6749fa84313ad293b64e15a201964cfd_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

6749fa84313ad293b64e15a201964cfd_JaffaCakes118
Size

217KB
MD5

6749fa84313ad293b64e15a201964cfd
SHA1

7187290b2cd6c725458cc32c3f9fa2925ff5ce14
SHA256

da943865f12b33fdc84c8cf892f31580ad17c736bfb3f905b31784bbda2814e1
SHA512

82b5eed7318d20af59a4ae1fdd40c66643ca457d39d81fcee35772f51815ff939a4500745e6f150f013bf2f0e540f2a509348ea3e61bc8218e7e47e48ac4c92d
SSDEEP

6144:imMbcHnwCnZYekYX23ogRv8VKKOkD4AgETJ2pQ1tOJ:iLiYR3ogRvAtOk8AzK

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
6749fa84313ad293b64e15a201964cfd_JaffaCakes118

Files

6749fa84313ad293b64e15a201964cfd_JaffaCakes118
.exe windows:5 windows x86 arch:x86

3abb9821d07568c1526c2fdac530d3d3

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

C:\psHjazcAxpdjok\ciXuybBvZKVl\nHxtHpYxFe.pdb

Imports

shlwapi

ord29
StrToIntExA

gdi32

SelectObject
SetPaletteEntries
SetROP2
SaveDC
CreateRectRgnIndirect
SetWindowOrgEx
GetCurrentObject
AddFontResourceW
RectVisible
GetBkMode
StretchBlt
CreateRectRgn
GetPixel
CreateDIBSection
RectInRegion
GetTextExtentPointW
CreatePalette
SetBkColor

kernel32

GetTempFileNameA
CreateDirectoryW
SetFileAttributesA
GetPriorityClass
lstrcpyW
GlobalCompact
GetWindowsDirectoryA
DeleteFileA
LockFile
GlobalAlloc
RemoveDirectoryW
GetFileSize
GetTickCount
CreateMailslotW
FormatMessageA
SearchPathA
GetModuleHandleA
WaitForSingleObjectEx
SetThreadContext
DeviceIoControl
LoadLibraryW
WaitCommEvent

user32

CharNextW
SetRect
SendMessageA
RedrawWindow
SystemParametersInfoA
MapWindowPoints
DeleteMenu
GetUserObjectInformationA
CopyAcceleratorTableW
GetSubMenu
SetCursorPos
IsCharUpperA
IsCharAlphaNumericW
GetWindowDC
OpenInputDesktop
IsChild
CharUpperBuffA
wsprintfA
wvsprintfW
GetMessagePos
HideCaret
DrawMenuBar
CharLowerA
SystemParametersInfoW
DestroyCaret
SwitchToThisWindow
GetMessageTime
CharPrevW
DialogBoxIndirectParamW
LockWindowUpdate
RegisterWindowMessageW
DrawFocusRect
GetDlgItemTextW
DrawTextW
MonitorFromRect
SetWindowPlacement
GetWindowRect
CreateIconIndirect
ReplyMessage
InsertMenuA
UnionRect
SetActiveWindow
SetTimer
GetKeyboardType
IsCharAlphaW

msvcrt

_controlfp
wcscat
gets
sprintf
ungetc
isxdigit
__set_app_type
__p__fmode
__p__commode
_amsg_exit
_initterm
strspn
_acmdln
exit
srand
strcspn
_ismbblead
_XcptFilter
wcstol
_exit
iswprint
perror
_cexit
puts
bsearch
__setusermatherr
__getmainargs

Exports

Exports

?PutPointA@@YGEFPAHD~U
?IncrementTimeExW@@YGDI~U
?IsPathOriginal@@YGEMPAGF~U
?DumpDigitalDataCBhJEB@@YGKGHE@Z
?OnConfigW@@YGDPAKKPAHM~U
?SetStringNew@@YGDH_NPAH_N~U
?CallModuleOriginal@@YGPAJPAHIPAH~U
?SendTimeW@@YGPAGIPAGPAE~U
?InstallObject@@YGPADKKH~U
?CrtKeyboardOriginal@@YGXHII~U
?CallSectionA@@YGFNPAKK~U
?ModifyExpressionEx@@YGFPAGNJF~U
?LoadSystemExA@@YGPAMDKPANI~U
?KillWidthExW@@YGPAGE_N~U
?RemoveStateOriginal@@YGPANPAH~U

Sections

.text
Size: 21KB - Virtual size: 20KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.init
Size: 512B - Virtual size: 508B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tidat
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tedat
Size: 1024B - Virtual size: 895B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.alloc
Size: - Virtual size: 187KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 186KB - Virtual size: 185KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

3abb9821d07568c1526c2fdac530d3d3

Headers

File Characteristics

PDB Paths

Imports

shlwapi

gdi32

kernel32

user32

msvcrt

Exports

Exports

Sections

.text Size: 21KB - Virtual size: 20KB

.init Size: 512B - Virtual size: 508B

.tidat Size: 2KB - Virtual size: 2KB

.tedat Size: 1024B - Virtual size: 895B

.rdata Size: 1KB - Virtual size: 1KB

.data Size: 2KB - Virtual size: 1KB

.alloc Size: - Virtual size: 187KB

.rsrc Size: 186KB - Virtual size: 185KB

.reloc Size: 1KB - Virtual size: 1KB

.text
Size: 21KB - Virtual size: 20KB

.init
Size: 512B - Virtual size: 508B

.tidat
Size: 2KB - Virtual size: 2KB

.tedat
Size: 1024B - Virtual size: 895B

.rdata
Size: 1KB - Virtual size: 1KB

.data
Size: 2KB - Virtual size: 1KB

.alloc
Size: - Virtual size: 187KB

.rsrc
Size: 186KB - Virtual size: 185KB

.reloc
Size: 1KB - Virtual size: 1KB