48d894f466780fb8f9c38f34ad431083_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

48d894f466780fb8f9c38f34ad431083_JaffaCakes118
Size

747KB
MD5

48d894f466780fb8f9c38f34ad431083
SHA1

70fa4172db8a4f4652a87b806aca26885d77f380
SHA256

0c5916e5036c00dc63d7fa7cd5fc013323c75765aae1d718c2c4c83878d6fb95
SHA512

4303bfec2eb3fa7fa4d7c6b9f3b6f89aa4ba745b71f2b19eb42aff5be23cc02beddf5ddd58a895817b58c8ff8c4ca3eac905adee3be9e3359765734468945dee
SSDEEP

12288:C5BTSj9YZQ+ce+ia1XCc6wiSo9ED0zm0xi+np8hZxW5QM6wGEdxlJbX:+OZYG+z/Fbwirq0xi+p80D/bX

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
48d894f466780fb8f9c38f34ad431083_JaffaCakes118

Files

48d894f466780fb8f9c38f34ad431083_JaffaCakes118
.dll windows:5 windows x86 arch:x86

c116cf6e050cfa2cc29e6ce1def3c3b5

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

Q:\nmaspey\figCJlsDQ\lzfrdgiZzk\OmxvaUqmmkq.pdb

Imports

user32

SetDlgItemInt
GetKeyboardLayout
ClientToScreen
GetKeyNameTextW
EndPaint
AttachThreadInput
BeginPaint
GetParent
wsprintfA
GetClassLongW
DrawTextA
wvsprintfA
SetTimer
CharNextW
EnumThreadWindows
ShowWindowAsync
OemToCharA
FillRect
keybd_event
InvalidateRect
ShowScrollBar
LookupIconIdFromDirectory
GetScrollInfo
ArrangeIconicWindows
KillTimer
GetNextDlgGroupItem
GetCursorPos
wvsprintfW
MessageBoxA
AdjustWindowRectEx
TileWindows
AllowSetForegroundWindow
GetWindowTextW
AppendMenuW
ShowWindow
DrawStateA
BringWindowToTop
RegisterWindowMessageA
SystemParametersInfoA
UnloadKeyboardLayout
OemToCharBuffA
GetMessageTime
DrawIconEx
SetFocus
PostThreadMessageA
DestroyAcceleratorTable
CreateDialogParamA
SetWindowPlacement
GetUpdateRect
RegisterClassA
DefDlgProcA
DestroyIcon
CascadeWindows
DrawStateW
SetMenuDefaultItem
GetMenuItemID
GetScrollRange
OpenDesktopW
GetMenuStringA
EnumChildWindows
DrawFrameControl
GetUserObjectInformationW
GetWindowLongW
LoadCursorA
ChildWindowFromPoint
RegisterHotKey
GetClassNameW
GetPropW
FindWindowExW
SetScrollRange
LoadStringW
InternalGetWindowText
CharUpperBuffA
LoadAcceleratorsA
SetRect
SendMessageTimeoutA
GetSubMenu
LoadCursorW
IsRectEmpty
ChangeMenuW
GetSysColorBrush
ScrollWindowEx
MapWindowPoints
GetWindowLongA
IsCharLowerA
GetDCEx
LoadMenuW
MoveWindow
IsWindowEnabled
DrawIcon
ShowOwnedPopups
LockWindowUpdate
GetLastActivePopup
GetCaretBlinkTime
DispatchMessageA
SetClassLongW
CreateDialogIndirectParamW
SetPropW
CopyAcceleratorTableW
IsDialogMessageA
GetKeyboardLayoutList
RemovePropW
SetDlgItemTextA
MapVirtualKeyA
ScrollWindow
CallWindowProcA
GetMonitorInfoW
GetUpdateRgn
RedrawWindow
FindWindowA
CreateWindowExA
TranslateMessage
FindWindowW
CopyRect
IsWindowVisible
CharToOemBuffA
GetDlgItemTextW
CreateAcceleratorTableW
GetMenuItemInfoW
GetAltTabInfoA
CheckMenuRadioItem
GetUserObjectInformationA
CreateIconIndirect
DialogBoxParamW

shlwapi

StrToIntA

msvcrt

_controlfp
isxdigit
__set_app_type
wcscmp
isalnum
__p__fmode
gets
localtime
fgetc
realloc
__p__commode
strerror
wcsstr
_amsg_exit
clearerr
isupper
time
strpbrk
strtok
ungetc
_initterm
fputs
wcsrchr
ftell
bsearch
iswalpha
_ismbblead
calloc
strspn
memset
wcstod
srand
_XcptFilter
fclose
strchr
iswspace
rand
towlower
puts
system
floor
_exit
_cexit
iswctype
wcscat
putc
__setusermatherr
__getmainargs

kernel32

FindClose
LocalSize
SetLastError
SetThreadLocale
HeapReAlloc
GetFullPathNameA
CreateEventA
VirtualQuery
HeapAlloc
SetPriorityClass
DuplicateHandle
FindResourceA
GlobalCompact
AddAtomA
SetSystemTimeAdjustment
GetNumberFormatA
GetCompressedFileSizeW
FoldStringW
PulseEvent
CreateFileMappingA
CreateFileA
HeapFree
CreateEventW
GetProcAddress
RemoveDirectoryA
IsDBCSLeadByteEx
FormatMessageA
LoadResource
GlobalFindAtomW
GetProcessHeap
GetSystemTimeAdjustment
OpenSemaphoreW
ClearCommError
FlushFileBuffers
DeleteFileW
GetComputerNameA
GetFileInformationByHandle
GetLocalTime
HeapWalk
RaiseException
SetUnhandledExceptionFilter
GetTempPathW
GetModuleFileNameA
TryEnterCriticalSection
lstrcpynW
lstrcpyA
GetSystemDirectoryW
ReleaseMutex
SetWaitableTimer
SetEvent
LocalLock
GetStartupInfoA
GetCommTimeouts
AddAtomW
FindFirstFileA
GetCommState
lstrlenW
IsBadReadPtr
GetTempPathA

Exports

Exports

showtit[D
?GenericOutputInfoYSUh@@YGK_KHE[D

Sections

.text
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 20KB - Virtual size: 1.3MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 715KB - Virtual size: 715KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

c116cf6e050cfa2cc29e6ce1def3c3b5

Headers

File Characteristics

PDB Paths

Imports

user32

shlwapi

msvcrt

kernel32

Exports

Exports

Sections

.text Size: 8KB - Virtual size: 8KB

.data Size: 20KB - Virtual size: 1.3MB

.rsrc Size: 715KB - Virtual size: 715KB

.reloc Size: 1KB - Virtual size: 1KB

.text
Size: 8KB - Virtual size: 8KB

.data
Size: 20KB - Virtual size: 1.3MB

.rsrc
Size: 715KB - Virtual size: 715KB

.reloc
Size: 1KB - Virtual size: 1KB