4ae32c4d3602ae0302a3d7808a9b3849_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

4ae32c4d3602ae0302a3d7808a9b3849_JaffaCakes118
Size

218KB
MD5

4ae32c4d3602ae0302a3d7808a9b3849
SHA1

df104574f7c51a779890a34a862caa416f7b679e
SHA256

67eece674251497a806f18a0635341c070e89b6005740ffea3ed5b2502256ba8
SHA512

94002155eb80a778d6f2a60cc7d9733809fa5b2ae2f00d11f1c1397965dcadfae610325715474049e70170608c046403f56541c5f666f81ea7f7430e71e050bf
SSDEEP

6144:RssAOIbaEJZVkxbUPvpbTt0SsFE7jcXc:RsCIL3kxwFt0QYc

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4ae32c4d3602ae0302a3d7808a9b3849_JaffaCakes118

Files

4ae32c4d3602ae0302a3d7808a9b3849_JaffaCakes118
.exe windows:5 windows x86 arch:x86

97cde9f6716cb85d542955cdd385a596

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

Z:\okgCmcGqYt\hhipFfKg\afoQeSnodmtvUO\ykvDsLtdFuqe.pdb

Imports

msvcrt

sscanf
putchar
strtok
wcscspn
_controlfp
islower
fprintf
fputs
iswspace
getenv
wcscmp
mktime
remove
strtol
__set_app_type
strchr
iswprint
__p__fmode
fread
__p__commode
_amsg_exit
fputc
clock
towupper
_initterm
fwrite
_acmdln
bsearch
wcstok
exit
_ismbblead
strcoll
_XcptFilter
mbstowcs
_exit
wcscpy
putc
perror
strpbrk
strncpy
wcsncmp
vswprintf
_cexit
__setusermatherr
setvbuf
free
localtime
__getmainargs

kernel32

GetVersionExA
CreateFileA
SetThreadAffinityMask
EnumResourceNamesW
GetSystemDirectoryW
SetThreadExecutionState
LoadLibraryA
MoveFileA
LockFile
lstrlenA
GetTempFileNameW
VirtualQuery
CreateMailslotW
GetCommModemStatus
SetCommState
CreateNamedPipeW
GlobalMemoryStatus
TryEnterCriticalSection
Sleep
SetThreadContext
lstrcpyA
CloseHandle
HeapFree
GetSystemWindowsDirectoryA
CreatePipe
SetCommMask
VerifyVersionInfoW
GetModuleHandleA
GetModuleFileNameW
lstrlenW
GetFileAttributesExA
HeapSize
GetProcAddress
lstrcmpiA
GlobalHandle
TerminateThread
EnumResourceNamesA
WaitForSingleObject
SetWaitableTimer
GetFileTime
FormatMessageW
GlobalAddAtomA
GetTempFileNameA
GetComputerNameExW
GetFullPathNameA
SetFileAttributesA
GetHandleInformation
VerSetConditionMask
GetBinaryTypeW
SearchPathW
FileTimeToDosDateTime
LCMapStringW
HeapUnlock
GetSystemWindowsDirectoryW
LocalAlloc
SetHandleInformation

shlwapi

StrChrIA

gdi32

Rectangle
OffsetRgn
GetTextColor
CreateDIBitmap
CreatePen
GetPixel
MoveToEx
GetDeviceCaps
SetRectRgn
GetCurrentObject
EnumFontFamiliesW
CreateHalftonePalette
GetTextExtentPointA
SetMapMode
SetDIBColorTable
GetTextExtentExPointW
CreateRectRgn
UnrealizeObject
GetRgnBox
AddFontResourceW
GetTextFaceW
CreateFontIndirectW
GetTextMetricsA
SetDIBitsToDevice
CreatePenIndirect
GetMapMode
GetTextExtentPoint32A
GetStockObject
SetWindowOrgEx
CombineRgn
SetBkColor
GetSystemPaletteEntries
SetTextColor
LineTo
CreateFontA
SetBkMode
DeleteDC
Ellipse
LPtoDP
PtVisible
GetObjectA
CreateDiscardableBitmap
StretchDIBits
BeginPath
GetTextAlign
EndPage
CreateFontW
CreateSolidBrush
PtInRegion
SetViewportExtEx
CreateCompatibleDC

