7077c94000233845fb9e82b97c1660cb_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

7077c94000233845fb9e82b97c1660cb_JaffaCakes118
Size

223KB
MD5

7077c94000233845fb9e82b97c1660cb
SHA1

b4256106b4fed804d19dcda75636068088be539d
SHA256

da806422b1ca7f8b39bbb24439d9e546eed6eae9f5977994b2c851852ad7b507
SHA512

2126b8ebf2220b690daee537cc6f310dda61c624b9a9613d137e1e1f6d3fab665cb8992cc753a7ca688e3a88b6426b3a7c46e3cad36c14b7eef4264a89c8ac2c
SSDEEP

6144:ThqpaWV78Hj11v1e3UOuv9Xps7Blwkk7OD:TsQowD11g37MpQBE

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
7077c94000233845fb9e82b97c1660cb_JaffaCakes118

Files

7077c94000233845fb9e82b97c1660cb_JaffaCakes118
.exe windows:5 windows x86 arch:x86

e15a94b8f612e12640fd12ca5f028838

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

V:\LmbpeDbmZ\pdlohuagdigT\zSswdfcy.pdb

Imports

comctl32

ImageList_Destroy
DestroyPropertySheetPage
ImageList_GetIconSize
PropertySheetA
ImageList_SetIconSize
CreatePropertySheetPageW

msvcrt

wcscoll
_controlfp
sscanf
vswprintf
wcstombs
islower
realloc
__set_app_type
__p__fmode
putchar
remove
srand
__p__commode
fflush
wcscpy
_amsg_exit
fgets
isdigit
bsearch
fgetc
_initterm
swprintf
iswalpha
time
_acmdln
wcsncmp
exit
fread
toupper
malloc
_ismbblead
strncmp
_XcptFilter
isprint
getc
strcoll
_exit
puts
_cexit
__setusermatherr
__getmainargs
qsort
wcstoul
clock
strchr
wcstok

user32

CharLowerBuffW
GetMenuItemCount
FrameRect
MapWindowPoints
SetMenuDefaultItem
UpdateWindow
DestroyIcon
MonitorFromPoint
GetDesktopWindow
CallWindowProcW
CharUpperA
RemoveMenu
DrawTextExW
OpenInputDesktop
GetClientRect
GetCursorPos
ScreenToClient
RegisterWindowMessageW
GetDialogBaseUnits
GetWindowPlacement
GetMessageExtraInfo
CreateWindowExW
CharToOemBuffA
LoadAcceleratorsW
CharNextW
GetMenu
DrawStateW
DispatchMessageA
SetDlgItemTextW
SetScrollInfo
wsprintfW
GetWindowLongA
CallWindowProcA
SetDlgItemTextA
GetSysColorBrush
GetMenuStringA
GetWindowTextA
AppendMenuW
wsprintfA
SendMessageTimeoutW
GetCaretPos
SendInput
MapVirtualKeyW
GetClassInfoA
IsZoomed
PtInRect
RegisterClassExW
BringWindowToTop
MapVirtualKeyA
LoadIconA
CharPrevW
GetFocus
IsWindowEnabled
GetLastActivePopup
ScrollWindowEx
DispatchMessageW
SetWindowTextW
GetTopWindow
InSendMessage
GetMessageTime
PeekMessageW
SetSysColors
SetWindowLongA
EnableScrollBar
InsertMenuItemW
GetUserObjectInformationW
ShowCaret
TileWindows
RegisterHotKey
ShowWindowAsync
ScrollWindow
CharUpperBuffW
GetDC
IsMenu
GetKeyboardLayoutList
GetMenuItemInfoW
GetWindowRect
CharPrevA
CharLowerA
DrawMenuBar
GetKeyboardType
GetKeyState
InvertRect
LoadBitmapW
CharNextExA
BeginPaint
CharUpperBuffA
FindWindowA
keybd_event
IsWindowUnicode
FindWindowExA
SendMessageA
DialogBoxParamA
GetMonitorInfoW
GetWindow
GetMenuStringW
DeleteMenu
CreateMenu
GetNextDlgGroupItem
GetDCEx
ChildWindowFromPoint
SetClassLongW
CreateDialogParamW
CreateWindowExA
GetWindowTextLengthW
EndDialog
LoadBitmapA
GetKeyNameTextW

gdi32

GetWindowOrgEx
GetTextMetricsW
SetRectRgn
ExtTextOutA
ExtFloodFill
SetDIBits
CreateCompatibleDC
StretchDIBits
GetTextExtentPoint32W
WidenPath
SetBkMode
ResizePalette
GetCharWidth32W
Polyline
CreateFontIndirectA
CreateFontW
ExtTextOutW
SetStretchBltMode
StartPage
CreateBrushIndirect
GetROP2
SetPixel
GetObjectA
SelectPalette
CombineRgn
CreatePenIndirect
SetBkColor
SetViewportExtEx
GetTextCharsetInfo
DPtoLP
SetDIBitsToDevice
SetTextAlign
CreateCompatibleBitmap
SetViewportOrgEx
CreateEllipticRgnIndirect
GetTextExtentPoint32A
PathToRegion
CreateDCW
TextOutW
EnumFontsW
CreateBitmapIndirect
GetViewportOrgEx
FillRgn
GetStockObject

