5b92a2e4dcbee4aa954a0ba82789f5aa_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

5b92a2e4dcbee4aa954a0ba82789f5aa_JaffaCakes118
Size

164KB
MD5

5b92a2e4dcbee4aa954a0ba82789f5aa
SHA1

57dcc6cca8a6f2f3372e16da97e773b4a28bb9a2
SHA256

ffcac43905e18f0f3af32a797931646046edbf5a5cbf1606c060359a2b32ce2e
SHA512

eb85fecf59e4499ff41adefb8ff623b56bb302aaaed1a47e9d5508b243803168eba63bb80a9a4396c61712d9f7079a6f8636472fdd6a25f05acef22044898a73
SSDEEP

3072:eGffutzaSEMVBdQVPV77JQTfRnpyleRUPglF5XooC8MGfOmZw7:enVBOTwaPgj54oC8tOm

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5b92a2e4dcbee4aa954a0ba82789f5aa_JaffaCakes118

Files

5b92a2e4dcbee4aa954a0ba82789f5aa_JaffaCakes118
.exe windows:5 windows x86 arch:x86

1d07e0280461fdfac6fb95dcb7d31e13

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

X:\KzvgfpSej\GuEhyrwly\DqhvozPAGrwuhv\weivejcvBaL\ZIoistcnctVoaf.pdb

Imports

comdlg32

PrintDlgExW
GetOpenFileNameW
GetSaveFileNameA

msvcrt

_controlfp
__set_app_type
__p__fmode
ftell
__p__commode
_amsg_exit
_initterm
strspn
wcsncpy
fputs
_acmdln
exit
_ismbblead
_XcptFilter
isalpha
_exit
_cexit
__setusermatherr
iswalpha
iswctype
fflush
wcscmp
__getmainargs
strcpy
wcscspn
fread

shlwapi

PathRemoveBlanksW
StrToInt64ExW

kernel32

DeleteFileW
GetShortPathNameW
TlsSetValue
InitializeCriticalSection
GetComputerNameW
LoadLibraryA
GetThreadTimes
SetErrorMode
ReleaseSemaphore
ReleaseMutex
IsDBCSLeadByteEx
HeapSize
QueryPerformanceCounter
GetShortPathNameA
GetTickCount
GetTempFileNameA
LoadLibraryW
HeapFree
DisconnectNamedPipe
GetFileInformationByHandle
SetCommBreak
ExitProcess

gdi32

GetDIBColorTable
CreatePen
GetTextColor
GetStockObject
SetTextAlign
RoundRect
GetViewportOrgEx
PatBlt
MoveToEx
SetBrushOrgEx
CreatePalette
GetTextExtentPoint32W
GetTextExtentPointA
DPtoLP
CreateDCW
Rectangle
SetBitmapBits
Polyline

user32

DestroyIcon
EqualRect
MessageBoxExA
CreateIconIndirect
GetScrollPos
GetWindowLongW
IsMenu
DefFrameProcA
OpenIcon
RegisterWindowMessageA
IsWindowUnicode
WaitMessage
InflateRect
MonitorFromPoint
GetMenuItemInfoW
CheckMenuRadioItem
GetMenuState
SendMessageTimeoutW
GetDialogBaseUnits
PostMessageA
TranslateAcceleratorA
OpenDesktopW
GetMenuStringA
GetKeyboardLayout
GetDlgItemTextA
GetMenuItemID
AdjustWindowRectEx
mouse_event
RedrawWindow
GetWindowTextLengthW
HiliteMenuItem
GetDCEx
CreateDialogParamW
InSendMessage
DrawIconEx
IsChild
TabbedTextOutW
SetPropW
IsDialogMessageA
DrawFocusRect
SetRect
GetFocus
keybd_event
DispatchMessageA

