6ee0da96633ffb71c10c58282bbcc36a_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

6ee0da96633ffb71c10c58282bbcc36a_JaffaCakes118
Size

219KB
MD5

6ee0da96633ffb71c10c58282bbcc36a
SHA1

16fef43e89eda632251b1d5aa3e5aac1916702b4
SHA256

714eb940f1cc1735d4291e012b065c220424ce6fdc7ff5bb9dd88535b180a1a7
SHA512

b1694e20535d25062a348bae1afdcd3e1281c21b381e67ccbaff913c9f091b176e2da68d25b1f564796b70f90225a1e1508ad72a2ac322564ea0acb79284e43a
SSDEEP

6144:yxamAKg7NV5oPBlcN6v/xlantb9KxDbn/l0:7N5+Pzhv/etcB

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
6ee0da96633ffb71c10c58282bbcc36a_JaffaCakes118

Files

6ee0da96633ffb71c10c58282bbcc36a_JaffaCakes118
.exe windows:5 windows x86 arch:x86

d7c87e26eac8d3281b9c510ce0c8b606

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

I:\zxLcvfeMe\dslwjgr\LhuDZdueb\UernGyumqkco\xQSyjToqZi.pdb

Imports

psapi

GetProcessImageFileNameA

msvcrt

wcstok
wcstol
_controlfp
wcsncpy
strstr
strerror
strpbrk
strspn
iswdigit
__set_app_type
iswspace
wcsstr
wcschr
wcslen
__p__fmode
sscanf
puts
__p__commode
fseek
_amsg_exit
wcscpy
remove
bsearch
toupper
_initterm
_ismbblead
getc
wcscmp
_XcptFilter
_exit
isalpha
rand
wcscspn
mktime
system
isprint
_cexit
wcstombs
setvbuf
qsort
putc
__setusermatherr
__getmainargs
isspace

kernel32

GetVersionExW
FindResourceW
FileTimeToSystemTime
GetModuleFileNameA
VerifyVersionInfoW
GetProcessHeap
HeapFree
GetACP
GetFileInformationByHandle
CreateDirectoryW
HeapCreate
LocalReAlloc
FormatMessageW
GetStartupInfoA
ConnectNamedPipe
GetTempFileNameA
HeapAlloc
MulDiv
OpenEventW
SetLocalTime
WaitForSingleObjectEx
SetCommTimeouts
LoadResource
GetDateFormatW
ConvertDefaultLocale
HeapWalk
GetUserDefaultUILanguage
GetStringTypeExW
IsValidLocale
GetCommProperties
GetNumberFormatW
lstrcmpiA
GlobalSize
SetFileTime
SetCommMask
SetHandleInformation
GetExitCodeThread
LocalUnlock
DefineDosDeviceW
ClearCommError
GetSystemDefaultLangID
EnterCriticalSection
GetComputerNameExW
lstrcmpW
CreateEventW
HeapReAlloc
GetLongPathNameW
GetFileTime
FreeResource
GlobalDeleteAtom
lstrcatW
DeleteFileA
TransactNamedPipe
SetCommBreak
GetSystemWindowsDirectoryW
GetFileSize

gdi32

OffsetViewportOrgEx
PolyBezier
GetROP2
CreateCompatibleBitmap
GetTextAlign
CreateDCW
CreatePenIndirect
RealizePalette
GetTextCharsetInfo
ExtTextOutA
GetNearestColor
CombineRgn
EndDoc
OffsetRgn
CreatePen
DeleteObject
SetTextColor
IntersectClipRect
GetSystemPaletteEntries
ExtTextOutW
CreateRoundRectRgn
GetDIBColorTable
SetWindowExtEx
SetStretchBltMode
RectVisible
Polyline
SetBitmapDimensionEx
MoveToEx
StretchDIBits
GetBkMode
CreateRectRgnIndirect
GetPaletteEntries
GetCurrentObject
DPtoLP
GetTextExtentPointA
GetTextExtentPoint32A
CreateFontW
RoundRect
LineDDA
SetDIBColorTable
SelectClipRgn
CreateHalftonePalette
DeleteDC
GetRgnBox
CreateCompatibleDC
BitBlt
GetTextMetricsA

