49d6abbb3620f364ac632e12ff2d91d5_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

49d6abbb3620f364ac632e12ff2d91d5_JaffaCakes118
Size

152KB
MD5

49d6abbb3620f364ac632e12ff2d91d5
SHA1

a1c254aa60cfaacc7ca027a5f014cbb6e4272811
SHA256

98b14dda0a67269ad3737b7b81315bbe77425f10d0c0b181853d43ea35905cad
SHA512

37451926d2478c02b466e54cedf1dabd179242478b8374fbcf6c958e998cf1192209751db148dc16b4e3a4f24cccc437eb9e8b85b343d7a0748334892a2055e9
SSDEEP

3072:amKyjyFA5Wr92wYXr8aItWo21FLnBKDx03FrUQ8iznXUpNe:Jl5WrwwYXr8aIIo2mx0xt8izg

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
49d6abbb3620f364ac632e12ff2d91d5_JaffaCakes118

Files

49d6abbb3620f364ac632e12ff2d91d5_JaffaCakes118
.exe windows:5 windows x86 arch:x86

a961bb6a4de90bcd888c2adcdbeb5fa4

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

H:\DliHFvt\dcgjhEWciezZ\lHQlGeDJ\KvloFvH.pdb

Imports

comctl32

ImageList_Create
CreatePropertySheetPageA
ImageList_GetImageCount
CreateToolbarEx
ImageList_Draw
PropertySheetA

user32

SendDlgItemMessageA
GetDlgItemInt
CheckRadioButton
GetMessageA
CharPrevA
TrackPopupMenuEx
GetWindowPlacement
UnionRect
OpenIcon
CharLowerW
InflateRect
LoadImageA
GetDlgItemTextA
MessageBoxExW
EnumChildWindows
ScreenToClient
GetUpdateRgn
GetGUIThreadInfo
CascadeWindows
WindowFromPoint
GetMonitorInfoW
LookupIconIdFromDirectory
SetWindowRgn
PostQuitMessage
PostMessageW
GetSubMenu
GetKeyNameTextW
GetIconInfo
IsCharAlphaA
CallWindowProcA
ShowWindow
MapWindowPoints
IsWindowVisible
EndPaint
ValidateRect
TileWindows
GetClassLongA
GetMenu
GetMenuItemID
DrawIcon
ShowScrollBar
SendInput
MessageBoxExA
MonitorFromPoint
GetDC
GetDCEx
EnableMenuItem
MapVirtualKeyExW
GetWindowTextLengthW
InSendMessage
CheckMenuRadioItem
MonitorFromRect
SetPropW
MessageBoxW
DestroyCursor
IsChild
AllowSetForegroundWindow
SetWindowTextA
VkKeyScanW
GetDoubleClickTime
FindWindowExW
DragObject
CharUpperW
SetScrollPos
CharNextA
FindWindowW
SetFocus
DrawTextA
IsCharLowerA
IsWindowEnabled
SetUserObjectInformationW
DeleteMenu
ReplyMessage
CreateMenu
ShowCursor
GetDlgItemTextW
TabbedTextOutW
GetMessageTime
ToUnicodeEx
LoadBitmapW
SetDlgItemTextW
InvalidateRgn
SetCursorPos
OemToCharA
DefFrameProcW
GetClassLongW
CreateCaret
SetTimer
DrawStateW
CreateWindowExA
GetActiveWindow
SystemParametersInfoW
GetScrollPos
AttachThreadInput
GetPropW
IntersectRect
GetMenuItemCount
GetUserObjectInformationA
LoadBitmapA
PeekMessageA
DrawMenuBar
DrawFocusRect
CreatePopupMenu
GetWindowLongA
PostThreadMessageA
GetScrollRange
ChildWindowFromPoint
CharUpperBuffA
CloseDesktop
GetUserObjectInformationW
FillRect
InsertMenuA
DestroyMenu
SetWindowLongW
GetParent
DialogBoxParamW
CharToOemBuffA
InsertMenuItemW
SetForegroundWindow
TranslateAcceleratorW

kernel32

SetupComm
GetLastError
GetCommConfig
GetProcAddress
GetWindowsDirectoryW
SetHandleCount
SetUnhandledExceptionFilter
GetCommModemStatus
SetLocalTime
SetSystemTimeAdjustment
GlobalFree
ReleaseMutex
ResetEvent
HeapFree
FindResourceA
GetCommandLineW
FoldStringW
HeapWalk
TerminateThread
CancelWaitableTimer
DuplicateHandle
GetProcessHeap
GetCurrentThread
GetCommandLineA
GetSystemTimeAdjustment
AddAtomW
FlushFileBuffers
SystemTimeToFileTime
LoadLibraryExA
SetHandleInformation
SetFilePointer
HeapUnlock
CreateFileMappingA
GetSystemDefaultUILanguage
IsDBCSLeadByteEx
GetCommState
SearchPathW
ReleaseSemaphore
lstrcmpiA
SetThreadPriority
SetCommMask
CallNamedPipeW
MoveFileExW
GetACP
GetLocaleInfoA
GetUserDefaultLangID
GetThreadTimes
CreateSemaphoreA
MoveFileW
HeapAlloc
GetModuleHandleA
SetErrorMode
LocalAlloc
FormatMessageA
CompareFileTime
DeleteFileW
GetFileInformationByHandle

msvcrt

_controlfp
setvbuf
wcstok
wcscmp
clock
wcscat
strrchr
wcsncmp
__set_app_type
strstr
fread
isupper
__p__fmode
islower
strspn
vsprintf
perror
time
__p__commode
_amsg_exit
_initterm
isxdigit
_ismbblead
putchar
wcstod
_XcptFilter
vswprintf
_exit
fputc
system
wcscoll
_cexit
iswprint
strcpy
strtoul
wcstombs
towupper
strncpy
fprintf
__setusermatherr
printf
__getmainargs
towlower
wcsrchr
fclose
isprint
iswspace

Exports

Exports

?DialogReactivateIns@@YGK_KHE[D

Sections

.text
Size: 57KB - Virtual size: 56KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 15KB - Virtual size: 91KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 78KB - Virtual size: 77KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a961bb6a4de90bcd888c2adcdbeb5fa4

Headers

File Characteristics

PDB Paths

Imports

comctl32

user32

kernel32

msvcrt

Exports

Exports

Sections

.text Size: 57KB - Virtual size: 56KB

.data Size: 15KB - Virtual size: 91KB

.rsrc Size: 78KB - Virtual size: 77KB

.reloc Size: 1KB - Virtual size: 1KB

.text
Size: 57KB - Virtual size: 56KB

.data
Size: 15KB - Virtual size: 91KB

.rsrc
Size: 78KB - Virtual size: 77KB

.reloc
Size: 1KB - Virtual size: 1KB