717940372562b50edeefe730aff20aa7_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

717940372562b50edeefe730aff20aa7_JaffaCakes118
Size

221KB
MD5

717940372562b50edeefe730aff20aa7
SHA1

ad9b477c9f4bfcb71c0449940321ff566e7a1fb7
SHA256

1c9603454126c485f64d2b6dd3758f3a6d390e280048d3c61e8257c7aec490be
SHA512

bf0c04a816e654afaeae026265d8397e087177c40d5b6eafcee5aa91f955df406c90062b6a54f491e711fcadffa0a87b017b5d0b2f185c93aa1e0510c0611534
SSDEEP

6144:xb4wpCwr70sh/aLapVReG82gr24XNmWk7O7:6wAwrb8G8V24XY2

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
717940372562b50edeefe730aff20aa7_JaffaCakes118

Files

717940372562b50edeefe730aff20aa7_JaffaCakes118
.exe windows:5 windows x86 arch:x86

cbb0789934288318183a9223f28a2cb6

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

J:\bChInvsF\uyjAdlGwkzm\oIHpnelkifw\ylewlrdzUYw.pdb

Imports

msvcrt

fflush
vsprintf
_controlfp
wcsstr
strtok
wcstod
iswspace
wcsncpy
clock
putchar
__set_app_type
__p__fmode
wcstok
mbtowc
__p__commode
fclose
_amsg_exit
iswctype
strerror
_initterm
_acmdln
getenv
wcstol
exit
strpbrk
_ismbblead
isalnum
strncpy
free
_XcptFilter
wcslen
perror
ungetc
_exit
_cexit
strchr
wcscmp
__setusermatherr
wcspbrk
strcspn
mktime
wcschr
time
rand
__getmainargs
strncmp

comctl32

ImageList_GetIconSize
ImageList_LoadImageW
ImageList_AddMasked
ImageList_Read
ImageList_Write
ImageList_GetImageCount

user32

IsDialogMessageA
keybd_event
SetScrollInfo
GetKeyboardLayoutNameW
GetClassInfoA
SetFocus
EndDialog
ChildWindowFromPointEx
SetWindowPos
BringWindowToTop
EnumWindows
HideCaret
DrawMenuBar
PeekMessageW
GetMenuItemCount
SetCaretPos
GetFocus
UnloadKeyboardLayout
GetClassLongA
LoadStringA
FindWindowW
IsCharAlphaW
AllowSetForegroundWindow
DefFrameProcW
UpdateWindow
DispatchMessageW
ScreenToClient
InternalGetWindowText
MapVirtualKeyA
GetMenuStringW
wsprintfW
InvertRect
CopyImage
SetMenu
AttachThreadInput
SetWindowTextW
RemoveMenu
CreateDialogParamW
CreateWindowExW
MapVirtualKeyExW
ModifyMenuW
GetLastActivePopup
CreateDialogParamA
TranslateAcceleratorW
DeleteMenu
CharPrevA
WaitMessage
DefWindowProcA
IsCharLowerA
DialogBoxParamA
LoadImageA
GetIconInfo
SetLastErrorEx
LoadAcceleratorsW
CheckMenuItem
DrawFrameControl
GetSystemMetrics
ChildWindowFromPoint
InvalidateRect
IsCharAlphaNumericW
wvsprintfW
GetMenuStringA
DrawIcon
TabbedTextOutW
RegisterWindowMessageW
SetPropW
ChangeMenuW
FrameRect
ReleaseDC
ClientToScreen
CharUpperBuffW
SetForegroundWindow
LoadStringW
WindowFromPoint
GetWindowTextA
SystemParametersInfoA
EnumThreadWindows
GetKeyboardType
SendMessageTimeoutW
CharToOemA
SendInput
InsertMenuA
GetWindowRect
SetMenuDefaultItem
ScrollWindow
GetNextDlgTabItem
SetDlgItemInt
GrayStringW
InsertMenuItemW
LoadCursorA
SetDlgItemTextA
SetScrollRange
SetActiveWindow
IsDialogMessageW
EnableScrollBar
DeferWindowPos
TrackPopupMenuEx
GetKeyboardLayout
MonitorFromRect
GetSysColor
DefDlgProcA
SetTimer
OpenIcon
DispatchMessageA
CreateIconIndirect
RegisterClassExA
GetMenuItemID
GetDialogBaseUnits

kernel32

LockFile
FindNextFileA
GetLongPathNameW
SetPriorityClass
TlsFree
WaitForMultipleObjectsEx
GetStringTypeExW
UnhandledExceptionFilter
GetCommConfig
CreatePipe
VirtualProtect
FormatMessageA
GetStartupInfoA
FileTimeToDosDateTime
GlobalReAlloc
RemoveDirectoryA
GetAtomNameA
DeleteFileW
MoveFileA
FindNextChangeNotification
RemoveDirectoryW
GetFileTime
OpenFile
GetExitCodeProcess
VirtualAlloc
DeleteCriticalSection
LoadLibraryW
lstrcmpW
lstrcmpA
CreateFileMappingA
EnumResourceNamesA
GlobalHandle
SetLastError
LocalUnlock
GlobalAlloc
HeapCreate
OpenProcess
GlobalFlags
GetUserDefaultUILanguage
ReleaseSemaphore
LCMapStringA
SetThreadAffinityMask
GetCurrentProcessId
GlobalUnlock
ReadConsoleInputW
GetFileAttributesExW
GlobalFindAtomW
MoveFileExW
SearchPathW
LoadResource
GetBinaryTypeW
GetTickCount
TerminateThread
FindResourceExW
GetLocaleInfoW

