5f11dcc525fa2b73f4442322a3636a23_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

5f11dcc525fa2b73f4442322a3636a23_JaffaCakes118
Size

221KB
MD5

5f11dcc525fa2b73f4442322a3636a23
SHA1

715107fa2cb0fa93c9b1de163a34d6da63eb4ea7
SHA256

034ab7d92a06f5f985629cc5afd47fb02d80ea1187eef3e1120088755d1d83b2
SHA512

456bbe48370eee2182318abd11d5adb462275d7c5a058d347ad78ee3adf2deee6983c6460b7ace9267d77cf7de2e8c32a840b92412f20f82433173333ca98f7d
SSDEEP

3072:LC6EVY+dD4xM+B5JWldVoRN6oBPb7WZcHfs9gQve1eUOf90DAvUBKFDAYbaMfk7O:+xdMJBaldWv7IcHfs9WOyDUU8zk7O

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5f11dcc525fa2b73f4442322a3636a23_JaffaCakes118

Files

5f11dcc525fa2b73f4442322a3636a23_JaffaCakes118
.exe windows:5 windows x86 arch:x86

4f67001a015c6c333e4635a5425db82c

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

F:\ovmWQtRQrtzpe\ixkwskLbpa\QEHhekdazt\JqPpZddOAmE.pdb

Imports

gdi32

PtInRegion
CreateCompatibleBitmap
GetTextExtentPoint32W
SetLayout
EndPath
SetBitmapDimensionEx
SaveDC
SetROP2
StretchDIBits
SetWindowExtEx
GetDIBits
CreateFontA
DeleteDC
RoundRect
SetBrushOrgEx
GetTextMetricsW
CreateCompatibleDC
GetCurrentObject
LPtoDP
CreateBrushIndirect
AddFontResourceW
StartDocW
SetWindowOrgEx
SetPaletteEntries
UnrealizeObject
SelectObject
BeginPath
Rectangle
LineTo
FillRgn
GetPaletteEntries
GetBitmapBits
CreateDiscardableBitmap
SetBkColor
CreateDCW
SetDIBitsToDevice
PathToRegion
GetTextExtentPointW
GetTextFaceW
CreateBitmap
GetNearestPaletteIndex
MoveToEx
RectVisible
CreateRoundRectRgn

msvcrt

towupper
iswctype
swscanf
isalnum
wcscspn
calloc
_controlfp
__set_app_type
wcscpy
__p__fmode
__p__commode
free
puts
wcscat
fputs
_amsg_exit
vswprintf
vsprintf
isdigit
atol
iswxdigit
_initterm
_acmdln
srand
fclose
exit
malloc
_ismbblead
wcstombs
iswspace
atoi
fseek
putc
setlocale
clearerr
strcoll
isupper
_XcptFilter
remove
_exit
strncmp
_cexit
wcscmp
ungetc
__setusermatherr
__getmainargs

user32

SetForegroundWindow
DrawTextW
DispatchMessageA
DispatchMessageW
CharPrevA
InsertMenuItemW
MonitorFromPoint
LoadImageW
DefFrameProcW
GetMessageW
MapWindowPoints
UpdateWindow
GetWindowTextA
OffsetRect
CharToOemBuffA
OpenInputDesktop
HiliteMenuItem
GetCaretPos
DestroyWindow
CallWindowProcW
GetWindowLongA
MessageBoxExA
ChildWindowFromPoint
TranslateAcceleratorA
CheckMenuRadioItem
RedrawWindow
InvertRect
BeginPaint
GetClassInfoW
LockWindowUpdate
GetClassLongW
InsertMenuW
CharPrevW
RemoveMenu
GetDC
SendMessageW
GetFocus
GetActiveWindow
DestroyMenu
AdjustWindowRect
ModifyMenuW
ShowWindowAsync
LoadAcceleratorsA
SystemParametersInfoW
LookupIconIdFromDirectory
ToUnicodeEx
TranslateAcceleratorW
DrawFrameControl
GetShellWindow
ScreenToClient
MessageBoxExW
GetDlgCtrlID
DrawTextA
GetMonitorInfoW
ScrollWindow
InvalidateRect
LoadMenuW
SetMenu
SetScrollRange
wvsprintfW
SetWindowLongA
DialogBoxIndirectParamA
GetTopWindow
CheckMenuItem
LoadMenuA
GetDlgItemInt
GetDlgItemTextW
IsCharUpperA
IsZoomed
GetKeyNameTextW
EnableMenuItem
DestroyCursor
DrawIcon
AdjustWindowRectEx
GetDesktopWindow
IsRectEmpty
FindWindowExA
RegisterWindowMessageA
ArrangeIconicWindows
SendMessageTimeoutA
GetNextDlgGroupItem
FindWindowA
CharToOemW
CreateMenu
OemToCharBuffA
MoveWindow
OemToCharA
TranslateMessage
SendDlgItemMessageW
DefFrameProcA
FillRect
EndTask
DeleteMenu
DrawFocusRect
IsDialogMessageW
SetTimer
DragObject
wsprintfW
GetUserObjectInformationA
CharUpperBuffA
CreateAcceleratorTableW
GetDlgItemTextA
DialogBoxIndirectParamW
MapVirtualKeyExW
EnableWindow
GetUpdateRect
CharLowerBuffW
UnionRect

