69af2d96f3504ee18539ab86b0904c32_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

69af2d96f3504ee18539ab86b0904c32_JaffaCakes118
Size

292KB
MD5

69af2d96f3504ee18539ab86b0904c32
SHA1

637205bd00ab9191ed91a320e420215f2239afc1
SHA256

47e33efa6968d1aa773361bb5f28586b82e0f0da8b665d6d09c036828cc70e40
SHA512

3075cb28944ef1eb67ee959d026e49ebb4b20d8cb7b0fc9cf789109f7da47fe93b3c591cf4c0ff37171a30c9acd8f735586e36aed30255b3a5a52995ee9a34fc
SSDEEP

3072:v7JBRMTpnCT5AlHJgKTTq4Hy0g8M8bACWYrHZFJ5UmBcDFgVImpoX0U:fRGg5AltT+4Hyd8M8McZ/5bB8gu3X0

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
69af2d96f3504ee18539ab86b0904c32_JaffaCakes118

Files

69af2d96f3504ee18539ab86b0904c32_JaffaCakes118
.exe windows:5 windows x86 arch:x86

4059cbf268f94dea2bcae89e771991ae

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

X:\aYhwdmX\nZoGseuWnM\xlhFzQqaqygdL\QfwNrpVxnv.pdb

Imports

comctl32

CreatePropertySheetPageW
ImageList_AddMasked
PropertySheetW
ImageList_Remove
ImageList_LoadImageW
ImageList_Draw

gdi32

PatBlt
GetPixel
IntersectClipRect
GetSystemPaletteUse
SetDIBColorTable
GetTextFaceW
GetObjectW
GetObjectA
SetWindowOrgEx
SelectPalette
TextOutW
SetAbortProc
SetStretchBltMode
CreateRectRgn
EndDoc
SetTextAlign
DeleteDC
SetBkColor
SetPixel
GetFontData
SelectClipRgn
GetBitmapBits
CreateDiscardableBitmap
ScaleViewportExtEx
SetWindowExtEx
SetBrushOrgEx
EnumFontFamiliesExW
ScaleWindowExtEx
GetCharWidth32W
RectVisible
SetMapMode
GetTextExtentPoint32A
GetTextExtentPointW
RectInRegion
Polyline
GetDIBColorTable
CreateICW
OffsetViewportOrgEx
ResizePalette
GetWindowOrgEx
DeleteObject
GetTextExtentPointA
CreateHatchBrush
CreateFontIndirectW

kernel32

GlobalMemoryStatusEx
MoveFileExW
CreateMutexW
SetThreadPriority
GetDateFormatA
FlushViewOfFile
GetShortPathNameW
LoadLibraryW
SleepEx
FindNextChangeNotification
VerSetConditionMask
GetFullPathNameW
lstrcmpA
VerifyVersionInfoW
SetThreadContext
GetFileAttributesExA
SearchPathW
GetCommProperties
SetFileAttributesA
GetTempPathA
ResumeThread
GetThreadPriority
HeapSize
GetFileSize
GetTempFileNameA
PulseEvent
FindResourceExW
GetCommandLineA
GetThreadLocale
lstrcmpiW
GetHandleInformation
GetComputerNameExW
GlobalCompact
SetTimerQueueTimer
GetTempPathW
HeapUnlock
FreeResource
SetThreadLocale
EnumResourceNamesA
UnlockFile
GetSystemWindowsDirectoryA
lstrcmpW
GetBinaryTypeW
GlobalGetAtomNameA
SetFileApisToOEM
GetAtomNameW
GetWindowsDirectoryW
OpenFileMappingA
GetLastError
TlsSetValue
GetUserDefaultLangID

msvcrt

_controlfp
__set_app_type
iswprint
isspace
swscanf
wcsncpy
fprintf
wcstok
wcstod
__p__fmode
__p__commode
wcscoll
mktime
malloc
printf
_amsg_exit
wcstombs
_initterm
_acmdln
strtoul
setlocale
fclose
wcsstr
exit
_ismbblead
sprintf
_XcptFilter
fputs
_exit
gets
iswctype
strcspn
wcsncmp
fread
iswalpha
strerror
remove
isdigit
clearerr
ungetc
_cexit
__setusermatherr
swprintf
toupper
__getmainargs