gdi32

OffsetRgn
TranslateCharsetInfo
EnumFontFamiliesExW
StretchBlt
SetBrushOrgEx
SetWindowOrgEx
MoveToEx
PolyBezier
SetDIBColorTable
GetCharWidth32W
SetDIBitsToDevice
Polyline
EnumFontFamiliesW
CreateEllipticRgnIndirect
PatBlt
GetTextExtentPointW
SetBkColor
SetROP2
SetTextColor
CreateICW
Ellipse
AddFontResourceW
CreateRectRgn
CreateHatchBrush
CreatePatternBrush
CreatePalette
Escape
SetViewportExtEx
CreateCompatibleDC
CreateHalftonePalette
CreateFontIndirectW
FillRgn
CreateFontIndirectA
BeginPath
PtInRegion
GetRgnBox
SetTextAlign
PtVisible
GetTextFaceW
TextOutA
GetTextExtentPoint32A
SetMapMode
LPtoDP
GetFontData

Exports

Exports

?DecrementListEx@@YGPANF&U
?DecrementSizeExA@@YGKMPADI&U
?ShowPointer@@YGEPAE&U
?CopyThreadW@@YGGFDH&U
?SetProcess@@YG_N_ND&U
?GlobalMutantNew@@YGPAMPAG&U
?IsNotTimeOld@@YGDPAH&U
?OnConfigA@@YGPAEPAGHHI&U
?EnumList@@YGPAXKPAK&U
?DialogEx@@YGMG&U
?CrtObjectOriginal@@YGPADJPAMJF&U
?InsertPointEx@@YGPAXF&U
?CancelTaskW@@YGKFI&U
?DecrementWindowInfo@@YGXFH&U
?ModifyAnchorExA@@YGXKJPAD&U
?Config@@YGPAXGPAI&U
?InvalidateComponentExA@@YGPAFKPAGEM&U
?CancelThreadNew@@YGFKHHPAE&U
?SetValueEx@@YGKI&U
?ValidateHeightW@@YGXPAG&U
?ValidateListItemA@@YGXHNPAEPAM&U
?HideFolderA@@YGXIK&U
?CancelExpression@@YGPAEPAEED_N&U
?RtlPointerExA@@YGPAXHDPAN&U
?CloseMediaTypeNew@@YGPAHEPAIF&U
?PutRectNew@@YGPA_NPAE&U
?ClosePenExW@@YGHGEPAGE&U
?IncrementAnchorNew@@YG_NH&U
?FreeFolder@@YGKPAFPADDD&U
?LoadMutexA@@YGPAHM&U
?RtlListItemEx@@YGJHJG&U
?FormatDateA@@YGXPAKPAD&U
?FreeHeightExA@@YGX_N&U
?CancelKeyName@@YGMPADGF&U
?InvalidateFilePathEx@@YGPAEPADPAEIG&U
?LoadDateW@@YG_NPAI&U
?EnumAnchorExW@@YGJD&U

Sections

.text
Size: 192KB - Virtual size: 192KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tbl_i
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tbl_e
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bitdat2
Size: 512B - Virtual size: 32B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bitdat0
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bitdat1
Size: 512B - Virtual size: 44B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.vptr4
Size: 512B - Virtual size: 32B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 1024B - Virtual size: 668B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

cbb0789934288318183a9223f28a2cb6

Headers

File Characteristics

PDB Paths

Imports

msvcrt

comctl32

user32

kernel32

gdi32

Exports

Exports

Sections

.text Size: 192KB - Virtual size: 192KB

.tbl_i Size: 1KB - Virtual size: 1KB

.tbl_e Size: 1KB - Virtual size: 1KB

.bitdat2 Size: 512B - Virtual size: 32B

.bitdat0 Size: 5KB - Virtual size: 5KB

.bitdat1 Size: 512B - Virtual size: 44B

.vptr4 Size: 512B - Virtual size: 32B

.data Size: 13KB - Virtual size: 13KB

.rdata Size: 1024B - Virtual size: 668B

.rsrc Size: 512B - Virtual size: 16B

.reloc Size: 2KB - Virtual size: 2KB

.text
Size: 192KB - Virtual size: 192KB

.tbl_i
Size: 1KB - Virtual size: 1KB

.tbl_e
Size: 1KB - Virtual size: 1KB

.bitdat2
Size: 512B - Virtual size: 32B

.bitdat0
Size: 5KB - Virtual size: 5KB

.bitdat1
Size: 512B - Virtual size: 44B

.vptr4
Size: 512B - Virtual size: 32B

.data
Size: 13KB - Virtual size: 13KB

.rdata
Size: 1024B - Virtual size: 668B

.rsrc
Size: 512B - Virtual size: 16B

.reloc
Size: 2KB - Virtual size: 2KB