4cec5bf6a14cf8ee4f0b8cc8eca867ca_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

4cec5bf6a14cf8ee4f0b8cc8eca867ca_JaffaCakes118
Size

136KB
MD5

4cec5bf6a14cf8ee4f0b8cc8eca867ca
SHA1

cbf5cb9aa1ddf1b068fddb7887dc8afbd2dd1951
SHA256

72910edffca0c858823882efd9d9928da8893ea135c3fecd0a0e5feced50d6a9
SHA512

56500a89503dfd9579f7fdbd30457bf221270a4b2e8022c8f71aa44086921e2e85950c6004094e29dab3c55131651abd45ee8756589fa07a36d525eb901bd0d8
SSDEEP

3072:bjk+qa3zQYitHFTkSq5WkLFGU6/GK44wvePsZSp/H0MYhF/CRU8S:bHDyrASqAHU6/GK44wvePsZsUX+E

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4cec5bf6a14cf8ee4f0b8cc8eca867ca_JaffaCakes118

Files

4cec5bf6a14cf8ee4f0b8cc8eca867ca_JaffaCakes118
.exe windows:5 windows x86 arch:x86

eaf22efb69dab941a22e1fcdcd030eb3

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

I:\ixOwomgAIeylz\kuPhlMGyl\qDRVuZj\lqBuZgfpj\tceoVhlq.pdb

Imports

msvcrt

_controlfp
wcstod
iswspace
getc
wcsrchr
mbtowc
bsearch
ftell
__set_app_type
__p__fmode
iswalpha
fflush
wcslen
towupper
__p__commode
toupper
strcpy
fputc
putc
_amsg_exit
free
strstr
remove
_initterm
rand
calloc
localtime
wcspbrk
fprintf
iswdigit
puts
_ismbblead
_XcptFilter
_exit
wcstok
isprint
fputs
sscanf
iswprint
exit
_cexit
__setusermatherr
wcsncpy
__getmainargs
fread
fgets
strtoul

kernel32

GlobalMemoryStatusEx
GetCurrentThread
CreateMailslotW
GetCommandLineA
GetTickCount
GetComputerNameA
lstrcmpW
FindResourceA
RemoveDirectoryA
Sleep
GetDateFormatA
SetErrorMode
SetUnhandledExceptionFilter
IsBadReadPtr
lstrcatW
GetVersionExA
AddAtomA
GlobalMemoryStatus
FlushViewOfFile
CancelWaitableTimer
ResumeThread
GetSystemDirectoryA
GetModuleHandleA
GetModuleFileNameA
GetFileAttributesExW
FileTimeToDosDateTime
GetOEMCP
CompareStringW
CreateRemoteThread
GlobalSize
MulDiv
GlobalFlags
EnumSystemLocalesA
CreateSemaphoreA
LocalUnlock
SuspendThread
GetCommProperties
HeapSize
GetFileSize
IsValidLanguageGroup
LockResource
GetLocaleInfoA
GlobalUnlock
GetThreadLocale
HeapUnlock
SleepEx
WinExec
GetWindowsDirectoryA
SetFileTime
GetVersion
GetACP
GetStartupInfoA
SetLastError
EnumResourceNamesA
VerSetConditionMask
LCMapStringW
WaitForSingleObject

user32

PostMessageA
AllowSetForegroundWindow
SetRectEmpty
ExitWindowsEx
GetKeyState
GetShellWindow
SendDlgItemMessageA
DefWindowProcW
DestroyWindow
CreateWindowExA
GetMenuStringW
FindWindowW
GetScrollRange
GetDialogBaseUnits
GetCursorPos
GetMenuCheckMarkDimensions
CharLowerW
VkKeyScanW
LoadMenuW
GetWindowLongA
WindowFromPoint
InternalGetWindowText
SendMessageA
KillTimer
GetAsyncKeyState
SetDlgItemInt
GetWindowLongW
SetMenuItemBitmaps
EnumThreadWindows
SetWindowPlacement
SetWindowRgn
EnableMenuItem
IsCharUpperA
GetCaretPos
GetSystemMenu
SetPropW
CharToOemA
wvsprintfA
AdjustWindowRectEx
GetMenuItemID
SetDlgItemTextA
SetMenuItemInfoW
SetWindowLongA
ReplyMessage
HideCaret
ShowScrollBar
TranslateMessage
GetWindowTextA
GetUpdateRect
SystemParametersInfoW
CreateMenu
GetParent
LoadImageW
SetCursorPos
GetWindowRect
GetWindowTextW
DestroyCaret
GetUserObjectInformationW
CheckMenuRadioItem
ShowOwnedPopups
SetFocus
GetKeyboardLayoutNameW
GetScrollInfo
GetDlgItem
LoadImageA
GetNextDlgTabItem
FindWindowExW
ChangeMenuW
IsCharLowerA
GetMenu
GetForegroundWindow
DefDlgProcW
RegisterClassA
SetWindowPos
InvalidateRect
CheckMenuItem
RegisterClassW
IsMenu
DispatchMessageW
DrawFocusRect
EnumChildWindows
GetMessagePos
AdjustWindowRect
InsertMenuW
WaitForInputIdle
TabbedTextOutW
AppendMenuW
IsCharAlphaA
ToUnicodeEx
TrackPopupMenu
DefFrameProcA
CloseDesktop
DialogBoxIndirectParamA
GetDCEx
SendDlgItemMessageW
TileWindows
GetMenuItemCount
PostQuitMessage
GetMessageExtraInfo
MapVirtualKeyW
CreateCaret
EnableScrollBar
GetWindowPlacement
RemovePropW
CreateCursor
CheckRadioButton
DeferWindowPos
DrawMenuBar
GetFocus
MapVirtualKeyA
CharUpperA
SendMessageW
CascadeWindows
GetSysColor
wsprintfW
ChildWindowFromPointEx
ReleaseDC
DrawTextW
SwitchToThisWindow
CharNextW
EqualRect
DrawStateW

shlwapi

UrlGetPartA

Exports

Exports

?RedirectOutputMsg@@YGKPBDDKPAX:O

Sections

.text
Size: 22KB - Virtual size: 21KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.cexp
Size: 512B - Virtual size: 95B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.regs
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.citab
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 2KB - Virtual size: 56KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.$dbug
Size: 512B - Virtual size: 110B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.lime
Size: 512B - Virtual size: 362B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tdat
Size: 512B - Virtual size: 192B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 101KB - Virtual size: 101KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

eaf22efb69dab941a22e1fcdcd030eb3

Headers

File Characteristics

PDB Paths

Imports

msvcrt

kernel32

user32

shlwapi

Exports

Exports

Sections

.text Size: 22KB - Virtual size: 21KB

.cexp Size: 512B - Virtual size: 95B

.regs Size: 1KB - Virtual size: 1KB

.citab Size: 6KB - Virtual size: 5KB

.data Size: 2KB - Virtual size: 56KB

.$dbug Size: 512B - Virtual size: 110B

.lime Size: 512B - Virtual size: 362B

.tdat Size: 512B - Virtual size: 192B

.rsrc Size: 101KB - Virtual size: 101KB

.text
Size: 22KB - Virtual size: 21KB

.cexp
Size: 512B - Virtual size: 95B

.regs
Size: 1KB - Virtual size: 1KB

.citab
Size: 6KB - Virtual size: 5KB

.data
Size: 2KB - Virtual size: 56KB

.$dbug
Size: 512B - Virtual size: 110B

.lime
Size: 512B - Virtual size: 362B

.tdat
Size: 512B - Virtual size: 192B

.rsrc
Size: 101KB - Virtual size: 101KB