617e209d9c9fffcb06c98395e5924f09_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

617e209d9c9fffcb06c98395e5924f09_JaffaCakes118
Size

199KB
MD5

617e209d9c9fffcb06c98395e5924f09
SHA1

b76b4b092eafb4c4ea557ff55660a28c45e69f6c
SHA256

0f81c7d662e17046e9eb90f3af878e37a83a38aba19114cf36ffde8754682390
SHA512

296d96347efea2f6dd7fb7e499ca1aa2d9c5c44e657dd838660d75b1c5f3617cc1bb33b1dca1b11db804ed8e8ad456a8b30be39f32e45951af07d18bd7219eb1
SSDEEP

6144:GJ4o2EfQyhHR20hbqZdhnA8BONAvprBkvlLOYZh:wfU0I7VBOMZuIY

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
617e209d9c9fffcb06c98395e5924f09_JaffaCakes118

Files

617e209d9c9fffcb06c98395e5924f09_JaffaCakes118
.exe windows:5 windows x86 arch:x86

f61760cda856cb2d574dab1aaa2aa6fc

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

P:\gkybpJVlT\SrfNdFyu\hjDlhovTnoiz\GrfgtAllygoy.pdb

Imports

msvcrt

isprint
getenv
isalnum
strrchr
_controlfp
mktime
strcspn
__set_app_type
fwrite
__p__fmode
setvbuf
fflush
isdigit
__p__commode
strtok
iswprint
strtol
iswspace
iswxdigit
wcstod
rand
_amsg_exit
_initterm
_ismbblead
strncmp
calloc
_XcptFilter
sscanf
vswprintf
wcsncmp
iswdigit
_exit
putchar
wcscmp
iswalpha
_cexit
__setusermatherr
getc
fputs
strspn
qsort
malloc
wcscoll
fprintf
__getmainargs
toupper
wcstok

comctl32

CreateToolbarEx
ImageList_Draw
ImageList_Write
CreateStatusWindowW
ImageList_Read
ImageList_AddMasked

user32

wvsprintfW
mouse_event
CopyRect
IsWindowUnicode
SetRectEmpty
DrawMenuBar
DeferWindowPos
FindWindowW
ArrangeIconicWindows
GetDCEx
GetDlgCtrlID
SendMessageTimeoutW
DestroyIcon
AppendMenuA
ShowWindow
EndPaint
DefDlgProcA
SetActiveWindow
GetActiveWindow
DrawTextA
IsWindowVisible
DestroyMenu
TabbedTextOutW
SendDlgItemMessageW
GetKeyState
IsDialogMessageW
GetKeyboardLayoutList
GetWindowTextA
ToUnicodeEx
CopyImage
SendMessageA
GetDialogBaseUnits
EnumWindows
GetMonitorInfoW
InvalidateRgn
wsprintfA
CheckMenuRadioItem
DeleteMenu
GetMessagePos
TranslateMessage
InsertMenuItemW
IsCharUpperA
EnumThreadWindows
GetWindowDC
GetDlgItem
IsCharAlphaA
GetUpdateRect
DispatchMessageW
DrawFrameControl
SetForegroundWindow
IsIconic
LookupIconIdFromDirectory
CharNextW
MessageBoxExA
InsertMenuW
GetMenu
FillRect
GetParent
GetClassLongW
GetDoubleClickTime
GetWindowLongW
GetClassLongA
GetKeyboardLayoutNameW
SetRect
LoadCursorA
SetCursorPos
IsCharAlphaW
CharNextA
GetWindowLongA
GetSystemMetrics
MapVirtualKeyA
KillTimer
wvsprintfA
InvertRect
ShowCursor
RegisterHotKey
ClientToScreen
RegisterWindowMessageW
IntersectRect
GetUserObjectInformationW
DefWindowProcA
wsprintfW
CreateDialogIndirectParamW
CharUpperW
EqualRect
AdjustWindowRect
GetDlgItemTextW
GetDlgItemInt
DefFrameProcA
CharLowerW
GetLastActivePopup
PostMessageA
GetUserObjectInformationA
GetMenuItemCount
SetCursor
MoveWindow
CharPrevW
ScrollWindowEx
SetMenuItemInfoW
SetMenuItemBitmaps
SetUserObjectInformationW
DrawIcon
MapVirtualKeyW
AllowSetForegroundWindow
HiliteMenuItem
CreatePopupMenu
CharToOemBuffA
ShowScrollBar
GetScrollRange
CheckRadioButton
SystemParametersInfoW
GetCursorPos
InSendMessageEx
GetKeyboardType
GetClassInfoExA
BeginDeferWindowPos
SetTimer
TranslateAcceleratorW
VkKeyScanW

kernel32

QueryDosDeviceW
VirtualFree
GetFileAttributesW
CreateFileMappingW
SetCommState
TerminateThread
FindResourceExW
CreateDirectoryW
lstrcpyA
OpenEventA
GetModuleHandleA
ReadFile
FindFirstFileW
IsDBCSLeadByteEx
WaitForSingleObjectEx
FreeLibrary
CopyFileW
SetErrorMode
HeapAlloc
GetCommandLineW
CancelWaitableTimer
CreateEventA
GetSystemDefaultLangID
CreateEventW
IsBadStringPtrW
EnterCriticalSection
SetEvent
GetVersionExW
LockResource
MoveFileExW
UnhandledExceptionFilter
VerSetConditionMask
OpenFileMappingA
FindFirstFileA
CreateThread
DeleteFileW
SetLastError
GetShortPathNameA
AddAtomA
GlobalAddAtomW
LocalSize
GetCompressedFileSizeW
CreateSemaphoreW
GetBinaryTypeW
ResumeThread
GetAtomNameW
LoadLibraryA
VirtualQuery
GlobalHandle
SetFileTime
IsBadReadPtr
SetFilePointer
GetCommModemStatus
CreateFileA
LoadLibraryExW

Exports

Exports

?ExtractOptions@@YGK_KHE[D

Sections

.text
Size: 20KB - Virtual size: 19KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 246B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.div
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 2KB - Virtual size: 187KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 167KB - Virtual size: 166KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f61760cda856cb2d574dab1aaa2aa6fc

Headers

File Characteristics

PDB Paths

Imports

msvcrt

comctl32

user32

kernel32

Exports

Exports

Sections

.text Size: 20KB - Virtual size: 19KB

.idata Size: 6KB - Virtual size: 5KB

.edata Size: 512B - Virtual size: 246B

.div Size: 1KB - Virtual size: 1KB

.data Size: 2KB - Virtual size: 187KB

.rsrc Size: 167KB - Virtual size: 166KB

.reloc Size: 1KB - Virtual size: 1KB

.text
Size: 20KB - Virtual size: 19KB

.idata
Size: 6KB - Virtual size: 5KB

.edata
Size: 512B - Virtual size: 246B

.div
Size: 1KB - Virtual size: 1KB

.data
Size: 2KB - Virtual size: 187KB

.rsrc
Size: 167KB - Virtual size: 166KB

.reloc
Size: 1KB - Virtual size: 1KB