633ce8f47fb87a8cf01775cf3c837ab2_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

633ce8f47fb87a8cf01775cf3c837ab2_JaffaCakes118
Size

190KB
MD5

633ce8f47fb87a8cf01775cf3c837ab2
SHA1

d315d9a474b175ab19fb7365f0cb10d16ef35a15
SHA256

9d2a113c51d0150e7d13e96a70c66cab0f7c2c7ed6fbb1fa71a85f2907cac71f
SHA512

2f4aca176695e357bf6d81881e62ec90d35d2939c9c38fe6167af3650be63260de248d89c7abfb4f9ef69bcd4a863cfefe65b1c0cfa2695039ee6d83594fa235
SSDEEP

3072:EuhrYhwevAyi7KN/3yEmpuiddXLxBFQkfO7ncQA10Zbp9:VchweYyi7Kp3yEMuijLxPmncQA2ZbH

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
633ce8f47fb87a8cf01775cf3c837ab2_JaffaCakes118

Files

633ce8f47fb87a8cf01775cf3c837ab2_JaffaCakes118
.exe windows:5 windows x86 arch:x86

0790b38a23b704da1f4b91a73ffc1c0f

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

U:\fvqlrbsQtz\PgaZjfvbqZL\vidczDjnuW\DhTxmaAhRyqqg\vgpPAure.pdb

Imports

msvcrt

strtoul
wcstol
_controlfp
__set_app_type
__p__fmode
__p__commode
_amsg_exit
wcscoll
_initterm
_acmdln
gets
swscanf
exit
towlower
_ismbblead
malloc
towupper
_XcptFilter
atoi
_exit
_cexit
tolower
__setusermatherr
__getmainargs
time
bsearch
wcspbrk

kernel32

EnumResourceNamesA
LocalReAlloc
WaitCommEvent
SetEndOfFile
FoldStringW
LoadLibraryW
QueryPerformanceCounter
GetCurrentDirectoryW
GetCommModemStatus
RegisterWaitForSingleObject
GetCurrentThreadId
CreateFileMappingA
ExitThread
GetModuleHandleA
LCMapStringA
ConvertDefaultLocale
CreateMutexA
GetTickCount
CreateFileW
SetThreadAffinityMask
GetSystemDefaultUILanguage

gdi32

LineDDA
RectInRegion
SetStretchBltMode
CreateRectRgnIndirect
GetNearestPaletteIndex
SetBrushOrgEx
SetViewportExtEx
GetSystemPaletteUse
CreateHatchBrush
AddFontResourceW
RestoreDC
SetBitmapDimensionEx
CreateDIBitmap
GetViewportOrgEx
RectVisible
CreatePolygonRgn
StretchDIBits
CreatePalette
GetDIBits

comdlg32

GetFileTitleW
GetOpenFileNameW
ReplaceTextW

shlwapi

StrCatBuffW

user32

IsCharLowerA
CreateDialogParamA
DestroyMenu
ModifyMenuW
CharLowerBuffW
GetWindow
GetClipCursor
CreateIconFromResource
GetClassNameW
CheckRadioButton
DispatchMessageW
GetWindowTextA
GetKeyState
SetWindowRgn
DestroyAcceleratorTable
TabbedTextOutW
TrackPopupMenu
SetCursorPos
KillTimer
IsZoomed
SetSysColors
LoadBitmapW
wsprintfW
LoadBitmapA
SendDlgItemMessageA
DrawEdge
GetKeyboardLayout
GetMessageW
CreateIconIndirect
SetWindowLongW
GetWindowLongA
CopyAcceleratorTableW
SetWindowPlacement
BeginDeferWindowPos
DrawFocusRect
PostThreadMessageW
InflateRect
LookupIconIdFromDirectory
CreatePopupMenu
GetDCEx
SystemParametersInfoW
IsCharAlphaNumericA
MapVirtualKeyW
GetClassInfoA
TileWindows
IsChild

Exports

Exports

?LoadAnchorExA@@YGFJ~U
?ExecuteLoaderTrayXBwyGD@@YGKGHE@Z
?FreeObjectNew@@YGXKPADGE~U
?DeleteTimeW@@YGPAKEPAKPAIG~U

Sections

.text
Size: 21KB - Virtual size: 20KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ticx
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.kip
Size: 1024B - Virtual size: 524B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ticy
Size: 512B - Virtual size: 403B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.zdata
Size: 512B - Virtual size: 212B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.heap
Size: - Virtual size: 75KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 159KB - Virtual size: 159KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

0790b38a23b704da1f4b91a73ffc1c0f

Headers

File Characteristics

PDB Paths

Imports

msvcrt

kernel32

gdi32

comdlg32

shlwapi

user32

Exports

Exports

Sections

.text Size: 21KB - Virtual size: 20KB

.ticx Size: 3KB - Virtual size: 2KB

.kip Size: 1024B - Virtual size: 524B

.ticy Size: 512B - Virtual size: 403B

.zdata Size: 512B - Virtual size: 212B

.data Size: 2KB - Virtual size: 2KB

.heap Size: - Virtual size: 75KB

.rsrc Size: 159KB - Virtual size: 159KB

.reloc Size: 1KB - Virtual size: 1KB

.text
Size: 21KB - Virtual size: 20KB

.ticx
Size: 3KB - Virtual size: 2KB

.kip
Size: 1024B - Virtual size: 524B

.ticy
Size: 512B - Virtual size: 403B

.zdata
Size: 512B - Virtual size: 212B

.data
Size: 2KB - Virtual size: 2KB

.heap
Size: - Virtual size: 75KB

.rsrc
Size: 159KB - Virtual size: 159KB

.reloc
Size: 1KB - Virtual size: 1KB