user32

ToUnicodeEx
GetWindowPlacement
GetClassInfoA
CallWindowProcA
DestroyCursor
GetMenuStringW
EqualRect
GetUpdateRgn
GetKeyboardType
IsWindowUnicode
IsWindowVisible
ShowCursor
InsertMenuA
GetDialogBaseUnits
LoadBitmapA
SendMessageTimeoutA
SendDlgItemMessageW
DrawMenuBar
SendMessageA
ReplyMessage
GetDlgItemInt
GetSysColorBrush
GetMessageA
InsertMenuItemW
EnumWindows
CopyRect
CheckMenuRadioItem
GetClassInfoW
OemToCharBuffA
GetMessageTime
DefFrameProcA
DefWindowProcA
TrackPopupMenuEx
FindWindowW
SwitchToThisWindow
TranslateAcceleratorA
IsMenu
SetUserObjectInformationW
LoadCursorA
IsIconic
SetDlgItemTextW
InvalidateRect
GetClassInfoExA
CopyImage
GetScrollPos
SetRect
GetMenuState
CharLowerW
FillRect
RemovePropW
SetClassLongW
GetWindowTextA
SetMenuDefaultItem
CreateDialogIndirectParamW
PostThreadMessageA
ShowWindowAsync
GetMenuItemInfoW
SetWindowLongA
GrayStringW
SetMenuItemInfoW
wsprintfW
CharLowerA
CharToOemW
DialogBoxIndirectParamA
CharToOemBuffA
DestroyWindow
IsCharAlphaNumericW
ReleaseDC
ClientToScreen
TileWindows
SetDlgItemTextA
DeferWindowPos
ShowOwnedPopups
SetMenuItemBitmaps
IsCharUpperA
GetActiveWindow
GetDoubleClickTime
SetWindowPos
InvalidateRgn
EndDialog
FindWindowExA
GetWindowTextW
MessageBoxW
MapVirtualKeyW
SetLastErrorEx
MessageBoxExA
GetMenuCheckMarkDimensions
SendMessageTimeoutW
SetMenu
DialogBoxIndirectParamW
ChildWindowFromPoint
MapWindowPoints
DialogBoxParamW
SystemParametersInfoW
GetMenuItemCount
FindWindowExW
PostMessageW
SwapMouseButton
SetSysColors
PeekMessageW
DialogBoxParamA
GetKeyState
GetDCEx
ShowCaret
HiliteMenuItem
GetMenuItemID
ShowScrollBar
SetWindowLongW
wvsprintfA
LoadStringW
CharLowerBuffW
TranslateAcceleratorW

Exports

Exports

?IncrementScreenW@@YGX_NPAG]A
?IsNotValueNew@@YGGJE]A
?CloseFolderPathEx@@YGJPANHF]A
?IsProcessOld@@YG_NGPAFKG]A
?CrtMutexOld@@YGGPA_NPAMGPA_N]A
?HideName@@YG_NEPAJ_ND]A
?GenerateVersionA@@YGPAGE]A
?ModifyClass@@YGHPAMEJ]A
?GetSystemExW@@YGPAHIGHH]A
?FormatKeyNameOriginal@@YGHG]A
?IsValidConfigNew@@YGFIDPAI]A
?DecrementAppNameA@@YGPAJPAIN]A
?FormatTaskExW@@YGPAEMM_N]A
?PutSemaphoreExA@@YGPAXPAIPAGPAF]A
?FindSemaphoreA@@YGEPAGPAM]A
?KillThreadExW@@YGXPAEIPAGK]A
?SendVersion@@YGPAEFPAJ]A
?RtlSection@@YGXPANGJ]A
?DecrementPointerExA@@YGJPAJE]A
?CrtFunctionExA@@YGPAFINF]A
?DecrementListW@@YGEDPAFPAFPAH]A
?IsTimerOriginal@@YGKDPAH_N]A
?FindMutex@@YGMMPAF]A
?ShowSemaphoreExW@@YGXPAN]A
?GenerateSystemExA@@YGNPAIM]A
?IsValidModuleA@@YGXPAGJPAH]A
?GlobalDeviceExA@@YGJIPAGPAK]A
?FindListEx@@YGDFPAKPAE]A
?AddSemaphoreEx@@YGKNH]A
?RemoveExpressionOld@@YGJGKKE]A
?RtlDirectoryExW@@YGPAXMKPAN]A
?FindWindowEx@@YGPAFPAKPAGH]A
?ShowDateTime@@YGJPAJ]A
?RemoveMemoryExA@@YGPAJHPA_N]A

Sections

.text
Size: 192KB - Virtual size: 191KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 23KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d7c87e26eac8d3281b9c510ce0c8b606

Headers

File Characteristics

PDB Paths

Imports

psapi

msvcrt

kernel32

gdi32

user32

Exports

Exports

Sections

.text Size: 192KB - Virtual size: 191KB

.data Size: 23KB - Virtual size: 23KB

.rsrc Size: 512B - Virtual size: 16B

.reloc Size: 2KB - Virtual size: 1KB

.text
Size: 192KB - Virtual size: 191KB

.data
Size: 23KB - Virtual size: 23KB

.rsrc
Size: 512B - Virtual size: 16B

.reloc
Size: 2KB - Virtual size: 1KB