68ede0279ab70d20ca361772dfb1d2e6_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

68ede0279ab70d20ca361772dfb1d2e6_JaffaCakes118
Size

219KB
MD5

68ede0279ab70d20ca361772dfb1d2e6
SHA1

70826f588fc6eedbec1dc1f832bbb790f4e2829d
SHA256

987475df8d6ea87f6d7c8999506a015ab25db78a9bff7fc2fb3ab1e538766afc
SHA512

1263196c742601a0de36b97d7e166936f6bec9e63bff1af00b76d9aad48d588402ab17ad614ea57fd8895e58b463bf5beb98be2450e31c70947f0d458d8feab9
SSDEEP

6144:KSPIcmqcarmXQJk7OVTlwPU6Q/pMAGqKAJ/v:gcmdayA2YW4/pMAGzAlv

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
68ede0279ab70d20ca361772dfb1d2e6_JaffaCakes118

Files

68ede0279ab70d20ca361772dfb1d2e6_JaffaCakes118
.exe windows:5 windows x86 arch:x86

3000f9e247e7634e9ade7abf34b100c1

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

H:\NMbnkcyA\buszlbfJGnGxi\qstfueaIn\spSybbiD.pdb

Imports

msvcrt

qsort
_controlfp
__set_app_type
perror
__p__fmode
__p__commode
strspn
sscanf
sprintf
strtoul
strerror
wcschr
fread
_amsg_exit
wcstombs
fgets
putchar
_initterm
isupper
wcscpy
wcstok
strpbrk
bsearch
wcsncmp
setlocale
_acmdln
exit
isalnum
wcsncpy
_ismbblead
_XcptFilter
isdigit
_exit
clock
_cexit
gets
__setusermatherr
ftell
iswdigit
strcspn
__getmainargs
swscanf
wcsstr
isprint
wcsrchr
printf

user32

CharUpperBuffA
InsertMenuA
CloseDesktop
DialogBoxIndirectParamA
FindWindowExA
InsertMenuW
mouse_event
ShowWindow
CheckRadioButton
LoadBitmapA
IsRectEmpty
RegisterClassW
MapVirtualKeyW
CharPrevW
PostThreadMessageA
SetWindowLongA
GetDlgCtrlID
IsIconic
DestroyWindow
CopyAcceleratorTableW
PtInRect
SetCaretPos
CreateWindowExA
ScrollWindowEx
OemToCharBuffA
GetKeyNameTextW
RegisterClassA
InSendMessageEx
DrawStateA
SetMenuItemBitmaps
CascadeWindows
CharToOemBuffA
GetDialogBaseUnits
GetTopWindow
EndTask
AppendMenuW
UnloadKeyboardLayout
SetCursor
wsprintfA
SetTimer
GetForegroundWindow
LoadIconW
ReleaseDC
WindowFromPoint
GetMenu
MapVirtualKeyA
InvalidateRect
GetWindowLongA
SetDlgItemInt
GetUserObjectInformationA
TrackPopupMenuEx
SetScrollInfo
GetUserObjectInformationW
AppendMenuA
InsertMenuItemW
MapWindowPoints
LoadCursorW
SetRectEmpty
LockWindowUpdate
GetMenuState
InternalGetWindowText
DragObject
CharToOemW
DeleteMenu
LookupIconIdFromDirectory
MonitorFromRect
FrameRect
RegisterHotKey
DrawFocusRect
GetKeyboardLayout
VkKeyScanW
SystemParametersInfoW
SendDlgItemMessageA
IntersectRect
SetCursorPos
ClientToScreen
OpenIcon
DefFrameProcA
FindWindowA
RemovePropW
GetCaretPos
CharLowerA
SetUserObjectInformationW
OpenInputDesktop
ShowCursor
TrackPopupMenu
SetActiveWindow
ValidateRect
CreateAcceleratorTableW
SendNotifyMessageW
ShowWindowAsync
AdjustWindowRect
DrawTextExW
OpenDesktopW
CreateCaret
PeekMessageW
CharUpperBuffW
GetDCEx
LoadAcceleratorsW
SetMenuDefaultItem
GetNextDlgGroupItem
SetWindowPlacement
GetSystemMenu
SetWindowLongW
DispatchMessageA
InSendMessage
SetMenu
CharToOemA
SendMessageA
GetScrollRange
GetLastActivePopup
GetClassNameW

kernel32

HeapLock
LocalLock
lstrcpynW
GetCurrentThreadId
GetSystemDefaultLangID
QueryPerformanceCounter
ClearCommBreak
LCMapStringW
ReadConsoleInputW
CreateNamedPipeW
IsBadStringPtrW
OpenFileMappingW
lstrlenW
GetTempFileNameA
GlobalMemoryStatus
FindResourceExW
RtlUnwind
GetTempPathA
GetFileAttributesExA
SleepEx
GetBinaryTypeW
lstrcpyA
CreateSemaphoreA
CreateNamedPipeA
GlobalMemoryStatusEx
LoadLibraryW
GetSystemDefaultUILanguage
GetComputerNameExA
GetThreadContext
AddAtomW
GetStringTypeExW
GetCommState
SetupComm
TerminateThread
DeleteFileW
GetFileAttributesExW
GetTimeFormatW
GetLastError
GetCommProperties
SetEvent
OpenFile
CreateFileA
lstrlenA
GetSystemTime
GetCurrentProcessId
HeapUnlock
GlobalLock
CopyFileA
SetThreadPriority
GetLocalTime
SetMailslotInfo
SetNamedPipeHandleState
ReleaseSemaphore

