6996dad5da2356c9c71bc359de20de21_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

6996dad5da2356c9c71bc359de20de21_JaffaCakes118
Size

209KB
MD5

6996dad5da2356c9c71bc359de20de21
SHA1

58ae7744442c0734938b5634ad67af5a574e47e7
SHA256

a47498d82d9896c2ada419414444c11dfbf27beb92d588def2afe495f7a44312
SHA512

b71bed97eac13b40e320a2777cc6d43ff9b23829a9a846d86fce66073a5b35f2f84708cd516bb218757a1e54e66f804f05e782ebabfbb9a2e22c7da433105bf8
SSDEEP

6144:kgs2M5qp1uFzYPRBzPWJEGVh54pA1QrE+F+PWoqZlgu:dsJqp1u1Y3zgapUpWHg

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
6996dad5da2356c9c71bc359de20de21_JaffaCakes118

Files

6996dad5da2356c9c71bc359de20de21_JaffaCakes118
.exe windows:5 windows x86 arch:x86

e286555948a4f71b3f2969e6bb92f1d0

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

L:\uRiVrrbxbHuo\AcpzdHiQvmgOq\wimkKaJv\jraInLfjLbekTV\vOxLICZeJHfCst.pdb

Imports

gdi32

GetPixel
GetTextExtentPointA
ResizePalette
OffsetViewportOrgEx
CreateEllipticRgnIndirect
RectInRegion
CreateDIBSection
CreateBitmapIndirect
GetTextExtentPoint32W
CreateDiscardableBitmap
RemoveFontResourceW
SetDIBColorTable
CreateICW
LPtoDP
TextOutW
DPtoLP
CreatePalette
CreateDIBitmap
CombineRgn
AddFontResourceW
LineDDA
GetDeviceCaps
CreateSolidBrush
ScaleViewportExtEx
CreatePen
CreateBitmap
EndPage
DeleteObject
UnrealizeObject
StartDocW
CreatePatternBrush
GetDIBits
GetTextMetricsW
SetPixel
IntersectClipRect
GetROP2
PathToRegion
SetBkMode
GetObjectA
EndDoc
ExtFloodFill
GetViewportOrgEx
GetSystemPaletteUse
SetViewportExtEx
RoundRect
CreateDCW
ScaleWindowExtEx
StretchDIBits
LineTo
CreateCompatibleBitmap

comctl32

ImageList_SetIconSize
ImageList_Destroy
ImageList_GetImageCount
CreateStatusWindowW
CreateToolbarEx
ImageList_AddMasked
ImageList_GetIcon

kernel32

CreateFileMappingA
GetLongPathNameW
GetUserDefaultLCID
GetModuleFileNameA
GlobalAlloc
GetThreadPriority
CreateDirectoryA
FindResourceExA
SetThreadExecutionState
FindNextFileW
LocalUnlock
SetMailslotInfo
GetFullPathNameW
GetSystemWindowsDirectoryW
HeapFree
FileTimeToSystemTime
GetCommModemStatus
GetCurrentThread
FindFirstFileA
GetFullPathNameA
GetStartupInfoA
GetCurrentThreadId
CopyFileA
ClearCommError
GetLocaleInfoW
ExitThread
GetOEMCP
lstrcpynA
WaitForMultipleObjects
VirtualQuery
VerifyVersionInfoW
lstrcpyW
lstrcmpiA
SetNamedPipeHandleState
VerSetConditionMask
FlushViewOfFile
SleepEx
MapViewOfFile
GetStartupInfoW
WaitCommEvent
Sleep
QueryPerformanceCounter
FindNextChangeNotification
MoveFileExA
GetThreadLocale
GetWindowsDirectoryA
GetTempPathA
GetModuleHandleA
CancelIo
ConvertDefaultLocale
CreateDirectoryW
GetBinaryTypeW
OpenSemaphoreW
IsBadCodePtr
GetCommProperties
GlobalAddAtomW
QueryDosDeviceW
UnlockFile
GlobalGetAtomNameW
WaitForSingleObjectEx

msvcrt

malloc
wcsncpy
iswxdigit
system
_controlfp
iswctype
isxdigit
__set_app_type
gets
mbstowcs
isalnum
strcpy
getenv
__p__fmode
vswprintf
perror
fwrite
__p__commode
wcsrchr
memset
vsprintf
mktime
toupper
strncmp
bsearch
fflush
putchar
swprintf
fgets
_amsg_exit
_initterm
_acmdln
strerror
exit
_ismbblead
_XcptFilter
_exit
wcspbrk
strcspn
fseek
qsort
_cexit
__setusermatherr
realloc
atol
fread
rand
islower
fclose
__getmainargs
strtok