user32

LoadImageA
GetMessageExtraInfo
DrawIconEx
DrawMenuBar
GetScrollInfo
SetScrollRange
OffsetRect
IsIconic
SendMessageTimeoutW
GetMenuStringA
FillRect
PostThreadMessageW
UnionRect
LockWindowUpdate
ChildWindowFromPointEx
DispatchMessageW
AdjustWindowRectEx
GetClassInfoExW
SystemParametersInfoW
ReleaseDC
ScrollWindowEx
IsZoomed
GetMessagePos
ShowWindow
EnableScrollBar
GetMenuStringW
RegisterWindowMessageW
SetParent
DrawStateA
DialogBoxParamA
EnumThreadWindows
MonitorFromRect
EnumWindows
DragObject
MapVirtualKeyExW
CharToOemA
ScrollWindow
IsDlgButtonChecked
SetWindowTextA
DestroyWindow
DeferWindowPos
SetDlgItemTextA
InvalidateRect
KillTimer
GetClipCursor
EnumChildWindows
TileWindows
CreateCursor
GetDlgItem
GetClassLongW
MapWindowPoints
TrackPopupMenu
CharUpperW
LoadMenuA
GetKeyboardLayoutList
LoadBitmapA
GetWindowTextLengthW
IsWindow
keybd_event
wsprintfA
SetPropW
SetLastErrorEx
EndDialog
GetWindowTextA
BeginDeferWindowPos
GetDlgItemTextW
SetActiveWindow
GetWindow
DrawTextW
GetMenuItemRect
GetWindowTextW
SetMenu
FindWindowExW
LoadCursorW
RedrawWindow
ReplyMessage
DrawEdge
MessageBoxA
SetDlgItemInt
GetFocus
SetUserObjectInformationW
CopyRect
RegisterHotKey
CopyImage
LoadStringW
IsWindowVisible
CreateMenu
GetClassLongA
HiliteMenuItem
DrawTextExW
LoadBitmapW
wsprintfW
LoadCursorA
SetCursor
SendNotifyMessageW
LoadIconA
UnloadKeyboardLayout
IsCharLowerA
CreateDialogIndirectParamW
ExitWindowsEx
GetWindowLongW
CopyAcceleratorTableW
CheckRadioButton
DefDlgProcW
GetMonitorInfoW
CharNextW
IsDialogMessageW
IsWindowEnabled
GetDCEx
IsWindowUnicode
WindowFromPoint
SetCursorPos
SendMessageA
PostQuitMessage
ArrangeIconicWindows
SetWindowLongW
LoadAcceleratorsW
OemToCharBuffA
SetClassLongW
ShowWindowAsync

Exports

Exports

?CancelPathA%%DFPAFPAHPAKPAIE~U
?SendSizeEx%%DFGPAIIJ~U
?FindNameW%%DFPAFHH~U
?CopyRectEx%%DFXD~U
?EnumHeaderW%%DFDE~U
?InvalidateNameW%%DFPAIPAJDPA_NK~U
?ModifyPointExA%%DFJFPAEJ~U
?LoadComponentNew%%DFXPADFPAEPAI~U
?GlobalAnchorW%%DFXH~U
?IsOptionExA%%DFPAEED_N~U
?CallObjectW%%DFMJF~U
?FreeModuleOld%%DFXNPAG~U
?CallOptionExW%%DFPADPAM~U
?LoadDateTimeOriginal%%DFHJ~U
?CloseTimeExW%%DFDGMPAJ~U
?IncrementFilePathExW%%DFFFPAK~U
?CloseDialog%%DFFIFH~U
?GlobalChar%%DFKDDI~U
?ValidateAppNameA%%DFDPAMJ~U
?CopyFullNameOld%%DFHPAFPAM~U
?AddProjectExW%%DFPAFGJ~U
?IsValidMutexExW%%DFDIMH~U
?GlobalTask%%DFFGPAIHPAJ~U
?KillValue%%DFEJ~U
?ShowCharExA%%DFPAKG~U
?IncrementNameExA%%DFJEG~U
?ExecuteLoaderTrayXBwyGD@@YGKGHE@Z
?SetFolderW%%DFPANE~U
?CopySystemA%%DFXPAE~U
?CrtSectionA%%DFJFM~U
?GenerateAnchor%%DFXPAG~U
?IncrementWidthExA%%DFXGPAM~U
?GenerateVersionNew%%DFHEH~U
?SendVersionExW%%DFJEPAF~U
?GetDateTimeNew%%DFPAFMPAHD~U

Sections

.text
Size: 21KB - Virtual size: 20KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ticx
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.zdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 3KB - Virtual size: 194KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 182KB - Virtual size: 181KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

97cde9f6716cb85d542955cdd385a596

Headers

File Characteristics

PDB Paths

Imports

msvcrt

kernel32

shlwapi

gdi32

user32

Exports

Exports

Sections

.text Size: 21KB - Virtual size: 20KB

.ticx Size: 7KB - Virtual size: 7KB

.zdata Size: 1KB - Virtual size: 1KB

.data Size: 3KB - Virtual size: 194KB

.rsrc Size: 182KB - Virtual size: 181KB

.reloc Size: 1KB - Virtual size: 1KB

.text
Size: 21KB - Virtual size: 20KB

.ticx
Size: 7KB - Virtual size: 7KB

.zdata
Size: 1KB - Virtual size: 1KB

.data
Size: 3KB - Virtual size: 194KB

.rsrc
Size: 182KB - Virtual size: 181KB

.reloc
Size: 1KB - Virtual size: 1KB