622fe6c24b92289ac2f0c349d597a628_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

622fe6c24b92289ac2f0c349d597a628_JaffaCakes118
Size

216KB
MD5

622fe6c24b92289ac2f0c349d597a628
SHA1

2e929b2867735fab42bfbd74a044c4e036a83c0f
SHA256

741cef5312a2b29577b92a48643ee564b5a4675811d57ceb492598285e108037
SHA512

d73477009b976a128b41aabc8a77a4ccc41a63294311bc0f6da7456830062f77106b0c33b63ef4eb3060b15e6af2008e26bb420bd1cec48235623768ab9d0183
SSDEEP

3072:v9UXFduT6v7RBqjhWWL7MWjfsZau6SSJNC6qVjvTGp1/zjlhCE1S4+:v21duT6v7R8jj7Rs3uxq1GJY4/+

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
622fe6c24b92289ac2f0c349d597a628_JaffaCakes118

Files

622fe6c24b92289ac2f0c349d597a628_JaffaCakes118
.exe windows:5 windows x86 arch:x86

e215e84552580ed90c914a9f5bff803b

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

S:\uisoozuy\oZfLbvBxep\whRbyHFHPon\nhFArVf\htiwxzcso.pdb

Imports

comctl32

DestroyPropertySheetPage
InitCommonControlsEx
ImageList_GetIconSize
ImageList_Read
PropertySheetW

gdi32

ExtFloodFill
SetROP2
RealizePalette
EnumFontFamiliesW
LineDDA
GetClipBox
CreatePolygonRgn
SetMapMode
SaveDC
GetTextAlign
EndPage
SetPixel
CreateFontA
WidenPath
SetRectRgn
DPtoLP
GetCharWidth32W
EnumFontFamiliesExW
ScaleWindowExtEx
GetTextFaceW
PolyBezier
BitBlt
LineTo
SetLayout
SetWindowOrgEx
CreateRoundRectRgn
StartPage
CreateICW
ScaleViewportExtEx
CreateBitmap
CreateRectRgn
PtInRegion
OffsetViewportOrgEx
Ellipse
SetBrushOrgEx

msvcrt

fseek
_controlfp
fputs
__set_app_type
wcslen
sscanf
atoi
gets
__p__fmode
vswprintf
__p__commode
qsort
_amsg_exit
_initterm
setvbuf
fgetc
_acmdln
wcscspn
atol
wcsrchr
calloc
toupper
puts
putc
printf
exit
_ismbblead
_XcptFilter
_exit
strtol
wcscmp
strcpy
fwrite
_cexit
wcstod
__setusermatherr
swprintf
iswprint
__getmainargs

user32

SetUserObjectInformationW
PostThreadMessageW
mouse_event
DispatchMessageW
CreateAcceleratorTableW
FillRect
GetLastActivePopup
EnumChildWindows
GetClassLongW
GetWindowTextLengthW
GetUserObjectInformationW
RemoveMenu
CharUpperW
CloseDesktop
OemToCharA
AppendMenuW
OpenIcon
SetWindowRgn
RemovePropW
HiliteMenuItem
CharUpperBuffW
GetClassInfoExW
TrackPopupMenuEx
GetClassLongA
LoadMenuW
ChangeMenuW
ShowOwnedPopups
SendInput
GetKeyboardLayoutList
SetPropW
MessageBoxA
ValidateRect
GetDoubleClickTime
GetForegroundWindow
GetNextDlgTabItem
LoadStringW
GetIconInfo
CheckMenuRadioItem
EnableWindow
wvsprintfA
SetFocus
SystemParametersInfoA
DefFrameProcA
GetSysColorBrush
GetScrollRange
InsertMenuW
ActivateKeyboardLayout
MonitorFromPoint
CharUpperA
GetUpdateRgn
GetScrollInfo
ArrangeIconicWindows
FindWindowW
LoadIconW
OffsetRect
SetSysColors
PostMessageW
ClipCursor
GetWindowLongW
DestroyWindow
IsDialogMessageA
WaitMessage
IsRectEmpty
CascadeWindows
GetWindow
InsertMenuA
GetTopWindow
EndTask
ShowCursor
GetUserObjectInformationA
SetLastErrorEx
GetMessageA
MessageBoxExW
SetDlgItemTextA
HideCaret
IntersectRect
LoadStringA
GetDlgCtrlID
DestroyCaret
CharLowerBuffW
ShowScrollBar
PeekMessageW
DrawIconEx
GetFocus
GetWindowRect