Exports

Exports

?RemoveStringA@@YGPAEEH&U
?FreeDateTimeOriginal@@YGXFFPA_NPAJ&U
?SetDateTimeOriginal@@YGXEI&U
?ShowTimerNew@@YGPAXPAGPAE&U
?ModifyPathA@@YGPAKJJ&U
?InstallCommandLine@@YGDMG&U
?GetMediaTypeW@@YGPAEPAKPAIDH&U
?AddWidthOriginal@@YGEF&U
?FreeClassW@@YGDK&U
?DecrementSectionNew@@YGHDPADPAMPAJ&U
?ValidateProcessOld@@YGPAJKF&U
?GenerateProvider@@YGPADPAHHPADI&U
?GlobalMediaTypeEx@@YGPAXPAFPAH&U
?InvalidateAppNameNew@@YGIDPAHPAD&U
?CloseMessage@@YGXPAF&U
?InvalidateMessageW@@YGDJH&U
?InstallSizeOld@@YGPADKI&U
?IsValidArgumentA@@YGPAXEH&U
?DecrementModule@@YGHEPAH&U
?KeyboardExA@@YGPAG_NH&U
?CrtMonitorExA@@YGNPAFEFH&U
?DecrementDataW@@YG_NHGFPAJ&U
?OnRectExW@@YGFMD&U
?EnumDialogExW@@YGHNNPAKPAF&U
?ValidateOptionOriginal@@YGDG&U
?InvalidateListItemOriginal@@YGHDPAJPAM&U
?AddSizeA@@YGPAKHDD&U
?ModifyProcessExA@@YGPAEGPA_N&U
?CancelPenNew@@YGEFPAEDPAM&U
?ModifyMessageW@@YGPAHPAEFKM&U
?PutRect@@YGPAJJ&U
?CloseSemaphoreOld@@YGPAIJJMN&U
?FindMediaTypeNew@@YGPAXKNPAIM&U
?AddEggLogicDiuyhJD@@YGKPA_WKH@Z
?IsAnchorExW@@YGGPAM&U
?IsValidList@@YGJGPAGPAFPAK&U
?ObjectExW@@YGHN&U
?OnWindowNew@@YGIPAK&U
?ModifyScreenW@@YGJPAKPADPAJJ&U
?PutFileOriginal@@YGPAFJ&U
?HideModuleOriginal@@YGPAKEIJF&U
?GetDate@@YGPAJPAJPAH&U
?GenerateFunction@@YGEKF_N&U
?SetDateNew@@YGMNPAFEPAK&U
?RemoveNameExW@@YGFPADIPAGN&U
?CallMutexOld@@YGPAXPAEGK&U
?GenerateWindowInfoA@@YGXD&U
?InstallState@@YGMEJPAHJ&U
?LoadListOriginal@@YGDFPADPAGPAE&U
?KillArgumentOld@@YGKF&U
?GetEventExW@@YGPAJEPAHH&U
?SendClassA@@YGJDMG&U
?LoadComponentExA@@YGPAKPAGPAF&U
?HideListW@@YGXDIHF&U
?IsValidMutantW@@YGPADGF&U
?EnumValueOriginal@@YGEPAGPAKME&U
?IncrementListItemExA@@YGPADKEM&U
?ValidateList@@YGFFHKN&U
?InstallFunctionNew@@YGFHPADH&U
?ModifyFilePathEx@@YGPAJDHF&U
?DeleteSemaphoreEx@@YGPA_NFNJD&U
?CrtStringA@@YGXPAMPADPAN&U
?IsValidSemaphoreEx@@YGFDMG&U
?IsValidTimeW@@YGPAHKJ&U
?FormatHeightW@@YGKJGPAFPA_N&U
?CloseNameA@@YGPA_NFGGN&U
?EnumDateExW@@YGPANPAMPAM&U
?GenerateDirectoryOriginal@@YGIEPAH_NPAG&U
?IsFullNameExA@@YGGPAFJ&U
?GeneratePointerNew@@YGXFPAJPAD&U
?DeletePointerW@@YGINPAFPAEN&U
?SetMutexOld@@YGMEIN&U
?SetKeyboardEx@@YGEPANPAG_N_N&U
?HeightExW@@YGPADMPAKH&U
?InstallMessageExW@@YGNPAHKFE&U
?InsertTimerEx@@YGXJ&U
?FreeFullName@@YGMEJFH&U
?KillCommandLineEx@@YGKF&U
?ValidateProviderOriginal@@YGGDIKE&U
?FormatProviderExW@@YGK_NPAKDPAJ&U
?LoadAnchorNew@@YGJM&U
?FindCommandLineExW@@YGKPAIJPAD&U
?CloseDateOriginal@@YGKMKFE&U
?RemoveHeaderEx@@YGFPAJPAN&U
?AddFunction@@YGPAKHI&U
?CancelProviderExA@@YGPAEPAHHHH&U
?KillProjectEx@@YGXIG_NPAE&U
?GlobalKeyNameExA@@YGXM&U
?InstallValueEx@@YG_NE&U
?RtlMutexEx@@YGDI&U
?GenerateOptionExA@@YGPAIJPAJ&U
?GlobalAnchorOld@@YGPA_NPAFPAJKE&U
?GlobalWindowInfoNew@@YGXM&U
?GetClass@@YGHPAJKN&U
?SetProviderEx@@YGGGJ&U
?DecrementWindowInfoOld@@YGXPAN&U
?FreeSection@@YGXDMPADJ&U
?GlobalDateTimeExA@@YGXN&U
?CopySystemOld@@YGPAEPAEM&U
?RtlPenNew@@YGNNHG&U
?SendFolderPathEx@@YGPAXPAHKMH&U
?LoadProviderA@@YGPAFN&U
?CloseMutantOriginal@@YGMHJPAIE&U
?CancelDialogW@@YGXGKD&U
?ValidateAnchorExA@@YGDPAF&U
?DecrementMessageExW@@YGXFPAHDF&U
?CopyMediaType@@YGPAXPAK&U
?DecrementClassEx@@YGKJH&U
?GenerateObjectEx@@YGIGKPA_NN&U
?GetObjectExW@@YGXPA_NJPADM&U
?RtlFolder@@YGJHKI&U
?InsertOptionOld@@YGIPANPAGPAKE&U
?CloseDataA@@YGHPAFPAIPAKPAM&U
?DecrementEventOriginal@@YGFF&U
?IncrementProfileW@@YGJDDIF&U
?IsComponentOld@@YGE_N&U
?FindModuleOld@@YGHPA_N&U
?LoadAppNameExA@@YGXPAKIPAKM&U
?IsNotArgumentExA@@YGPA_NPAJKHJ&U
?RemoveNameW@@YGPAKPA_NH&U
?IsMediaTypeW@@YGFPAIJEG&U
?GlobalDateNew@@YGPAHPAKNI&U
?HideOption@@YGPAXNJPAGPAI&U
?GlobalAnchorOriginal@@YGPAJGPAMPAG&U
?IsValidKeyboardOriginal@@YGEKDJ&U
?InvalidatePointerNew@@YGXPAM_N&U
?InvalidateScreenExA@@YGKI&U
?DeleteCharOriginal@@YGPAGDM&U
?RemoveFunctionW@@YGGGJK&U
?RtlWindowInfoOld@@YGPADEM_NF&U
?AddMemoryOriginal@@YGPANHPAG&U
?GetFileW@@YGPA_NPADPAJPA_NJ&U
?ValidateStringA@@YGPAEGDPAH&U
?RemoveSystemExW@@YGIPAEK&U
?EnumPathOld@@YGXHDGE&U
?ModifyListItemEx@@YGXEEPAFPAK&U
?RtlObject@@YGPAXGGPAFK&U
?CrtDateNew@@YGPAKFK&U
?CancelFullNameOld@@YGMPAJ&U
?OnMemoryOld@@YGPANPAIKFH&U
?GeneratePathNew@@YGFGPAJPAK&U
?KillNameExW@@YGJHPAJ_N&U
?ShowMediaType@@YGKFPADII&U