gdi32

SetPaletteEntries
PathToRegion
GetROP2
GetLayout
SetAbortProc
SelectObject
CreateICW
GetTextExtentExPointW
GetSystemPaletteUse
CreatePatternBrush
StretchDIBits
WidenPath
ExtFloodFill
CreateCompatibleBitmap
SetViewportExtEx
SetDIBitsToDevice
GetTextExtentPointW
SetPixel
EnumFontFamiliesW
GetNearestPaletteIndex
RealizePalette
PolyBezier
ExcludeClipRect
GetDIBits
BitBlt
StartPage
PtVisible
CreatePalette
CreateBrushIndirect
RectVisible
CreatePenIndirect
GetFontData
SetViewportOrgEx
SetROP2
SelectClipRgn
CreateFontW
GetBitmapBits
ScaleWindowExtEx
DeleteDC
PtInRegion
SetRectRgn
GetSystemPaletteEntries
AddFontResourceW
RoundRect
LineDDA
GetWindowOrgEx
Polygon

Exports

Exports

?LoadThreadExW@@YGPAFEPAF&U
?CopyFullNameOld@@YGPAXGHPAI&U
?CancelListItemA@@YGKEF&U
?KillHeightExW@@YGXIE_N&U
?EnumKeyNameExW@@YGXPANHF&U
?AddEventExA@@YGPAGE&U
?CloseWidthOriginal@@YGFKKM&U
?OnOptionA@@YGPA_NIPAJMM&U
?EnumConfigW@@YGPAJPAGDMD&U
?SendStringExA@@YGDDI&U
?AddPointerOld@@YGPADF&U
?CopyDataExA@@YGPAEPAGN&U
?KillArgumentExW@@YGGJ&U
?ValidatePenA@@YGXGIPAJ&U
?IsThreadA@@YGIPAEPAIJPAG&U
?IncrementMutexOld@@YGF_ND&U
?AddPath@@YGJPAKPAHPAD&U
?RemoveFolderPathOriginal@@YGX_NPAJPAMM&U
?ShowProject@@YGGHKH&U
?OnTaskW@@YGMKDFPAJ&U
?ModifyMutantOld@@YG_NIDPAD&U
?IncrementFileExA@@YGJPAFFPADPAE&U
?DecrementCharNew@@YGGK&U
?IncrementProvider@@YGPAEGPAE&U
?GlobalFunction@@YGFEPANMPAH&U
?OnDateTimeNew@@YGMPAGH&U
?SendPointerOld@@YGMKF_NG&U
?PutWidthExA@@YGXI&U
?AnchorExW@@YGIIHHPAG&U
?RemoveFolderPathExW@@YGIHPAEF&U
?HideMediaType@@YGPAHJPAGPAK&U
?InsertMemoryExW@@YGPAXHI&U
?EnumDataOld@@YGEMPAJPAEPAE&U
?RemoveFolderExA@@YGPADNE&U
?SendMutant@@YGPAKPADEPAF&U
?CopyDirectoryExW@@YGKJPAHPADPAK&U
?InvalidatePointerEx@@YGIPADH&U
?CrtVersion@@YGDPAJPA_NPAJ&U

Sections

.text
Size: 84KB - Virtual size: 84KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.imp
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.exp
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.code
Size: 512B - Virtual size: 32B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.byte
Size: 512B - Virtual size: 44B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 6KB - Virtual size: 58KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 108KB - Virtual size: 107KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

3000f9e247e7634e9ade7abf34b100c1

Headers

File Characteristics

PDB Paths

Imports

msvcrt

user32

kernel32

gdi32

Exports

Exports

Sections

.text Size: 84KB - Virtual size: 84KB

.imp Size: 1KB - Virtual size: 1KB

.exp Size: 1KB - Virtual size: 1KB

.code Size: 512B - Virtual size: 32B

.byte Size: 512B - Virtual size: 44B

.data Size: 13KB - Virtual size: 13KB

.rdata Size: 6KB - Virtual size: 58KB

.rsrc Size: 108KB - Virtual size: 107KB

.reloc Size: 2KB - Virtual size: 1KB

.text
Size: 84KB - Virtual size: 84KB

.imp
Size: 1KB - Virtual size: 1KB

.exp
Size: 1KB - Virtual size: 1KB

.code
Size: 512B - Virtual size: 32B

.byte
Size: 512B - Virtual size: 44B

.data
Size: 13KB - Virtual size: 13KB

.rdata
Size: 6KB - Virtual size: 58KB

.rsrc
Size: 108KB - Virtual size: 107KB

.reloc
Size: 2KB - Virtual size: 1KB