user32

ScrollWindowEx
GetKeyboardType
SetUserObjectInformationW
SetWindowPos
GetMenu
SendNotifyMessageW
PtInRect
LoadBitmapA
GetTopWindow
TranslateAcceleratorW
UnionRect
GetIconInfo
TranslateMessage
ToUnicodeEx
GetWindowLongA
LoadMenuA
IsWindowUnicode
PostThreadMessageW
mouse_event
DefDlgProcA
ShowCursor
DrawStateW
SystemParametersInfoA
ModifyMenuW
GetScrollInfo
wsprintfA
GetClassNameW
GetWindowLongW
CharUpperBuffA
RemovePropW
AllowSetForegroundWindow
GetMenuItemID
AttachThreadInput
DialogBoxParamW
SetScrollRange
DispatchMessageW
TrackPopupMenuEx
GetKeyboardLayoutList
GetDesktopWindow
EnumWindows
CreateDialogParamA
IsMenu
GetForegroundWindow
ChildWindowFromPointEx
SetRect
TrackPopupMenu
GetAsyncKeyState
FindWindowW
IsDialogMessageW
CharToOemW
GetSystemMenu
SetDlgItemTextA
CharLowerW
IsWindowEnabled
CheckMenuRadioItem
GetSystemMetrics
IntersectRect
GetClassInfoExW
MessageBoxW
MoveWindow
KillTimer
GetKeyboardLayoutNameW
GetClassInfoW
CreateMenu
DestroyMenu
InflateRect
DefDlgProcW
CheckMenuItem
GetClassLongA
InvalidateRect
GetDlgItemInt
CharNextA
GetWindowPlacement
CreateWindowExA
SendMessageTimeoutA
FindWindowA
DrawFocusRect
CheckDlgButton
GetMessageExtraInfo
WindowFromPoint
GetPropW
ReplyMessage
ClientToScreen
DialogBoxIndirectParamW
GetMenuStringW
GetMessagePos
DrawStateA
GetWindowRect
IsChild
DefFrameProcW
ScreenToClient
MapWindowPoints
UnloadKeyboardLayout
SetDlgItemInt
ShowOwnedPopups
SetScrollInfo
CreateWindowExW
CharNextExA
GetUpdateRect
DrawIcon
GetDlgItemTextA
CopyRect
CharLowerBuffW
IsIconic
CloseDesktop
GetMenuCheckMarkDimensions
GetShellWindow
GetDoubleClickTime
SetLastErrorEx
IsCharAlphaNumericW
keybd_event
LoadIconA
CheckRadioButton
LoadStringW
CharPrevA
OpenIcon
LoadAcceleratorsW
UpdateWindow
GetDlgCtrlID
GetKeyState
SetScrollPos
PostMessageA
WaitMessage
CharUpperW
DestroyAcceleratorTable
GetWindowTextW
ArrangeIconicWindows

Exports

Exports

?Keyboard@@IJFPAFH@X
?IsValidMemoryOld@@IJPAMPAJ@X
?InvalidateMediaTypeA@@IJIJ@X
?SendDeviceExW@@IJPAFPAM_N@X

Sections

.text
Size: 124KB - Virtual size: 123KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.import
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.cfg1
Size: 512B - Virtual size: 44B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pcode
Size: 13KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.cfg2
Size: 512B - Virtual size: 44B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.cfg3
Size: 1024B - Virtual size: 538B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 56KB - Virtual size: 56KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e286555948a4f71b3f2969e6bb92f1d0

Headers

File Characteristics

PDB Paths

Imports

gdi32

comctl32

kernel32

msvcrt

user32

Exports

Exports

Sections

.text Size: 124KB - Virtual size: 123KB

.import Size: 1KB - Virtual size: 1KB

.rdata Size: 6KB - Virtual size: 6KB

.cfg1 Size: 512B - Virtual size: 44B

.pcode Size: 13KB - Virtual size: 12KB

.cfg2 Size: 512B - Virtual size: 44B

.cfg3 Size: 1024B - Virtual size: 538B

.data Size: 2KB - Virtual size: 5KB

.rsrc Size: 56KB - Virtual size: 56KB

.reloc Size: 2KB - Virtual size: 2KB

.text
Size: 124KB - Virtual size: 123KB

.import
Size: 1KB - Virtual size: 1KB

.rdata
Size: 6KB - Virtual size: 6KB

.cfg1
Size: 512B - Virtual size: 44B

.pcode
Size: 13KB - Virtual size: 12KB

.cfg2
Size: 512B - Virtual size: 44B

.cfg3
Size: 1024B - Virtual size: 538B

.data
Size: 2KB - Virtual size: 5KB

.rsrc
Size: 56KB - Virtual size: 56KB

.reloc
Size: 2KB - Virtual size: 2KB