kernel32

GetExitCodeProcess
GetProcAddress
SetErrorMode
GetModuleHandleW
GetFileAttributesW
CancelWaitableTimer
RaiseException
GetAtomNameA
IsValidLocale
GetTimeFormatA
CreateRemoteThread
MoveFileExW
CreateNamedPipeA
GetTickCount
WaitForMultipleObjects
GetCurrentProcessId
OpenProcess
IsBadStringPtrW
ReadConsoleInputW
lstrlenA
FindFirstFileW
RemoveDirectoryW
EnumResourceNamesW
GetComputerNameExA
OpenFileMappingW
OpenEventA
FindNextChangeNotification
HeapCreate
GetOEMCP
LCMapStringA
GlobalFlags
ReleaseMutex
HeapReAlloc
GlobalSize
GetFileAttributesA
FileTimeToSystemTime
FindFirstFileA
CreateMailslotW
GetTempPathW
LockFile
VerifyVersionInfoW
CopyFileA
GetShortPathNameA
GetModuleHandleA
lstrcatW
CreatePipe
SetUnhandledExceptionFilter
GlobalHandle
ExitThread
lstrlenW
CreateDirectoryW
VirtualAlloc
lstrcmpW
GetSystemDirectoryW

comdlg32

ChooseFontW
CommDlgExtendedError
GetFileTitleW
ChooseColorW
ReplaceTextW

comctl32

ImageList_Draw
CreatePropertySheetPageA
ImageList_GetIconSize
ImageList_SetIconSize
ImageList_Read
ImageList_LoadImageW

Exports

Exports

?CopyExpressionOld@@YGHPAGGK&U
?AddSectionA@@YGJPAJK&U
?InsertProjectNew@@YGPA_NK&U
?InsertEventNew@@YGPADPAH&U
?InstallRectA@@YGNJJ&U
?CloseProjectOriginal@@YGFDDKE&U
?EnumRectExW@@YGDG&U
?CrtWidthOld@@YGGGGE&U
?IncrementFolder@@YGGPAKJ&U
?CloseFilePathNew@@YGDPAGMJM&U
?IsMutexExA@@YGHI&U
?HideWindowEx@@YGPADPAHPAIK&U
?GenerateMutantW@@YGIHGM&U
?RtlMediaTypeOriginal@@YGPAJPAEPADI&U
?FindAnchor@@YGPAGG&U
?RemoveArgumentExA@@YGPAFNGE&U
?SendProjectOriginal@@YGDJPAHPA_NPAK&U
?CloseDateNew@@YGXJ&U
?HideHeaderEx@@YGED&U
?OnScreenEx@@YGPAIMPAI_NPAM&U
?ModifyHeightOld@@YGPAXKDPAK&U
?IsValueOld@@YGHPAM&U
?ModifyConfigExW@@YGXPAJ&U
?GetFileEx@@YGFE&U
?ShowFunction@@YG_NI&U
?PutDialogOld@@YGH_N&U
?CrtFolderPathNew@@YGXGPAD&U
?EnumMonitorNew@@YGMKEPA_N&U
?KillWindowInfoOriginal@@YGXPAGPAHPAJPAJ&U
?InstallFileOriginal@@YGPAFHPAE&U
?InvalidateRectExW@@YGXN&U
?PutFunctionW@@YGGGGDH&U
?ModifyStateOriginal@@YGKPAHIG&U
?IsValidConfigExA@@YGHKPAGPAN&U

Sections

.text
Size: 192KB - Virtual size: 192KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tbl_i
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tbl_e
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bitdat2
Size: 512B - Virtual size: 32B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bitdat0
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bitdat1
Size: 512B - Virtual size: 44B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.vptr4
Size: 512B - Virtual size: 32B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 1024B - Virtual size: 926B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

4f67001a015c6c333e4635a5425db82c

Headers

File Characteristics

PDB Paths

Imports

gdi32

msvcrt

user32

kernel32

comdlg32

comctl32

Exports

Exports

Sections

.text Size: 192KB - Virtual size: 192KB

.tbl_i Size: 1KB - Virtual size: 1KB

.tbl_e Size: 1KB - Virtual size: 1KB

.bitdat2 Size: 512B - Virtual size: 32B

.bitdat0 Size: 5KB - Virtual size: 5KB

.bitdat1 Size: 512B - Virtual size: 44B

.vptr4 Size: 512B - Virtual size: 32B

.data Size: 13KB - Virtual size: 13KB

.rdata Size: 1024B - Virtual size: 926B

.rsrc Size: 512B - Virtual size: 16B

.reloc Size: 2KB - Virtual size: 2KB

.text
Size: 192KB - Virtual size: 192KB

.tbl_i
Size: 1KB - Virtual size: 1KB

.tbl_e
Size: 1KB - Virtual size: 1KB

.bitdat2
Size: 512B - Virtual size: 32B

.bitdat0
Size: 5KB - Virtual size: 5KB

.bitdat1
Size: 512B - Virtual size: 44B

.vptr4
Size: 512B - Virtual size: 32B

.data
Size: 13KB - Virtual size: 13KB

.rdata
Size: 1024B - Virtual size: 926B

.rsrc
Size: 512B - Virtual size: 16B

.reloc
Size: 2KB - Virtual size: 2KB