6f8311ef6affe0c37322ba44bb8449f9_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

6f8311ef6affe0c37322ba44bb8449f9_JaffaCakes118
Size

200KB
MD5

6f8311ef6affe0c37322ba44bb8449f9
SHA1

13b04003957afec4b23cd3ec98063948f498f45f
SHA256

168d6409e225427a7fc9a0b24dc4f1f78b5c1ab2a14e91a583d81d36766f5b08
SHA512

0bb585704fc25a0152304708a91fee74872f8eee63ec2dcc4b2cd7efa8cbb535b48c39e0136d6f643df03e9a00a145f30a0881163ebeb99efefaa61b94d7706f
SSDEEP

6144:sh/RpOxfeZk31/w4a55BwpW9RoE2X3QFKYds:sNyBee3mT/Sp+qiK

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
6f8311ef6affe0c37322ba44bb8449f9_JaffaCakes118

Files

6f8311ef6affe0c37322ba44bb8449f9_JaffaCakes118
.exe windows:5 windows x86 arch:x86

dcb5ffd88435acce0154a114f966d383

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

T:\pWzdeRxlsz\gBmSIvChnylnJ\awyzpNDqoschy.pdb

Imports

shlwapi

UrlIsA

comctl32

ImageList_Remove
CreateStatusWindowW
PropertySheetW
CreateToolbarEx
ImageList_GetIconSize
ImageList_GetIcon

msvcrt

_controlfp
putc
atoi
mbtowc
exit
setvbuf
__set_app_type
isspace
perror
wcsrchr
putchar
wcstok
wcslen
__p__fmode
tolower
fread
__p__commode
mktime
swscanf
_amsg_exit
gmtime
isprint
strrchr
iswspace
getc
_initterm
fwrite
_ismbblead
towlower
_XcptFilter
_exit
fflush
fprintf
fgets
iswctype
strcpy
wcscpy
floor
_cexit
iswdigit
wcsstr
calloc
puts
__setusermatherr
strstr
fseek
__getmainargs

kernel32

ExitThread
lstrcatA
GetModuleFileNameA
GetOverlappedResult
CompareStringA
WinExec
GetCommandLineA
GlobalUnlock
GetSystemDefaultUILanguage
CopyFileW
LoadLibraryExA
lstrcatW
SetWaitableTimer
FindClose
GlobalAddAtomW
GetModuleHandleW
GetModuleHandleA
LocalReAlloc
HeapLock
GetCurrentThread
SetHandleInformation
SetupComm
ClearCommBreak
LoadLibraryExW
GetTempPathW
GetUserDefaultUILanguage
GetFileSize
CreateNamedPipeA
HeapCreate
HeapFree
GetTempFileNameW
SetMailslotInfo
FindResourceW
MapViewOfFile
FreeLibrary
UnhandledExceptionFilter
HeapWalk
CreateMailslotW
OpenFileMappingW
IsBadReadPtr
lstrcpyA
DeleteCriticalSection
GetThreadTimes
UnlockFile
GetThreadPriority
LeaveCriticalSection
GetCommModemStatus
GetThreadLocale
HeapAlloc
SetCommTimeouts
SizeofResource
IsBadWritePtr
GetTickCount
OpenFile
CallNamedPipeW
GetProcessHeap
LoadResource
Sleep
LocalUnlock

user32

GetMenuItemRect
SendNotifyMessageW
GetNextDlgGroupItem
GetMenuItemInfoW
TrackPopupMenu
CharToOemW
CharPrevW
SendMessageTimeoutA
TrackPopupMenuEx
GetClassLongW
EnumWindows
CreatePopupMenu
DialogBoxParamA
InSendMessageEx
PeekMessageA
ShowScrollBar
SetScrollInfo
SetDlgItemInt
SetWindowLongW
KillTimer
GetMessageW
DialogBoxParamW
ToUnicodeEx
LoadIconW
SetDlgItemTextA
WaitForInputIdle
MapWindowPoints
GetShellWindow
SetFocus
ChangeMenuW
DrawStateW
LoadImageW
EndPaint
ClientToScreen
SwitchToThisWindow
CallWindowProcW
CopyAcceleratorTableW
CreateMenu
GetClipCursor
AllowSetForegroundWindow
DispatchMessageW
GetActiveWindow
SendMessageW
SetActiveWindow
SystemParametersInfoA
GetNextDlgTabItem
MessageBoxExA
SetRectEmpty
DeferWindowPos
CopyImage
IntersectRect
GetIconInfo
CharUpperBuffA
GetLastActivePopup
keybd_event
ShowWindowAsync
DestroyAcceleratorTable
TranslateAcceleratorW
MonitorFromPoint
RegisterHotKey
SetWindowTextW
GetAltTabInfoA
PostThreadMessageA
ArrangeIconicWindows
GetSysColorBrush
MonitorFromRect
IsIconic
IsCharAlphaW
ActivateKeyboardLayout
HiliteMenuItem
LoadMenuA
DestroyMenu
IsChild
EnumChildWindows
GetClassInfoW
GetKeyState
mouse_event
GetWindowDC
ChildWindowFromPoint
DrawTextA
LoadBitmapA
CharLowerBuffW
CharUpperA
IsDialogMessageW
SendDlgItemMessageA
SetDlgItemTextW
CheckMenuItem
PostMessageW
CharPrevA
IsZoomed
SendDlgItemMessageW
WindowFromPoint
FrameRect
RegisterClassExW
GetKeyNameTextW
GetDoubleClickTime
CreateWindowExW
SystemParametersInfoW
GetParent
TranslateAcceleratorA
GetAsyncKeyState
CloseDesktop
DrawFocusRect
GetScrollRange
CreateAcceleratorTableW
DefWindowProcA
ChildWindowFromPointEx
GrayStringW
GetKeyboardLayoutNameW
RegisterWindowMessageW
ScrollWindow
DragObject
SetMenu
EnumThreadWindows
LoadImageA
DrawFrameControl
GetMenuCheckMarkDimensions
LoadBitmapW
IsWindow

Exports

Exports

?BinaryRedirectNetDYuyhDBH@@YGKGE[D

Sections

.text
Size: 20KB - Virtual size: 20KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 8KB - Virtual size: 368KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 168KB - Virtual size: 168KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

dcb5ffd88435acce0154a114f966d383

Headers

File Characteristics

PDB Paths

Imports

shlwapi

comctl32

msvcrt

kernel32

user32

Exports

Exports

Sections

.text Size: 20KB - Virtual size: 20KB

.data Size: 8KB - Virtual size: 368KB

.rsrc Size: 168KB - Virtual size: 168KB

.reloc Size: 1KB - Virtual size: 1KB

.text
Size: 20KB - Virtual size: 20KB

.data
Size: 8KB - Virtual size: 368KB

.rsrc
Size: 168KB - Virtual size: 168KB

.reloc
Size: 1KB - Virtual size: 1KB