71b654dafc940e67bad8b689d3dc103b_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

71b654dafc940e67bad8b689d3dc103b_JaffaCakes118
Size

60KB
MD5

71b654dafc940e67bad8b689d3dc103b
SHA1

6646948def7237382b8009ae87f48e18f3df1f1d
SHA256

d9a0f8f5bfbf08a72c3d4112c4fabe064921b9cc31738373f8718f9720dfd0d4
SHA512

2c7d9ab8c6955d7fb4c5ec769892c1f7f5a5932a8b7abff8253b04f2d89dc809bdbfff84b0bbb24c952879b844733032ad8bbb7458d3975e3cc504a524959c90
SSDEEP

768:tNtmVmCWVYAAiqbJ6IRH/q8sPK16ePWuMRrOq3Z5WM+cPZLhkY8DWCk58IC:TtOR/hRRfVseidOmpZIFLM8IC

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
71b654dafc940e67bad8b689d3dc103b_JaffaCakes118

Files

71b654dafc940e67bad8b689d3dc103b_JaffaCakes118
.exe windows:5 windows x86 arch:x86

72ecb34589d14a62ab034e341776e8d7

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

X:\wnkiJBtruBox\blmpomvvdteqyi\hctmoraMmezdr.pdb

Imports

msvcrt

vsprintf
iswprint
floor
fputs
_controlfp
__set_app_type
__p__fmode
fflush
sprintf
puts
ftell
perror
wcspbrk
mktime
__p__commode
localtime
_amsg_exit
wcscspn
isxdigit
exit
swscanf
fread
gmtime
isprint
_initterm
fprintf
memset
_ismbblead
_XcptFilter
_exit
swprintf
isalnum
_cexit
malloc
strpbrk
fgetc
wcstod
toupper
__setusermatherr
free
vswprintf
__getmainargs
wcscoll
setvbuf
fgets
fwrite
strerror
atol

shlwapi

PathIsUNCW

comdlg32

GetFileTitleW
ChooseColorW
CommDlgExtendedError
PrintDlgW
GetOpenFileNameA
PrintDlgExW

user32

DialogBoxParamW
ArrangeIconicWindows
RegisterClassW
GetMenuItemCount
IsChild
DialogBoxIndirectParamA
IsRectEmpty
DefDlgProcA
InvalidateRect
FillRect
GetWindowDC
SetWindowRgn
OpenInputDesktop
RegisterClassExW
InvertRect
SendNotifyMessageW
GetWindowLongA
UpdateWindow
GetForegroundWindow
EndDialog
TileWindows
GetMessageExtraInfo
GetCursorPos
ValidateRect
IntersectRect
InsertMenuItemW
SystemParametersInfoA
SetUserObjectInformationW
SetWindowTextA
SetScrollPos
CharNextA
EnableScrollBar
SetWindowPlacement
ToUnicodeEx
ShowCaret
CheckRadioButton
DrawStateA
CreateMenu
DrawTextA
LoadStringW
DestroyAcceleratorTable
CharToOemW
LoadIconW
PostThreadMessageW
GetShellWindow
PostQuitMessage
SendInput
PostMessageW
CallWindowProcA
CharToOemA
MonitorFromRect
CharUpperW
keybd_event
ScreenToClient
CreateDialogParamA
GetClassLongW
GetDoubleClickTime
FindWindowA
GetScrollPos
GetKeyboardLayoutList
SetDlgItemTextW
CreateIconFromResource
CheckMenuRadioItem
IsCharUpperA
GrayStringW
EndPaint
AttachThreadInput
SendDlgItemMessageA
UnloadKeyboardLayout
PostThreadMessageA
PeekMessageA
GetMenuStringW
IsCharAlphaNumericW
CharUpperBuffW
GetKeyboardLayoutNameW
GetParent
DestroyIcon
InSendMessage
DestroyWindow
CharNextW
SendMessageW
SetTimer
GetSubMenu
SetWindowPos
GetDialogBaseUnits
GetCaretPos
GetClassInfoExA
GetKeyboardLayout
GetDlgCtrlID
CopyRect
InvalidateRgn
BeginDeferWindowPos
GetMenuItemInfoW
AllowSetForegroundWindow
LoadStringA
wvsprintfW
GetSystemMenu
SetLastErrorEx
IsZoomed
GetSysColorBrush
MapWindowPoints
GetClassNameW
GetPropW
GetNextDlgGroupItem
SetRect
MonitorFromPoint
RegisterWindowMessageA
CreateWindowExA
GetMessageA
CreateWindowExW
MapVirtualKeyExW
SetDlgItemTextA
SetScrollInfo
FindWindowExW
CreateDialogParamW
DrawIconEx
DialogBoxParamA
CheckMenuItem
HideCaret
CharNextExA
TrackPopupMenu

kernel32

MapViewOfFile
GlobalAlloc
CompareFileTime
SetPriorityClass
FreeResource
lstrcpyW
GetModuleFileNameA
SetUnhandledExceptionFilter
OpenFileMappingA
LoadLibraryExA
SetErrorMode
FileTimeToSystemTime
GlobalReAlloc
GetComputerNameExW
CopyFileA
RaiseException
TerminateThread
LCMapStringW
OpenFileMappingW
HeapFree
lstrcpynW
DisconnectNamedPipe
WinExec
HeapValidate
FindClose
SetCommTimeouts
ExitThread
GetStdHandle
UnlockFile
GetCurrentThread
GetThreadPriority
SetThreadExecutionState
GetSystemWindowsDirectoryA
SetSystemTimeAdjustment
OpenEventW
IsValidLocale
GetFileAttributesExA
lstrcpyA
GetFileTime
HeapReAlloc
GetFileType
CancelIo
ReleaseSemaphore
GetSystemTimeAsFileTime
GetSystemDefaultUILanguage
SetThreadPriority
UnmapViewOfFile
SetMailslotInfo
RegisterWaitForSingleObject
CreateEventA
SetupComm
WaitForMultipleObjects
AddAtomW
ConnectNamedPipe
CallNamedPipeW
SetCommMask

Exports

Exports

?OwnerInitDescriptor@@YGK_KK:O

Sections

.itext
Size: 21KB - Virtual size: 21KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.ips1
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ips2
Size: 512B - Virtual size: 89B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.ntrs
Size: 1024B - Virtual size: 592B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.ips3
Size: 512B - Virtual size: 192B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 25KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

72ecb34589d14a62ab034e341776e8d7

Headers

File Characteristics

PDB Paths

Imports

msvcrt

shlwapi

comdlg32

user32

kernel32

Exports

Exports

Sections

.itext Size: 21KB - Virtual size: 21KB

.ips1 Size: 6KB - Virtual size: 5KB

.ips2 Size: 512B - Virtual size: 89B

.ntrs Size: 1024B - Virtual size: 592B

.ips3 Size: 512B - Virtual size: 192B

.data Size: 3KB - Virtual size: 2KB

.rsrc Size: 25KB - Virtual size: 24KB

.reloc Size: 2KB - Virtual size: 1KB

.itext
Size: 21KB - Virtual size: 21KB

.ips1
Size: 6KB - Virtual size: 5KB

.ips2
Size: 512B - Virtual size: 89B

.ntrs
Size: 1024B - Virtual size: 592B

.ips3
Size: 512B - Virtual size: 192B

.data
Size: 3KB - Virtual size: 2KB

.rsrc
Size: 25KB - Virtual size: 24KB

.reloc
Size: 2KB - Virtual size: 1KB