673535f9dbe12cb6d0de8fc541bdff88_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

673535f9dbe12cb6d0de8fc541bdff88_JaffaCakes118
Size

286KB
MD5

673535f9dbe12cb6d0de8fc541bdff88
SHA1

3710d0408e172a65863008c6e6dcd4fb959feb7b
SHA256

536def3d194a7b6493d322d56371c31c1269e4786227f742af9b255c4e23bcd6
SHA512

20f54e065ce62d34b489509b756e21409e9c4c9d828efa044d0867b6e4f97b674565c535e9800b68300825eeb23045e2c08166eea592910101306de8fc666186
SSDEEP

6144:bqIXXVcmqrxL5yqREvAzIaWn0Cg98UHZcKm/GNe4GR:bHn49L5ivAzIt0CgiU5c/0C

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
673535f9dbe12cb6d0de8fc541bdff88_JaffaCakes118

Files

673535f9dbe12cb6d0de8fc541bdff88_JaffaCakes118
.exe windows:5 windows x86 arch:x86

c5ae9a36498009f3e10f82a89e6c5065

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

M:\jyBgRglyvvhn\qgflkdZeKnjw\GfCzayfe\crVlPEjKdWiZp.pdb

Imports

comdlg32

ChooseColorW
PrintDlgW
GetSaveFileNameW
ChooseFontW
ReplaceTextW

msvcrt

strpbrk
_controlfp
realloc
towlower
wcstoul
__set_app_type
getc
malloc
fprintf
__p__fmode
__p__commode
_amsg_exit
iswdigit
isprint
strtol
isdigit
printf
iswprint
fseek
setvbuf
ftell
wcscmp
_initterm
wcstol
_acmdln
ungetc
exit
isalnum
wcslen
_ismbblead
qsort
iswctype
strstr
_XcptFilter
_exit
iswalpha
putchar
strspn
remove
swscanf
_cexit
__setusermatherr
__getmainargs
isupper
strncmp
vswprintf

comctl32

PropertySheetW
CreateStatusWindowW
ImageList_Create
InitCommonControlsEx
CreatePropertySheetPageA
CreateToolbarEx

kernel32

GetThreadContext
GlobalReAlloc
GetStringTypeExW
GetCommState
SetFileAttributesW
LocalSize
GetThreadTimes
CreateRemoteThread
GetFileAttributesExW
lstrcmpiW
SetFilePointer
AreFileApisANSI
SetLastError
FindResourceExW
LoadResource
SetCommTimeouts
SetEvent
CreateFileW
FindResourceW
GetNumberFormatA
DeleteCriticalSection
SearchPathA
Sleep
GetComputerNameExA
CreateNamedPipeW
GetNumberFormatW
GetVersion
SetSystemTime
GetStartupInfoA
IsValidLanguageGroup
GetShortPathNameW
lstrcatA
LoadLibraryExW
GetFileTime
GetTempPathW
CreateWaitableTimerW
SetCurrentDirectoryW
GetExitCodeThread
MapViewOfFile
SetFileAttributesA
UnmapViewOfFile
FreeLibrary
FreeResource
LeaveCriticalSection
lstrcmpA
HeapReAlloc
DisconnectNamedPipe
CreateFileMappingA
LoadLibraryExA
GetCurrentThreadId
GetSystemDirectoryW

gdi32

RealizePalette
LineDDA
SelectClipRgn
CreateHalftonePalette
CreateHatchBrush
CreateICW
Polygon
LPtoDP
SetRectRgn
SetROP2
ExtTextOutA
GetTextExtentPointA
CreateCompatibleBitmap
CreateDCW
CreateEllipticRgnIndirect
GetTextExtentPoint32W
GetCharWidth32W
GetViewportOrgEx
CombineRgn
SelectPalette
TextOutW
SetBitmapDimensionEx
DPtoLP
CreateDIBitmap
PtVisible
DeleteDC
SetViewportExtEx
DeleteObject
RoundRect
SetDIBColorTable
CreateCompatibleDC
CreateFontW
MoveToEx
GetWindowOrgEx
GetTextMetricsA
GetNearestColor
GetTextExtentPointW
SetStretchBltMode
GetNearestPaletteIndex
ScaleWindowExtEx
GetObjectW
GetClipBox
SetTextAlign
SetWindowExtEx

