63fe01015f4ceb19c9b64ad0bccc723b_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

63fe01015f4ceb19c9b64ad0bccc723b_JaffaCakes118
Size

214KB
MD5

63fe01015f4ceb19c9b64ad0bccc723b
SHA1

cc2a9fb065871024e41c20dca051f3e416677c89
SHA256

a190817db0b96037545737db585c08bac0d1190fec83a454c23a85fad2e7df33
SHA512

5ec98e2215d88552af88ae5b0feaf8a0e390080e3150cfb20ce439fb0064f8ef2fe9c0b963de0e9cc6bc93f0cbdd4dc6950138e878005b8901c07a35438c40b5
SSDEEP

6144:hr8BPOXg3B5eDyV9/ZxoqiLB2wS4hcu8Fq:hr8PKgx5rV9/ZmLBy4IFq

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
63fe01015f4ceb19c9b64ad0bccc723b_JaffaCakes118

Files

63fe01015f4ceb19c9b64ad0bccc723b_JaffaCakes118
.exe windows:5 windows x86 arch:x86

5f2a61258ccf5058a12d6495c0ba50aa

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

V:\jewQvkJoqsz\FulbGofIhypp\fvjixZbSd\JHPeVepH.pdb

Imports

msvcrt

malloc
strrchr
putc
_controlfp
wcstol
wcscpy
fwrite
isspace
wcstod
iswspace
towlower
realloc
wcsstr
getc
vswprintf
__set_app_type
remove
__p__fmode
iswdigit
__p__commode
_amsg_exit
isalnum
_initterm
_acmdln
exit
_ismbblead
_XcptFilter
wcscoll
_exit
toupper
tolower
wcsrchr
_cexit
fclose
iswalpha
wcscat
__setusermatherr
__getmainargs
sscanf
setvbuf

user32

GetClassLongW
DispatchMessageW
CreateWindowExA
IsDialogMessageW
LoadMenuA
GetCaretPos
OpenDesktopW
ScrollWindowEx
LoadStringA
LookupIconIdFromDirectory
DestroyIcon
SetWindowPos
ScrollWindow
DrawAnimatedRects
PtInRect
GetDCEx
MapVirtualKeyA
DrawFocusRect
SetCursorPos
ReplyMessage
UpdateWindow
GetClassInfoW
CharToOemW
LoadImageA
TrackPopupMenuEx
OemToCharA
GetDC
CharPrevA
IsDialogMessageA
GetUpdateRect
SetLastErrorEx
GetWindowRect
VkKeyScanW
SwitchToThisWindow
OffsetRect
IsIconic
MonitorFromPoint
AdjustWindowRectEx
DrawEdge
TranslateAcceleratorA
wvsprintfA
CreateMenu
InvalidateRect
SetMenuItemBitmaps
PostThreadMessageW
DialogBoxParamA
CopyRect
IsWindow
CreateDialogIndirectParamW
SetPropW
SetRect
LoadBitmapW
HiliteMenuItem
UnionRect
RegisterClassExW
ActivateKeyboardLayout
DialogBoxParamW
SetMenuItemInfoW
PostMessageA
GetDlgItemTextA
GetScrollInfo
RedrawWindow
GetShellWindow
DialogBoxIndirectParamA
CopyAcceleratorTableW
CharPrevW
LockWindowUpdate
InvertRect
CreateAcceleratorTableW
BeginDeferWindowPos
GetKeyState
GetSysColorBrush
ChildWindowFromPointEx
SetWindowTextA
GetMessageExtraInfo
GetDoubleClickTime
CharUpperBuffW
SystemParametersInfoW
IsCharAlphaW
GetUserObjectInformationA
SetMenu
DefDlgProcW
TabbedTextOutW
GetKeyNameTextW
DialogBoxIndirectParamW
OpenInputDesktop
SetWindowLongA
CharLowerA
GetForegroundWindow
SetUserObjectInformationW

kernel32

GetCommState
HeapWalk
GetAtomNameW
DefineDosDeviceW
SetLastError
GlobalGetAtomNameA
EscapeCommFunction
BuildCommDCBAndTimeoutsW
GetTempFileNameW
GlobalFree
SetThreadPriority
SetTimerQueueTimer
FreeResource
FileTimeToDosDateTime
SetFileAttributesA
lstrcpyA
EnumResourceTypesA
Sleep
GetStdHandle
WriteFile
CreateMutexW
FindResourceA
GetStartupInfoW
SetMailslotInfo
FindNextFileA
SearchPathA
MoveFileExA
lstrcpyW
GetAtomNameA
GetTempFileNameA
FindFirstFileW
GlobalGetAtomNameW
GetLocaleInfoA
HeapValidate
CreateEventW
CreateFileA
ReleaseSemaphore
FoldStringW
lstrcmpW
GetCompressedFileSizeW
GetNumberFormatW

gdi32

GetNearestColor
CreateDCW
CreateFontA
CreateFontIndirectW
SetWindowOrgEx
GetDIBits
CreateICW
SetBrushOrgEx
GetDeviceCaps
SelectPalette
CombineRgn
GetBitmapBits
CreateHalftonePalette
SetTextAlign
GetTextFaceW
CreateRectRgn
GetWindowOrgEx
UnrealizeObject
SelectClipRgn
CreateBitmapIndirect
RectInRegion
ExtFloodFill
Polygon
GetTextExtentPoint32A
SetLayout
MoveToEx
CreateBitmap
SetDIBColorTable
SetPixel
DPtoLP
EnumFontFamiliesW
GetPaletteEntries
SetAbortProc
SetWindowExtEx
StretchDIBits
GetClipBox
PathToRegion

comdlg32

ReplaceTextW
PrintDlgW
CommDlgExtendedError

Exports

Exports

?WaitForSingleObjectHJDJHhjd@@YGKEPA_WG@Z
?WaitForSingleObjectIUDudh@@YGKEPA_WG@Z
?WaitForSingleObjectYDEyuhgDU6d@@YGKEPA_WG@Z
?WaitForSingleObjectYUSYDyu@@YGKEPA_WG@Z

Sections

.text
Size: 80KB - Virtual size: 79KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 14KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 6KB - Virtual size: 64KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 110KB - Virtual size: 110KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

5f2a61258ccf5058a12d6495c0ba50aa

Headers

File Characteristics

PDB Paths

Imports

msvcrt

user32

kernel32

gdi32

comdlg32

Exports

Exports

Sections

.text Size: 80KB - Virtual size: 79KB

.data Size: 14KB - Virtual size: 13KB

.rdata Size: 6KB - Virtual size: 64KB

.rsrc Size: 110KB - Virtual size: 110KB

.reloc Size: 2KB - Virtual size: 1KB

.text
Size: 80KB - Virtual size: 79KB

.data
Size: 14KB - Virtual size: 13KB

.rdata
Size: 6KB - Virtual size: 64KB

.rsrc
Size: 110KB - Virtual size: 110KB

.reloc
Size: 2KB - Virtual size: 1KB