6952042b40e02f3c13fe767f8d8eec2c_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

6952042b40e02f3c13fe767f8d8eec2c_JaffaCakes118
Size

52KB
MD5

6952042b40e02f3c13fe767f8d8eec2c
SHA1

c37095a9b04806a244aab64e95675e24c334891e
SHA256

8442d549b0722562fd5c078d48f064a17ae304215f1a0c94c639e1b52c551c46
SHA512

df61d42feb568694d51393f74458ae2479b127aae7e208b0ccb30b1650f488c401f212d93b63bfa7dd9a51cc2bd1c2a41612159f778fb914dec5cf0f181d95ae
SSDEEP

768:eACer6/Pj9VLMjnLZUU7MjSxeTd7kK0yazAzK2qVn3rGYgpOKtoS7sQ+Nnu:e5VLMjn6U7Dm5B3qcYyoSX

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
6952042b40e02f3c13fe767f8d8eec2c_JaffaCakes118

Files

6952042b40e02f3c13fe767f8d8eec2c_JaffaCakes118
.exe windows:5 windows x86 arch:x86

f72b6839b1fbdcc675b3c5f5c18dbb79

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

G:\ftktRJmqpMmkV\qmgEzqBNi\jwSlrigDsXLvXa.pdb

Imports

comdlg32

GetOpenFileNameW
ChooseFontW
PrintDlgW
ChooseColorW
GetSaveFileNameA
GetSaveFileNameW

kernel32

GetComputerNameExA
lstrcmpiW
LockFile
SetSystemTime
UnlockFile
GlobalMemoryStatusEx
CreateEventW
FindFirstChangeNotificationW
GetLocaleInfoW
RemoveDirectoryA
GetProcessHeap
EscapeCommFunction
SearchPathA
GetSystemWindowsDirectoryW
VirtualAlloc
LoadLibraryA
AreFileApisANSI
WinExec
CallNamedPipeW
GetModuleHandleW
HeapAlloc
LocalReAlloc
SetFileAttributesW
GetFileType
LoadLibraryExA
HeapFree
GlobalSize
GetModuleFileNameW
DeleteFileA
OpenEventW
GetBinaryTypeA
GetSystemDirectoryA
PulseEvent
CompareFileTime
LeaveCriticalSection
GetStartupInfoA
FlushFileBuffers
CreateThread
GetStringTypeExW
UnmapViewOfFile
GlobalGetAtomNameA
ClearCommError
TlsFree
SetCommBreak
GetModuleFileNameA
ReadFile
GetFileAttributesExA
GlobalAddAtomA
GetComputerNameW
VirtualProtect
LoadLibraryW
GetShortPathNameA
CreateWaitableTimerW
WaitForSingleObjectEx
SetEndOfFile
GetWindowsDirectoryA
FormatMessageW
FindCloseChangeNotification

msvcrt

perror
strtoul
_controlfp
getenv
__set_app_type
__p__fmode
bsearch
system
wcscat
printf
malloc
isalpha
swprintf
strncmp
__p__commode
strtol
_amsg_exit
iswprint
_initterm
_ismbblead
strrchr
towupper
fwrite
ungetc
sprintf
wcsncpy
_XcptFilter
wcstoul
iswdigit
gets
_exit
putchar
fputs
_cexit
strncpy
wcstok
vswprintf
wcscmp
wcscspn
fread
__setusermatherr
gmtime
putc
__getmainargs
realloc
floor
towlower

user32

DestroyIcon
CharLowerBuffW
GetUpdateRect
LookupIconIdFromDirectory
CheckMenuRadioItem
GetAltTabInfoA
TranslateMessage
EnableWindow
DialogBoxIndirectParamW
CharToOemW
IsChild
CharToOemBuffA
IsCharAlphaW
GetMenuState
CallWindowProcA
CharNextExA
GetWindow
wsprintfA
CopyImage
LoadMenuW
ScreenToClient
GetClassInfoA
IsZoomed
ScrollWindow
InvalidateRgn
UnionRect
InternalGetWindowText
PostQuitMessage
TileWindows
DrawTextExW
SetDlgItemTextW
ModifyMenuW
CharLowerW
LoadCursorW
ShowWindowAsync
IsDialogMessageA
IsMenu
FillRect
PostMessageA
SendMessageTimeoutW
LoadAcceleratorsW
GetKeyboardType
GetWindowTextA
GetParent
SendMessageW
CreateAcceleratorTableW
GetClientRect
IsCharAlphaNumericW
RemoveMenu
DrawFocusRect
GetMenuItemRect
GetDlgItemInt
IsWindowEnabled
SwitchToThisWindow
ActivateKeyboardLayout
SendDlgItemMessageA
MessageBoxA
HiliteMenuItem
IntersectRect
EqualRect
InSendMessage
AppendMenuW
IsDlgButtonChecked
CharUpperBuffW
RegisterClassExA
IsWindowUnicode
EnumWindows
GetPropW
DispatchMessageW
GetSystemMenu
LoadBitmapA
CloseDesktop
SetParent
RegisterWindowMessageA
GetScrollPos
GetAsyncKeyState
SendNotifyMessageW
RegisterClassW
DefWindowProcW
SetMenu
LoadCursorA
InvalidateRect
SystemParametersInfoW
InSendMessageEx
LockWindowUpdate
RemovePropW
ValidateRect
AttachThreadInput
CopyRect
KillTimer
SetTimer
SetRect
GetForegroundWindow
HideCaret
GetMessageW
PostMessageW
DrawStateW
CheckRadioButton
DialogBoxParamW
UnloadKeyboardLayout
GetMessagePos
WindowFromPoint
GetDoubleClickTime
DialogBoxIndirectParamA
GetDlgItemTextW
SetWindowPos
EnableScrollBar
BeginPaint
GetMenu
ChangeMenuW
OffsetRect
GetUpdateRgn
MonitorFromPoint
SystemParametersInfoA
GetIconInfo
MessageBoxExW
GetKeyboardLayoutList
DestroyCursor
GetKeyboardLayoutNameW
GetMessageTime
DialogBoxParamA

Exports

Exports

?TestAccountSecDUoiJDK@@YGKGE[D

Sections

.text
Size: 20KB - Virtual size: 20KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 8KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 20KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f72b6839b1fbdcc675b3c5f5c18dbb79

Headers

File Characteristics

PDB Paths

Imports

comdlg32

kernel32

msvcrt

user32

Exports

Exports

Sections

.text Size: 20KB - Virtual size: 20KB

.data Size: 8KB - Virtual size: 16KB

.rsrc Size: 20KB - Virtual size: 20KB

.reloc Size: 1KB - Virtual size: 1KB

.text
Size: 20KB - Virtual size: 20KB

.data
Size: 8KB - Virtual size: 16KB

.rsrc
Size: 20KB - Virtual size: 20KB

.reloc
Size: 1KB - Virtual size: 1KB