Sections

.text
Size: 22KB - Virtual size: 21KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.simp
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.dbug
Size: 512B - Virtual size: 28B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.stit
Size: 1024B - Virtual size: 516B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.set
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.sdbg
Size: 512B - Virtual size: 93B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.dvar
Size: 512B - Virtual size: 44B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.dpt
Size: 512B - Virtual size: 449B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.wdata
Size: 1024B - Virtual size: 716B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.raw
Size: - Virtual size: 121KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 126KB - Virtual size: 125KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

1d07e0280461fdfac6fb95dcb7d31e13

Headers

File Characteristics

PDB Paths

Imports

comdlg32

msvcrt

shlwapi

kernel32

gdi32

user32

Exports

Exports

Sections

.text Size: 22KB - Virtual size: 21KB

.simp Size: 2KB - Virtual size: 2KB

.dbug Size: 512B - Virtual size: 28B

.stit Size: 1024B - Virtual size: 516B

.set Size: 6KB - Virtual size: 5KB

.sdbg Size: 512B - Virtual size: 93B

.dvar Size: 512B - Virtual size: 44B

.dpt Size: 512B - Virtual size: 449B

.wdata Size: 1024B - Virtual size: 716B

.data Size: 1KB - Virtual size: 1KB

.raw Size: - Virtual size: 121KB

.rsrc Size: 126KB - Virtual size: 125KB

.reloc Size: 1KB - Virtual size: 1KB

.text
Size: 22KB - Virtual size: 21KB

.simp
Size: 2KB - Virtual size: 2KB

.dbug
Size: 512B - Virtual size: 28B

.stit
Size: 1024B - Virtual size: 516B

.set
Size: 6KB - Virtual size: 5KB

.sdbg
Size: 512B - Virtual size: 93B

.dvar
Size: 512B - Virtual size: 44B

.dpt
Size: 512B - Virtual size: 449B

.wdata
Size: 1024B - Virtual size: 716B

.data
Size: 1KB - Virtual size: 1KB

.raw
Size: - Virtual size: 121KB

.rsrc
Size: 126KB - Virtual size: 125KB

.reloc
Size: 1KB - Virtual size: 1KB