4b32b2af1b8806580a09698ed3734494_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

4b32b2af1b8806580a09698ed3734494_JaffaCakes118
Size

144KB
MD5

4b32b2af1b8806580a09698ed3734494
SHA1

aa84c616855696271c979c48415f5cc6f2bde741
SHA256

ba8cbe36b3714e60c97a07a9861a3809a208228cd68f2d40372f38112865a608
SHA512

75383afd1ca415f0f9dcd198af849be4a04e32b01c80ad316fd38b2ddd2a13cd1fa86c66db7435234757ae9f2d12bffbded9dee152db93da0efde9505d14db41
SSDEEP

3072:foYxFQd12RMTrR5/zVL/j4IOnwXyt4lcUJfs93xIThaz:f7g12mD9jInEy26I4xH

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4b32b2af1b8806580a09698ed3734494_JaffaCakes118

Files

4b32b2af1b8806580a09698ed3734494_JaffaCakes118
.exe windows:5 windows x86 arch:x86

7871d36be1d9b9712fc6eb92f06dc228

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

U:\duepjuq\ffwCaffbosv\iljzzYal\VrtafxtLjO\tuuyeFvkvdc.pdb

Imports

msvcrt

_controlfp
realloc
free
strstr
__set_app_type
putc
__p__fmode
strpbrk
remove
strspn
localtime
__p__commode
time
_amsg_exit
islower
_initterm
isspace
wcstombs
isprint
mbtowc
_ismbblead
perror
_XcptFilter
qsort
fflush
_exit
vsprintf
isalpha
wcstod
wcscpy
_cexit
memset
vswprintf
atoi
clock
getc
towlower
wcsstr
toupper
isalnum
strtoul
__setusermatherr
ftell
wcscmp
floor
printf
__getmainargs
strtok

kernel32

FindResourceExA
TlsGetValue
lstrcatW
GetCommandLineA
CreateFileMappingW
LoadLibraryExW
AddAtomA
GetHandleInformation
SetLastError
CancelIo
CompareStringA
SizeofResource
HeapReAlloc
FreeResource
DefineDosDeviceW
WaitForMultipleObjects
SetCommMask
GetModuleFileNameA
lstrcpynW
SetCommBreak
GlobalCompact
SetFileAttributesW
FindFirstFileA
LocalReAlloc
CreateDirectoryA
EnumResourceLanguagesA
LocalAlloc
SearchPathA
GetProcessHeap
SetSystemTimeAdjustment
HeapFree
RaiseException
RemoveDirectoryW
SetCommState
CreateEventW
GlobalFree
HeapAlloc
ReadFile
EnumResourceTypesA
SleepEx
GetThreadTimes
OpenFileMappingA
GetLocaleInfoW
FoldStringW
SetThreadExecutionState
GetVersionExW
GetUserDefaultLCID
EnumResourceNamesA
GetCurrentThreadId
LocalFree
GlobalFlags
ReleaseSemaphore
CreateNamedPipeW
OpenEventW
FileTimeToLocalFileTime
lstrcatA
GetTempPathW
IsBadCodePtr

user32

OpenInputDesktop
DrawStateW
GetWindowModuleFileNameW
OemToCharA
ActivateKeyboardLayout
GetKeyNameTextW
GetGUIThreadInfo
SetMenu
RemovePropW
DispatchMessageA
DrawIconEx
CreateIconIndirect
SetWindowRgn
CreateWindowExA
IsZoomed
AdjustWindowRectEx
UnloadKeyboardLayout
HideCaret
DestroyCaret
ShowWindowAsync
LoadAcceleratorsW
LoadCursorA
SetClassLongW
GetSystemMetrics
GetFocus
ShowWindow
SendDlgItemMessageW
GetKeyState
SetScrollPos
GetNextDlgGroupItem
GetWindowTextLengthW
CharToOemW
LoadImageW
GetMessageW
PostQuitMessage
ShowCaret
FillRect
FindWindowExA
CharPrevA
DefWindowProcW
GetWindowPlacement
CharUpperBuffA
ModifyMenuW
IsCharAlphaNumericW
GetMenuStringW
SetParent
ChildWindowFromPoint
DispatchMessageW
SetActiveWindow
GetWindow
IsDlgButtonChecked
SetSysColors
SetMenuDefaultItem
CheckDlgButton
CopyRect
PostMessageA
UnionRect
wsprintfW
TranslateAcceleratorA
InvertRect
IsRectEmpty
TranslateAcceleratorW
DrawTextA
SystemParametersInfoW
LoadImageA
ExitWindowsEx
DefFrameProcW
SendMessageTimeoutA
OffsetRect
GetMessageTime
EnumChildWindows
MapWindowPoints
GetUpdateRgn
GetSystemMenu
FindWindowExW
GetClassNameW
HiliteMenuItem
DefFrameProcA
GetClassInfoW
GetClassLongA
ChildWindowFromPointEx
LoadStringA
DestroyAcceleratorTable
TileWindows
CopyAcceleratorTableW
GetActiveWindow
SetForegroundWindow
LoadBitmapW
UpdateWindow
GetPropW
SendMessageA
GetDoubleClickTime
GetShellWindow
CharPrevW
SetWindowPos
ArrangeIconicWindows
SetWindowTextW
TrackPopupMenuEx
GetKeyboardLayout
IntersectRect
IsWindowVisible
FindWindowA
SetMenuItemBitmaps
CheckRadioButton
SetLastErrorEx
InsertMenuA
DialogBoxIndirectParamW
AppendMenuW
LookupIconIdFromDirectory
ToUnicodeEx
ClientToScreen
CreateWindowExW
OpenIcon
GetSysColor
GetCaretBlinkTime
MessageBoxA
LoadIconA
AllowSetForegroundWindow
IsCharAlphaW
GetDlgItem
LoadCursorW
InternalGetWindowText
AppendMenuA
ShowScrollBar

comdlg32

PageSetupDlgW
FindTextW
GetSaveFileNameA
ReplaceTextW

shlwapi

StrToIntW

Exports

Exports

?GenericOutputInfoYSUh@@YGK_KHE[D

Sections

.text
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 21KB - Virtual size: 145KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 112KB - Virtual size: 111KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

7871d36be1d9b9712fc6eb92f06dc228

Headers

File Characteristics

PDB Paths

Imports

msvcrt

kernel32

user32

comdlg32

shlwapi

Exports

Exports

Sections

.text Size: 8KB - Virtual size: 8KB

.data Size: 21KB - Virtual size: 145KB

.rsrc Size: 112KB - Virtual size: 111KB

.reloc Size: 2KB - Virtual size: 1KB

.text
Size: 8KB - Virtual size: 8KB

.data
Size: 21KB - Virtual size: 145KB

.rsrc
Size: 112KB - Virtual size: 111KB

.reloc
Size: 2KB - Virtual size: 1KB