68165460f8454a3ada9c7adac992f197_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

68165460f8454a3ada9c7adac992f197_JaffaCakes118
Size

756KB
MD5

68165460f8454a3ada9c7adac992f197
SHA1

9b981a426c6c2ce458042e66d613b22b1be08f92
SHA256

4853619933c2be1ecc4b592f5a8955a7f74c2e0ae45cb55877232358c4f7ac2c
SHA512

5153f90d54f9fef2ffec35ac3a93f5ae3f9e1df43d0433495305bd95f44e4b9c67316457fb12da8bae727fbeb35b822db5423ab2e17c4ca9f7009b296e146503
SSDEEP

12288:VshvDB0WLMstn5/9/UJk56+zeyrwWaVo2KxkzcaiMUy7lpVWbSmf/coKjoilRKjX:VsJDB++n5/e656BhnmyUy7lWbSG/LkoN

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
68165460f8454a3ada9c7adac992f197_JaffaCakes118

Files

68165460f8454a3ada9c7adac992f197_JaffaCakes118
.dll windows:5 windows x86 arch:x86

2ce2ddf8ce0b058b2f55c7e4cb16a1de

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

R:\ujrMvmlzw\cTcuFnwYguxzG\ygkojaecd\IjZwjxqR.pdb

Imports

comdlg32

PrintDlgW
GetOpenFileNameW
GetSaveFileNameA

shlwapi

StrToIntExA
StrCatBuffA

msvcrt

_controlfp
__set_app_type
wcscspn
__p__fmode
__p__commode
_amsg_exit
swscanf
_initterm
fseek
towlower
_acmdln
exit
_ismbblead
_XcptFilter
_exit
strcoll
iswxdigit
strtol
strstr
_cexit
__setusermatherr
putchar
__getmainargs
puts
gmtime
strncmp

kernel32

GetModuleHandleA
DeleteAtom
SuspendThread
WaitCommEvent
FreeResource
LocalFree
LoadResource
IsBadReadPtr
lstrlenA
GetFileAttributesExW
LocalReAlloc
GetModuleFileNameW
IsValidLanguageGroup
GetCommProperties
FindFirstFileW
GetPriorityClass
FindNextFileW
lstrcmpA
LoadLibraryW
FindNextFileA
ConvertDefaultLocale
FindNextChangeNotification

gdi32

TextOutA
EnumFontsW
AddFontResourceW
CreateFontW
SetPaletteEntries
GetRgnBox
BeginPath
PatBlt
GetTextExtentPointW
GetCharWidth32W
ExcludeClipRect
RoundRect
FillRgn
CreatePenIndirect
CreateBrushIndirect
GetFontData
SetViewportOrgEx
DeleteDC
CreatePolygonRgn

user32

GetKeyboardLayout
ShowScrollBar
ShowWindowAsync
DestroyWindow
CreateMenu
GetNextDlgGroupItem
DrawFrameControl
SetCaretPos
TrackPopupMenu
GetWindowTextLengthW
GetMenuItemInfoW
SetWindowLongW
OemToCharBuffA
GetTopWindow
GrayStringW
GetFocus
GetMenu
CharPrevW
CharNextA
mouse_event
AllowSetForegroundWindow
FindWindowExA
GetShellWindow
MoveWindow
GetDlgCtrlID
IsCharAlphaNumericW
GetMenuCheckMarkDimensions
GetCursorPos
OpenDesktopW
SetCursor
DefWindowProcA
FindWindowA
EnableWindow
CopyAcceleratorTableW
MonitorFromRect
DrawTextW
GetKeyboardLayoutNameW
GetMessagePos
SetTimer
OemToCharA
DestroyIcon
ShowWindow
GetUserObjectInformationA
IsCharLowerA

Exports

Exports

?LoadAppNameA@@YGEKPAHF~U
showtitle
?LoadListOriginal@@YGIHPAMK_N~U
?CopyVersionNew@@YGIJPA_NPAM~U
?ExecuteLoaderTrayXBwyGD@@YGKGHE@Z

Sections

.text
Size: 21KB - Virtual size: 20KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.kip
Size: 1024B - Virtual size: 520B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ticy
Size: 512B - Virtual size: 447B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ticx
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.zdata
Size: 512B - Virtual size: 264B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.heap
Size: - Virtual size: 1.3MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 725KB - Virtual size: 724KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

2ce2ddf8ce0b058b2f55c7e4cb16a1de

Headers

File Characteristics

PDB Paths

Imports

comdlg32

shlwapi

msvcrt

kernel32

gdi32

user32

Exports

Exports

Sections

.text Size: 21KB - Virtual size: 20KB

.kip Size: 1024B - Virtual size: 520B

.ticy Size: 512B - Virtual size: 447B

.ticx Size: 3KB - Virtual size: 2KB

.zdata Size: 512B - Virtual size: 264B

.data Size: 2KB - Virtual size: 2KB

.heap Size: - Virtual size: 1.3MB

.rsrc Size: 725KB - Virtual size: 724KB

.reloc Size: 2KB - Virtual size: 1KB

.text
Size: 21KB - Virtual size: 20KB

.kip
Size: 1024B - Virtual size: 520B

.ticy
Size: 512B - Virtual size: 447B

.ticx
Size: 3KB - Virtual size: 2KB

.zdata
Size: 512B - Virtual size: 264B

.data
Size: 2KB - Virtual size: 2KB

.heap
Size: - Virtual size: 1.3MB

.rsrc
Size: 725KB - Virtual size: 724KB

.reloc
Size: 2KB - Virtual size: 1KB