6861535df6df1a02ee7166aa1b912244_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

6861535df6df1a02ee7166aa1b912244_JaffaCakes118
Size

140KB
MD5

6861535df6df1a02ee7166aa1b912244
SHA1

0c06a3a2a5e3aa6216f76e925fa2ea3932a26323
SHA256

a2f04df809c0e9267197c42ecccfc93f7d327df7c8aca7e7fc5efb96724a76cd
SHA512

dacc50240f777d16ab7e507348fdb589551b390482f5f6ca60235c1a221413ebb4b0a6059c0ca6b03dc5ed9659ba843817e8a084aa09e9015d954725306b0d55
SSDEEP

3072:awPpc2RMMogq3jP/hHx1gQg1VsVswjLKW:a/2m/xzgPsjO

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
6861535df6df1a02ee7166aa1b912244_JaffaCakes118

Files

6861535df6df1a02ee7166aa1b912244_JaffaCakes118
.exe windows:5 windows x86 arch:x86

ef18ac9bff286299351d2e11b9b8a139

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

O:\bMeidRFgSTitP\GtfxxoSvrtfih\GvtOVlc\ufghwJp\hNyjgvhGqe.pdb

Imports

msvcrt

towupper
_controlfp
__set_app_type
gmtime
iswxdigit
__p__fmode
printf
wcslen
__p__commode
_amsg_exit
wcscspn
exit
_initterm
calloc
fputs
getc
_ismbblead
iswdigit
malloc
putchar
fclose
_XcptFilter
setlocale
_exit
atoi
isalpha
_cexit
strcpy
putc
strtol
wcscoll
wcstod
atol
strcoll
memset
wcstoul
wcsrchr
qsort
strtok
iswspace
fputc
wcscmp
wcscat
fread
__setusermatherr
__getmainargs
wcsstr
strncpy

user32

GetWindowModuleFileNameW
ShowOwnedPopups
TranslateAcceleratorW
GetScrollRange
EnumThreadWindows
CallWindowProcW
GetSystemMenu
IsWindow
SetWindowTextW
LoadMenuA
ChangeMenuW
IsWindowEnabled
TabbedTextOutW
DispatchMessageW
CreateCaret
GetSubMenu
LoadBitmapA
CharLowerA
CharNextA
SetTimer
DestroyCursor
CreatePopupMenu
PostMessageA
PeekMessageA
SetScrollRange
OpenDesktopW
GetAsyncKeyState
GetMenuItemID
SetWindowRgn
GetCaretBlinkTime
GetWindowTextLengthW
CreateWindowExA
SendInput
FrameRect
GetScrollInfo
EnumWindows
BeginDeferWindowPos
RemoveMenu
GetGUIThreadInfo
GetTopWindow
FindWindowExA
LoadIconA
MoveWindow
LoadBitmapW
GetMenuItemCount
SetCursor
IsCharAlphaNumericW
GetMenuCheckMarkDimensions
GetMessageTime
SetWindowPos
PostMessageW
DestroyAcceleratorTable
GetSysColorBrush
RegisterClassA
GetLastActivePopup
IsCharUpperA
SetLastErrorEx
GetUserObjectInformationW
InternalGetWindowText
ShowCursor
UnloadKeyboardLayout
LoadIconW
LookupIconIdFromDirectory
CharToOemA
SetDlgItemTextW
CharNextW
MessageBoxA
GetMessageW
CharUpperA
CharUpperW
DialogBoxIndirectParamA
InsertMenuA
GetMenuState
GetWindowTextW
LockWindowUpdate
LoadImageA
GetDlgItem
LoadMenuW
DrawTextW
SetParent
SetActiveWindow
GrayStringW
AdjustWindowRectEx
GetClassLongA
MapVirtualKeyW
MonitorFromRect
CreateDialogIndirectParamW
IsWindowVisible
LoadImageW
UpdateWindow
DrawFrameControl
InflateRect
CheckMenuItem
GetClipCursor
GetPropW
DialogBoxParamW
CreateIconIndirect
DefDlgProcA
DialogBoxIndirectParamW
GetForegroundWindow
SendMessageA
TrackPopupMenuEx
ShowCaret
LoadAcceleratorsA
GetFocus
ActivateKeyboardLayout
GetWindowTextA
CreateIconFromResource
GetDlgCtrlID
GetDlgItemTextW
mouse_event
GetDlgItemInt
IsIconic
IsCharLowerA
GetUpdateRgn
InsertMenuW
MapDialogRect
ChildWindowFromPoint
GetCursorPos
CopyImage
CharLowerBuffW
ModifyMenuW
FindWindowA
FindWindowExW
SendNotifyMessageW

kernel32

GetProcessHeap
QueryDosDeviceW
GetFullPathNameW
GetSystemDirectoryA
VerSetConditionMask
SetMailslotInfo
SetNamedPipeHandleState
GetOEMCP
IsBadWritePtr
OpenSemaphoreW
CreateFileA
GetStdHandle
TlsSetValue
OpenEventW
ExitThread
SetLastError
EnumResourceLanguagesA
CompareStringA
lstrcpyA
AddAtomA
VirtualAlloc
CopyFileW
IsBadStringPtrW
GetProcAddress
GetLongPathNameW
GetShortPathNameW
GetCommProperties
HeapFree
GetCurrentThreadId
HeapSize
FormatMessageW
SetTimerQueueTimer
CreateNamedPipeA
CreateEventW
OpenEventA
GetTimeFormatA
SleepEx
DeviceIoControl
IsDBCSLeadByte
SetFileAttributesA
GlobalGetAtomNameW
GetModuleFileNameA
GetTimeZoneInformation
CompareFileTime
LocalSize
GetWindowsDirectoryW
GetThreadContext
CreateEventA
HeapAlloc
HeapValidate
GetStartupInfoW
GetTempFileNameA
DeleteCriticalSection
SetWaitableTimer
SetThreadContext
GetPriorityClass
lstrcmpiW
DeleteFileA
GetSystemTimeAdjustment

shlwapi

StrToIntW

Exports

Exports

?GenericOutputInfoYSUh@@YGK_KHE[D

Sections

.text
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 21KB - Virtual size: 76KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 107KB - Virtual size: 107KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ef18ac9bff286299351d2e11b9b8a139

Headers

File Characteristics

PDB Paths

Imports

msvcrt

user32

kernel32

shlwapi

Exports

Exports

Sections

.text Size: 8KB - Virtual size: 8KB

.data Size: 21KB - Virtual size: 76KB

.rsrc Size: 107KB - Virtual size: 107KB

.reloc Size: 2KB - Virtual size: 1KB

.text
Size: 8KB - Virtual size: 8KB

.data
Size: 21KB - Virtual size: 76KB

.rsrc
Size: 107KB - Virtual size: 107KB

.reloc
Size: 2KB - Virtual size: 1KB