kernel32

VirtualFree
FileTimeToSystemTime
IsBadStringPtrW
WaitForSingleObject
GetFileTime
SetHandleCount
GetVersionExA
CreateThread
GetCommProperties
FileTimeToLocalFileTime
GetLocalTime
GetComputerNameExW
GetWindowsDirectoryA
EnumResourceTypesA
GetShortPathNameA
SetEvent
HeapReAlloc
CreateFileA
UnmapViewOfFile
IsDBCSLeadByte
MultiByteToWideChar
CreateSemaphoreA
FindClose
GetThreadLocale
GetCPInfo
GlobalGetAtomNameA
GetSystemDefaultUILanguage
LCMapStringA
FindResourceW
GlobalUnlock
SetSystemTimeAdjustment
IsDBCSLeadByteEx
GetFileAttributesA
ConvertDefaultLocale
CreateDirectoryA
SetCommMask
WaitForMultipleObjects
CreateEventW
GetSystemTimeAsFileTime
GetBinaryTypeW

Exports

Exports

?ModifyFileExW@@YGPAMPAJEKH&U
?GenerateThreadEx@@YGMMN&U
?CancelClassExA@@YGHPAMIF&U
?GenerateFileOriginal@@YGXPAMID&U
?IsAppName@@YGJM&U
?RtlHeight@@YGHPAHG&U
?PutFilePathOriginal@@YGXHPAHED&U
?AddCommandLineEx@@YGGHDNK&U
?InvalidateListItemExW@@YGJNMDPAK&U
?FindModuleA@@YGXPAJ&U
?FindExpressionExW@@YGPAHPADF&U
?LoadTaskExA@@YGDHFE&U
?PutExpressionOld@@YGPAG_NGH&U
?FindKeyNameNew@@YGHMGH&U
?SetTextExA@@YGPAEM&U
?ModifyTimerNew@@YGHEE&U
?AddDialogOriginal@@YGDMIPAI&U
?CopyProjectOriginal@@YGME&U
?RtlConfigOriginal@@YGEPAME&U
?EnumProvider@@YGJN_N&U
?CopyDateOriginal@@YGPAXIPAN&U
?ValidateWindowInfoOriginal@@YGPAJPAJPAEPAHH&U
?CancelPointEx@@YGJPAJGGPAG&U
?OnMediaType@@YGDPAI&U
?OnMutantOld@@YGDPAN&U
?EnumSectionExW@@YGPAKJG_NM&U
?RtlFileOriginal@@YGHK_NPAKPAI&U
?SetMutexNew@@YGGKPAK&U
?EnumScreenNew@@YGJH&U
?SetNameA@@YGPAXPAIFPADPAN&U
?FormatAppName@@YGNPAII&U
?SendProviderOld@@YGPAMPAMGK&U
?MediaTypeOriginal@@YGPAHEPAID&U
?CopyProjectA@@YGPAE_ND&U
?RemoveKeyNameOriginal@@YGPADPAMPADN&U
?DecrementMessageExA@@YGJPAN&U

Sections

.text
Size: 81KB - Virtual size: 80KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.imdat
Size: 1024B - Virtual size: 836B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.edata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 5KB - Virtual size: 61KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 111KB - Virtual size: 111KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e215e84552580ed90c914a9f5bff803b

Headers

File Characteristics

PDB Paths

Imports

comctl32

gdi32

msvcrt

user32

kernel32

Exports

Exports

Sections

.text Size: 81KB - Virtual size: 80KB

.imdat Size: 1024B - Virtual size: 836B

.edata Size: 1KB - Virtual size: 1KB

.data Size: 13KB - Virtual size: 13KB

.rdata Size: 5KB - Virtual size: 61KB

.rsrc Size: 111KB - Virtual size: 111KB

.reloc Size: 2KB - Virtual size: 1KB

.text
Size: 81KB - Virtual size: 80KB

.imdat
Size: 1024B - Virtual size: 836B

.edata
Size: 1KB - Virtual size: 1KB

.data
Size: 13KB - Virtual size: 13KB

.rdata
Size: 5KB - Virtual size: 61KB

.rsrc
Size: 111KB - Virtual size: 111KB

.reloc
Size: 2KB - Virtual size: 1KB