu
GetKeyboardType
GetMenuItemInfoW
MapVirtualKeyA
CallWindowProcW
CharLowerW
CreateWindowExA
BringWindowToTop
GetMenu
WaitMessage
IsCharAlphaW
OemToCharBuffA
ScrollWindowEx
GetDlgItem
DefWindowProcA
SendMessageW
IsDlgButtonChecked
DrawStateA
FrameRect
LoadImageA
GetNextDlgGroupItem
CheckRadioButton
GetWindowTextW
SendInput
CreateMenu
InSendMessageEx
EqualRect
IsCharAlphaA
GetDlgItemTextA
DrawStateW
MessageBoxExA
GetClassInfoW
ClipCursor
GetFocus
GetClassNameW
CharUpperBuffA
AppendMenuW
CreateDialogIndirectParamW
PostMessageW
OemToCharA
DestroyWindow
SetCursorPos
GetLastActivePopup
GetActiveWindow
MessageBoxA
ModifyMenuW
GetMenuCheckMarkDimensions
PeekMessageA
VkKeyScanW
GetClientRect
DestroyCaret
DeferWindowPos
DestroyAcceleratorTable
EnableWindow
SetFocus
GetTopWindow
GetMessageW
EnableScrollBar
AdjustWindowRect
InSendMessage
CharNextExA
HiliteMenuItem
GetMenuItemCount
CharUpperBuffW
GetScrollInfo
CharToOemW
CreateIconIndirect
SetScrollPos
SetScrollRange
IsWindowVisible
GetWindowPlacement
TrackPopupMenuEx
IsDialogMessageW
LoadImageW
ToUnicodeEx
LoadIconA
EnableMenuItem
GetWindowLongA
ClientToScreen
RegisterHotKey
SendDlgItemMessageA
OffsetRect
BeginPaint
CreateCursor
MonitorFromRect
DrawAnimatedRects
GetUpdateRect
wsprintfA
SendMessageA
GetParent
SetMenuItemInfoW
DialogBoxIndirectParamW
AttachThreadInput
PostQuitMessage
RegisterClassW
CharPrevA
GetMessageExtraInfo
GetSysColor
ValidateRect
GetMenuItemID
IsZoomed
DestroyCursor
SetRectEmpty
GetDCEx
DrawIconEx
LoadAcceleratorsW
GetDialogBaseUnits
InternalGetWindowText
SetWindowTextW

comdlg32

GetSaveFileNameA
PrintDlgExW
GetSaveFileNameW
PageSetupDlgW

kernel32

GetDateFormatA
GetCurrentDirectoryW
GlobalReAlloc
DeleteCriticalSection
GetCurrentThread
CreateWaitableTimerA
lstrlenW
GetModuleFileNameA
GetSystemTimeAsFileTime
CreateDirectoryW
GetSystemDirectoryW
SetLastError
ReleaseMutex
GetVersionExA
GetComputerNameExW
WaitForMultipleObjectsEx
SetErrorMode
GlobalAddAtomW
SetEvent
EnumResourceTypesA
GetFileTime
VirtualAlloc
GetTempPathW
GetCurrentThreadId
TlsFree
SearchPathW
UnlockFile
GetBinaryTypeA
SetSystemTimeAdjustment
EnumSystemLocalesA
SetFileTime
OpenFile
IsBadReadPtr
SetFileAttributesA
lstrcpynW
GetSystemDirectoryA
GetTempPathA
VirtualFree
EnterCriticalSection
CancelWaitableTimer
DisconnectNamedPipe
GetSystemDefaultLangID
SetCurrentDirectoryA
QueryPerformanceCounter
CreateSemaphoreA
GetSystemWindowsDirectoryW
SetThreadPriority
GetModuleHandleA
CompareStringW
IsValidLanguageGroup
EscapeCommFunction
MoveFileW
MoveFileA
CreateWaitableTimerW
GlobalAlloc
SetThreadContext
lstrcmpA
WaitForMultipleObjects
GetTickCount

Exports

Exports

?RegenerateMainValues@@YGKPBDDPAX:O

Sections

.text
Size: 22KB - Virtual size: 22KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.e_tab
Size: 512B - Virtual size: 125B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.redit
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.i_tab
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.site
Size: 512B - Virtual size: 304B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.wdata
Size: 512B - Virtual size: 192B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

7650d6e0ffc9d51a36857db056f18a75

Headers

File Characteristics

PDB Paths

Imports

msvcrt

user32

comdlg32

kernel32

Exports

Exports

Sections

.text Size: 22KB - Virtual size: 22KB

.e_tab Size: 512B - Virtual size: 125B

.redit Size: 1KB - Virtual size: 1KB

.data Size: 2KB - Virtual size: 1KB

.i_tab Size: 6KB - Virtual size: 5KB

.site Size: 512B - Virtual size: 304B

.wdata Size: 512B - Virtual size: 192B

.rsrc Size: 8KB - Virtual size: 7KB

.text
Size: 22KB - Virtual size: 22KB

.e_tab
Size: 512B - Virtual size: 125B

.redit
Size: 1KB - Virtual size: 1KB

.data
Size: 2KB - Virtual size: 1KB

.i_tab
Size: 6KB - Virtual size: 5KB

.site
Size: 512B - Virtual size: 304B

.wdata
Size: 512B - Virtual size: 192B

.rsrc
Size: 8KB - Virtual size: 7KB