6443a5690749ec19e26d5dbf82540b83_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

6443a5690749ec19e26d5dbf82540b83_JaffaCakes118
Size

260KB
MD5

6443a5690749ec19e26d5dbf82540b83
SHA1

5c962ae250b56bc2dfa818e1142c84ba9fbd5e85
SHA256

f96fa8a6a4ce56a0cf80b8cf018e1e601bcdd519d221cd3d58040c0c0f73bcea
SHA512

14476fbf87d0c0b2642a61160c76bf01e5af885ea6761e9c138c7fc26ed7932b187739da3a67795da5ec6f3fdc483da1c1b074df6a3929b7edb0cbc919675375
SSDEEP

6144:hI2mQo1Cdh6oof2+4+SHg1dRvov0NX6AqiUA8bT4:K5jwhop4+kglusqsS

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
6443a5690749ec19e26d5dbf82540b83_JaffaCakes118

Files

6443a5690749ec19e26d5dbf82540b83_JaffaCakes118
.exe windows:5 windows x86 arch:x86

900e52cafd708a63a97a0710c2ab4234

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

E:\oviiibfvTsbxn\AxSVheLBtzlpaL\blUnNxrvqnunK\HwmizggwGa\KiSuqcoakaVr.pdb

Imports

user32

DestroyCursor
GetSubMenu
CreateCaret
CharUpperBuffA
GetKeyboardLayoutList
DestroyAcceleratorTable
WindowFromPoint
TileWindows
InvalidateRgn
GetClassLongA
TranslateAcceleratorW
GetIconInfo
PostMessageA
AppendMenuA
PostMessageW
IsWindowVisible
CopyRect
DefFrameProcW
GetAsyncKeyState
SetRectEmpty
IsCharUpperA
UnionRect
InsertMenuA
SetForegroundWindow
DestroyMenu
LoadCursorA
GetClassInfoExA
SetWindowRgn
DialogBoxIndirectParamA
SetDlgItemTextA
GetDlgItem
DrawIconEx
GetMessageTime
ReplyMessage
GetSysColorBrush
DialogBoxIndirectParamW
IsCharAlphaW
SetWindowLongW
SetScrollPos
GetWindowDC
GetKeyboardType
RemoveMenu
IsCharLowerA
SystemParametersInfoW
TabbedTextOutW
LoadIconW
GrayStringW
IsDlgButtonChecked
IsWindowUnicode
IsWindow
ScreenToClient
FindWindowExA
TranslateMessage
RegisterClassW
SendDlgItemMessageW
mouse_event
SetLastErrorEx
GetSysColor
HideCaret
RegisterHotKey
CheckMenuRadioItem
LookupIconIdFromDirectory
GetClassInfoW
MoveWindow
CreateWindowExA
OpenInputDesktop
GetAltTabInfoA
SetMenuDefaultItem
LoadImageA
OemToCharBuffA
ShowWindow
GetWindowTextA
LoadImageW
EnableMenuItem
IsIconic
GetMessageA
CheckMenuItem
DrawStateW
PostThreadMessageA
LoadAcceleratorsW
SetCursorPos
CreateMenu
ScrollWindow
LoadAcceleratorsA
BeginPaint
GetMessageExtraInfo
SetFocus
MessageBoxExW
InvertRect
HiliteMenuItem
SetParent
GetMenuItemCount
FrameRect
GetLastActivePopup
SetClassLongW
SetMenuItemBitmaps
GetKeyboardLayout
MapVirtualKeyW
DeferWindowPos
ModifyMenuW
FindWindowExW
GetMenuItemID
SetCaretPos
IsChild
DefWindowProcA
SetRect
PeekMessageA
SetSysColors
MapVirtualKeyA
EndDialog
GetForegroundWindow
ClipCursor
SendMessageA
PostThreadMessageW
ChangeMenuW
CreateDialogParamW
GetUserObjectInformationA
GetFocus
SystemParametersInfoA
GetDC
AllowSetForegroundWindow
LoadBitmapW

shlwapi

StrToIntA

comdlg32

FindTextW
PrintDlgExW
GetFileTitleW
ReplaceTextW

kernel32

GetComputerNameExW
GetOverlappedResult
GetDateFormatA
SetFilePointer
GetCommModemStatus
ReleaseSemaphore
GetLocaleInfoA
GetLastError
GlobalReAlloc
GetProcessHeap
GetTimeFormatA
SystemTimeToFileTime
GlobalUnlock
GetCurrentThreadId
CreateMutexA
DefineDosDeviceW
SizeofResource
SetSystemTimeAdjustment
GetFullPathNameA
GlobalGetAtomNameW
GetTempPathA
lstrcpyW
DeleteAtom
FreeLibrary
TerminateThread
IsValidLanguageGroup
GetSystemDirectoryA
EnumResourceTypesA
GetCommTimeouts
FileTimeToDosDateTime
DeviceIoControl
LCMapStringA
FindCloseChangeNotification
GetSystemWindowsDirectoryA
GetThreadLocale
SetThreadContext
GetExitCodeThread
lstrcmpW
GetModuleFileNameA
VirtualProtect
FormatMessageA
SetThreadAffinityMask
RegisterWaitForSingleObject
GetModuleHandleW
GetSystemWindowsDirectoryW
GetFileAttributesA
DuplicateHandle
CreateSemaphoreA
GetVersion
LocalLock
CreateFileA
HeapAlloc
LoadLibraryA
HeapFree
GetTickCount
lstrcpynW

msvcrt

sscanf
fputs
wcscpy
wcstoul
swscanf
fread
wcscat
mbstowcs
isalnum
printf
_controlfp
strpbrk
wcscmp
iswxdigit
fflush
strrchr
__set_app_type
__p__fmode
iswalpha
getenv
isprint
isxdigit
qsort
fclose
wcstok
strerror
__p__commode
strncmp
_amsg_exit
time
memset
_initterm
strcpy
towupper
wcsstr
localtime
_ismbblead
strtoul
gets
_XcptFilter
_exit
calloc
_cexit
strstr
__setusermatherr
__getmainargs
setvbuf
fgets

Exports

Exports

?SetDrawMaterialOOpsw@@YGK_KHE[D

Sections

.text
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 21KB - Virtual size: 201KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 228KB - Virtual size: 227KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

900e52cafd708a63a97a0710c2ab4234

Headers

File Characteristics

PDB Paths

Imports

user32

shlwapi

comdlg32

kernel32

msvcrt

Exports

Exports

Sections

.text Size: 8KB - Virtual size: 8KB

.data Size: 21KB - Virtual size: 201KB

.rsrc Size: 228KB - Virtual size: 227KB

.reloc Size: 1KB - Virtual size: 1KB

.text
Size: 8KB - Virtual size: 8KB

.data
Size: 21KB - Virtual size: 201KB

.rsrc
Size: 228KB - Virtual size: 227KB

.reloc
Size: 1KB - Virtual size: 1KB