user32

TileWindows
TabbedTextOutW
CharPrevW
PostThreadMessageW
ShowOwnedPopups
EnumThreadWindows
SetWindowTextA
VkKeyScanW
CreateIconFromResource
TranslateAcceleratorW
IntersectRect
SetRect
GetMonitorInfoW
LoadCursorA
InSendMessage
AppendMenuA
LoadMenuA
CreateAcceleratorTableW
CallWindowProcA
ActivateKeyboardLayout
GetWindowTextA
ReleaseDC
CharNextW
CharLowerW
SetWindowLongW
InsertMenuA
GetSysColorBrush
CharUpperBuffW
MessageBoxExW
CreatePopupMenu
AttachThreadInput
GetWindowLongW
ValidateRect
GetWindow
SetMenu
DrawStateW
DefDlgProcA
EnableScrollBar
MessageBoxExA
GetMessageW
RegisterClassExA
GetKeyboardLayout
DefFrameProcW
ReplyMessage
RegisterClassExW
IsDialogMessageW
LookupIconIdFromDirectory
SetCaretPos
PeekMessageW
LockWindowUpdate
IsZoomed
GetActiveWindow
SetSysColors
CheckRadioButton
GetDoubleClickTime
GetMenu
MapVirtualKeyA
GetNextDlgTabItem
InvertRect
SetTimer
DefFrameProcA
CallWindowProcW
GetClassNameW
ChildWindowFromPoint
ChildWindowFromPointEx
GetUpdateRect
IsRectEmpty
ExitWindowsEx
SetParent
SendMessageTimeoutA
ShowWindow
DrawStateA
GetIconInfo
GetKeyboardLayoutNameW
PtInRect
UnionRect
DrawFrameControl
EndTask
SetDlgItemInt
GetKeyNameTextW
GetMessageExtraInfo
DrawTextW
GetKeyState
SetCursorPos
GetPropW
PostMessageA
wsprintfW
SetDlgItemTextW
HideCaret
DestroyMenu
DialogBoxParamW
FindWindowExA
GetNextDlgGroupItem
OffsetRect
SendDlgItemMessageW
SetLastErrorEx
CharToOemA
GetDesktopWindow
TranslateMessage
DispatchMessageA
CloseDesktop
GetFocus
DestroyWindow
CheckMenuRadioItem
IsMenu
MonitorFromRect
GetMenuItemID
ClipCursor
AdjustWindowRectEx

Exports

Exports

?SetCommandLineNew@@YGPAGG@Z
?ModifyTaskEx@@YGFMK@Z
?ModifyFolderPathExA@@YGXJ@Z
?EnumOptionExW@@YGKDPA_N@Z
?LoadOptionOld@@YGFFE@Z
?ShowTimeOld@@YGPA_NPAI@Z
?ShowProjectA@@YGPAHHI@Z
?FindSemaphore@@YGDPAGHPAF@Z
?RtlFullNameOriginal@@YGX_NDPAFH@Z
?RtlDateTimeExA@@YGND@Z
?ValidateProvider@@YGXPAN@Z
?IsNotHeaderOriginal@@YGPAGNH@Z
?FreeExpressionExA@@YGKPAEPAH@Z
?ShowModuleW@@YGHKKPAHPA_N@Z
?DecrementSectionNew@@YGF_N@Z
?FindDateEx@@YGNI@Z
?ValidateVersionOriginal@@YGPANJEIK@Z
?ShowMutantEx@@YGDPAFMG@Z
?DeleteMessageExA@@YGPAMPAMH@Z
?CancelFilePath@@YGJFPAD@Z
?IsCharOld@@YGFPAKHPAFPAG@Z
?FormatFileA@@YGGPA_N@Z
?AddModuleExW@@YGDJPADKPAI@Z
?RemoveTimerExA@@YGPANM@Z
?EnumProcessOriginal@@YGJG@Z
?ModifyProcessOld@@YG_NH_N@Z
?IncrementConfigExA@@YGXJMMD@Z
?GenerateHeightOriginal@@YGXIG@Z
?FreeProcessExA@@YGXNMPAM@Z
?IncrementPointerOld@@YGXPAIEJ@Z
?InvalidateKeyboardOriginal@@YGPA_NDPA_NPAE@Z
?LoadPointA@@YGMMPAKM@Z

Sections

.text
Size: 66KB - Virtual size: 65KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.dt_i
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.dt_e
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 72KB - Virtual size: 71KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 124KB - Virtual size: 123KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

c5ae9a36498009f3e10f82a89e6c5065

Headers

File Characteristics

PDB Paths

Imports

comdlg32

msvcrt

comctl32

kernel32

gdi32

user32

Exports

Exports

Sections

.text Size: 66KB - Virtual size: 65KB

.dt_i Size: 6KB - Virtual size: 6KB

.dt_e Size: 1KB - Virtual size: 1KB

.data Size: 13KB - Virtual size: 13KB

.rdata Size: 72KB - Virtual size: 71KB

.rsrc Size: 124KB - Virtual size: 123KB

.reloc Size: 2KB - Virtual size: 1KB

.text
Size: 66KB - Virtual size: 65KB

.dt_i
Size: 6KB - Virtual size: 6KB

.dt_e
Size: 1KB - Virtual size: 1KB

.data
Size: 13KB - Virtual size: 13KB

.rdata
Size: 72KB - Virtual size: 71KB

.rsrc
Size: 124KB - Virtual size: 123KB

.reloc
Size: 2KB - Virtual size: 1KB