user32

EndTask
GrayStringW
MoveWindow
SystemParametersInfoA
DialogBoxIndirectParamA
BringWindowToTop
FindWindowExW
DrawStateA
LockWindowUpdate
DefWindowProcA
RegisterClassExA
DragObject
GetLastActivePopup
CascadeWindows
GetKeyboardType
GetUserObjectInformationA
OffsetRect
MessageBoxExA
TranslateAcceleratorW
CharLowerW
MessageBoxA
WaitMessage
GetDesktopWindow
GetClassInfoExA
DialogBoxIndirectParamW
PeekMessageA
RemoveMenu
InflateRect
MonitorFromRect
IsWindow
GetWindowTextA
ScreenToClient
DefDlgProcA
SetTimer
GetDlgItemTextA
DestroyMenu
SetDlgItemTextA
RegisterWindowMessageA
GetMenuItemRect
DispatchMessageW
ClipCursor
KillTimer
CharPrevW
PeekMessageW
DestroyCaret
CharNextExA
GetSubMenu
CheckRadioButton
CharPrevA
CharLowerA
GetSysColor
ReleaseDC
GetNextDlgGroupItem
EnumThreadWindows
CallWindowProcA
CheckMenuRadioItem
IsCharUpperA
LoadBitmapW
PostThreadMessageW
GetKeyboardLayoutNameW
AppendMenuA
ValidateRect
SetLastErrorEx
GetClassNameW
DeleteMenu
InSendMessage
LoadIconA
SetScrollRange
CreatePopupMenu
AdjustWindowRectEx
LoadMenuA
BeginDeferWindowPos
DrawMenuBar
FillRect
SetDlgItemTextW
CopyAcceleratorTableW
MonitorFromPoint
GetClassInfoA
RemovePropW
CopyRect
GetMessageW
ExitWindowsEx
SendInput
DestroyWindow
mouse_event
InvalidateRgn
OemToCharBuffA
SetClassLongW
wvsprintfW
GetWindowRect
FindWindowA
GetMenuStringA
GetMessageTime
LoadStringA
SetRectEmpty
LoadStringW
CreateCaret
OpenDesktopW
IsWindowVisible
CharToOemBuffA
LoadImageA
CreateIconIndirect
FindWindowExA
GetShellWindow
GetMessageA
LoadAcceleratorsA
CharNextA
wsprintfA

comdlg32

GetSaveFileNameW
GetOpenFileNameA
ChooseFontW
CommDlgExtendedError

Exports

Exports

?IsNotComponentExW@@YGMPAIDJE@Z
?EnumClassExA@@YGPAKM@Z
?InstallDateTimeA@@YGPAFIJPAJ@Z
?RtlOptionExW@@YGGDNPADN@Z
?CrtTaskA@@YGXPAHE@Z
?IsFolderEx@@YGHIE@Z
?HideWindowInfoOld@@YGPAMMNM@Z
?ShowTimerOld@@YGGPAFGFPAJ@Z
?SetTaskA@@YGIH@Z
?AppNameNew@@YGFIPAHH@Z
?CloseDateTimeEx@@YGHPAGGPAKPAJ@Z
?IsNotWidth@@YGPADJEH@Z
?AddValueExA@@YGIK@Z
?ShowTextEx@@YGKJPA_NK@Z
?PutProcessNew@@YGPAEPAHF@Z
?RemoveProjectOriginal@@YGPANPAIED@Z
?GetVersionExA@@YGPAKE@Z
?ModifyFullName@@YGPAKPA_NFPAMM@Z
?FreeConfigOld@@YGPAEJPAM@Z
?KillWindowInfo@@YG_NDPAEPAFH@Z
?InstallProfileExA@@YGIPAFPAG@Z
?SetTaskNew@@YGPANPAJ@Z
?EnumStringA@@YGIPAGPAH@Z
?IncrementDevice@@YGPADPAHJ@Z
?GlobalNameNew@@YGXGMK@Z
?SystemA@@YGGMFPAK@Z
?IsDirectoryA@@YGPAHMJ@Z
?FormatProjectEx@@YGPADK@Z
?FindCommandLineExW@@YGPAEPADEKPAD@Z
?IsProviderW@@YGJJH@Z
?IncrementChar@@YGFIN@Z
?ValidateThreadNew@@YGPAXPAI@Z
?StateExA@@YGPAXPAHJ@Z
?KillStringA@@YGGDPAND@Z
?GenerateSemaphoreExW@@YGPAXFF@Z
?InsertText@@YGPAXPAF@Z

Sections

.text
Size: 60KB - Virtual size: 60KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.dt_i
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.dt_e
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 77KB - Virtual size: 77KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 129KB - Virtual size: 129KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

4059cbf268f94dea2bcae89e771991ae

Headers

File Characteristics

PDB Paths

Imports

comctl32

gdi32

kernel32

msvcrt

user32

comdlg32

Exports

Exports

Sections

.text Size: 60KB - Virtual size: 60KB

.dt_i Size: 6KB - Virtual size: 6KB

.dt_e Size: 1KB - Virtual size: 1KB

.data Size: 13KB - Virtual size: 13KB

.rdata Size: 77KB - Virtual size: 77KB

.rsrc Size: 129KB - Virtual size: 129KB

.reloc Size: 2KB - Virtual size: 1KB

.text
Size: 60KB - Virtual size: 60KB

.dt_i
Size: 6KB - Virtual size: 6KB

.dt_e
Size: 1KB - Virtual size: 1KB

.data
Size: 13KB - Virtual size: 13KB

.rdata
Size: 77KB - Virtual size: 77KB

.rsrc
Size: 129KB - Virtual size: 129KB

.reloc
Size: 2KB - Virtual size: 1KB