678098073b486b0c59189da1b562c8cf_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

678098073b486b0c59189da1b562c8cf_JaffaCakes118
Size

216KB
MD5

678098073b486b0c59189da1b562c8cf
SHA1

7f82bb31a1dd0af986d50839a30c008e5febbe75
SHA256

47b5f709139a24b3050844c09f366a5b9d04a821b38bebcb4063d3a121364a1c
SHA512

19e729b8f6b1511a2a8b2efa9ade534d8784c15611487f6bf1f06c9ac1053217be0aa7b095b912c52ca9934f8f5d96ff6c33cb650973f6cb9cf93658f8318eba
SSDEEP

3072:lSHZFqZa4/MokLnxixvp6jRqNECT/gnRtlOuuYUZ93J+T3bgjiMMRnqSBR0V/GFM:lS5wZKok70B8RqFstlnWZ9AoOMwl0VR

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
678098073b486b0c59189da1b562c8cf_JaffaCakes118

Files

678098073b486b0c59189da1b562c8cf_JaffaCakes118
.exe windows:5 windows x86 arch:x86

594d44a2eda42152817f8e34d7c13cae

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

F:\JhMrGHtIgrtpgU\iwCHtbupf\qROjRwsxr\yKkHJxkzZf.pdb

Imports

user32

GetDC
InSendMessage
CallWindowProcW
BeginDeferWindowPos
wsprintfW
ChildWindowFromPointEx
PeekMessageA
IsCharAlphaW
MapVirtualKeyExW
ModifyMenuW
CopyAcceleratorTableW
SetTimer
EndDialog
DefFrameProcW
RegisterClassExA
SendMessageA
AppendMenuW
PeekMessageW
EnumWindows
InsertMenuItemW
ShowOwnedPopups
GetNextDlgGroupItem
CreateCursor
GetUpdateRgn
DrawAnimatedRects
PostThreadMessageA
EqualRect
LoadStringA
CheckRadioButton
RegisterClassExW
DrawTextW
RemoveMenu
ActivateKeyboardLayout
DrawIconEx
GetWindowTextW
IsDialogMessageA
GetWindowPlacement
CheckMenuRadioItem
SetActiveWindow
EnumThreadWindows
TranslateAcceleratorA
GetWindowRect
CreateDialogIndirectParamW
ValidateRect
SetWindowPlacement
UnloadKeyboardLayout
ReplyMessage
MapDialogRect
InvalidateRect
ScrollWindowEx
GetUpdateRect
DrawIcon
GetPropW
IntersectRect
IsCharUpperA
GetSystemMenu
DrawFrameControl
CharToOemW
DefWindowProcW
HideCaret
SendMessageW
IsWindow
ToUnicodeEx
DialogBoxIndirectParamA
wsprintfA
ShowCursor
GetSystemMetrics
CopyRect
CharLowerA
GetKeyState
mouse_event
SetMenuDefaultItem
ShowWindowAsync
LoadBitmapA
LookupIconIdFromDirectory
DispatchMessageA
GetClassInfoExW
DeferWindowPos
ScrollWindow
DestroyCursor
EnableWindow
ClipCursor
GetClassNameW
TranslateAcceleratorW
InflateRect

gdi32

UnrealizeObject
GetCharWidth32W
SetPaletteEntries
DPtoLP
ScaleWindowExtEx
PathToRegion
CombineRgn
GetTextExtentPointA
GetTextAlign
CreateDIBitmap
SelectClipRgn
LineTo
GetObjectA
SetDIBColorTable
CreateDCW
DeleteDC
SetAbortProc
GetDIBColorTable
GetNearestPaletteIndex
EndPath
GetTextExtentPoint32W
SetTextAlign
GetTextMetricsW
GetTextCharsetInfo
StartDocW
TranslateCharsetInfo
CreateEllipticRgnIndirect
SaveDC
SetBrushOrgEx
SetLayout
TextOutA
ScaleViewportExtEx
ExtFloodFill
EnumFontsW
GetTextColor

kernel32

SetCommState
FindFirstFileA
GlobalFlags
EscapeCommFunction
LocalSize
CompareStringW
SetThreadAffinityMask
AddAtomA
GetTempPathA
GetTempPathW
VirtualQuery
GlobalGetAtomNameA
lstrcpynA
CreateSemaphoreW
SetEvent
GetTimeFormatA
GetUserDefaultLangID
LocalUnlock
SetNamedPipeHandleState
GetPriorityClass
SetHandleCount
HeapValidate
FreeResource
FindNextFileA
MoveFileExW
GetStringTypeExW
LocalLock
SetCurrentDirectoryA
DeleteCriticalSection
SetFileApisToOEM
GetTickCount
HeapWalk
VirtualFree
FlushViewOfFile
MoveFileW
BuildCommDCBAndTimeoutsW
ExitThread
CreateMailslotW
MapViewOfFile
GetSystemTimeAdjustment
CreateMutexW

comctl32

CreatePropertySheetPageW
ImageList_AddMasked
CreateStatusWindowW
PropertySheetW
ImageList_LoadImageW

msvcrt

_controlfp
__set_app_type
system
isdigit
atoi
vsprintf
fputc
__p__fmode
__p__commode
wcstok
_amsg_exit
srand
wcschr
_initterm
isprint
calloc
gets
_acmdln
strpbrk
exit
iswalpha
putchar
_ismbblead
wcscspn
wcstod
qsort
mktime
_XcptFilter
mbtowc
_exit
_cexit
rand
__setusermatherr
fprintf
wcstoul
__getmainargs
fputs
strncpy
time

Exports

Exports

?WaitForMultipleObjectsIUIUDSiuld@@YGKEPA_WG@Z
?WaitForMultipleObjectsJUDiuDLIJU@@YGKEPA_WG@Z
?WaitForMultipleObjectsUYDyudkjh@@YGKEPA_WG@Z
?WaitForSingleObjectYDEyuhgDU6d@@YGKEPA_WG@Z

Sections

.text
Size: 89KB - Virtual size: 88KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 18KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 2KB - Virtual size: 51KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 104KB - Virtual size: 104KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

594d44a2eda42152817f8e34d7c13cae

Headers

File Characteristics

PDB Paths

Imports

user32

gdi32

kernel32

comctl32

msvcrt

Exports

Exports

Sections

.text Size: 89KB - Virtual size: 88KB

.data Size: 18KB - Virtual size: 17KB

.rdata Size: 2KB - Virtual size: 51KB

.rsrc Size: 104KB - Virtual size: 104KB

.reloc Size: 2KB - Virtual size: 1KB

.text
Size: 89KB - Virtual size: 88KB

.data
Size: 18KB - Virtual size: 17KB

.rdata
Size: 2KB - Virtual size: 51KB

.rsrc
Size: 104KB - Virtual size: 104KB

.reloc
Size: 2KB - Virtual size: 1KB