kernel32

DeleteFileW
GetLastError
CreateThread
PulseEvent
HeapCreate
GetSystemTimeAdjustment
AreFileApisANSI
GetWindowsDirectoryW
GlobalHandle
CreateDirectoryW
GlobalReAlloc
GetSystemDefaultLangID
VirtualFree
SetFileApisToOEM
GetFileAttributesExA
HeapValidate
GetCommConfig
GetUserDefaultLangID
CreateMailslotW
CreateEventW
GetFullPathNameA
ReleaseMutex
SetFilePointer
IsDBCSLeadByte
GetComputerNameExA
lstrcpynA
AddAtomA
GlobalAddAtomA
GetCurrentThread
GetExitCodeProcess
GlobalFindAtomW
GetCurrentProcessId
lstrcmpW
EnterCriticalSection
TryEnterCriticalSection
QueryDosDeviceW
GetCommProperties
lstrcmpiW
GlobalUnlock
GetUserDefaultLCID
OpenProcess
DuplicateHandle
ReadConsoleInputW
CreateFileW
GetTempFileNameW
GetModuleHandleA
GetThreadContext
WideCharToMultiByte
GetTempPathA
DeleteAtom
SuspendThread
HeapUnlock
FindNextFileA
TlsGetValue
OpenFileMappingW

Exports

Exports

?CloseSystem@@YGHKPAEG~U
?CallCharW@@YGGMPAD~U
?PutMonitorEx@@YGPAXPAIJ~U
?FindMemoryExA@@YGPAXGPAK~U
?IncrementObjectOriginal@@YGIEPAIPAN~U
?SetCommandLineOriginal@@YGGPAIMD~U
?KillRectOriginal@@YGJPAI_N~U
?InvalidateWindowInfoOriginal@@YGMPAFDG~U
?RtlWindowInfoOld@@YGPAXDI~U
?InstallTaskNew@@YGDD~U
?InstallMediaTypeW@@YGHMJ~U
?OnAppNameExA@@YGI_N~U
?IncrementDeviceOriginal@@YGPAHI~U
?ModifyTimeA@@YGPAFMDPAD~U
?LoadKeyNameOld@@YG_NFN~U
?EnumWidthW@@YGPAIMK~U
?LoadSemaphoreOriginal@@YGPAX_NIPA_N~U
?CloseThreadNew@@YGGIPAK~U
?GlobalFilePathNew@@YGPA_N_NHE_N~U
?InstallThreadA@@YGPAMH~U
?CloseProjectNew@@YGEPAD~U
?FormatFolderPathNew@@YGX_NH~U
?FreeTextOriginal@@YGGHEPAH~U
?CallFilePathW@@YGPAFFHEPAI~U
?DeleteProfile@@YGFPAM~U
?ModifyDataEx@@YGPAFPAHKPAG~U
?GetProvider@@YGKK~U
?KillMutex@@YGXPAIJ~U
?CopyVersion@@YGFIPAJPADPAH~U
?DeleteNameOld@@YGPADHNPAE~U
?CallProcess@@YGPAHPAKPAK~U
?ShowProjectOld@@YGPADDPAM~U
?FindMemoryExW@@YGD_NEII~U
?IsKeyNameOld@@YGXPADEPAGPAK~U
?CrtScreenExW@@YGPAEPAMJPAI~U
?DecrementString@@YGPAEHJ~U
?GetHeight@@YGPAJPAHPAHPAI~U
?DeleteScreenW@@YGII~U
?GeneratePointerEx@@YGMHD~U

Sections

.text
Size: 194KB - Virtual size: 193KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tbl_i
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tbl_e
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bitdat2
Size: 512B - Virtual size: 32B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bitdat0
Size: 512B - Virtual size: 32B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bitdat1
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.vptr4
Size: 512B - Virtual size: 32B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 1024B - Virtual size: 926B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e15a94b8f612e12640fd12ca5f028838

Headers

File Characteristics

PDB Paths

Imports

comctl32

msvcrt

user32

gdi32

kernel32

Exports

Exports

Sections

.text Size: 194KB - Virtual size: 193KB

.tbl_i Size: 1KB - Virtual size: 1KB

.tbl_e Size: 2KB - Virtual size: 1KB

.bitdat2 Size: 512B - Virtual size: 32B

.bitdat0 Size: 512B - Virtual size: 32B

.bitdat1 Size: 5KB - Virtual size: 5KB

.vptr4 Size: 512B - Virtual size: 32B

.data Size: 13KB - Virtual size: 13KB

.rdata Size: 1024B - Virtual size: 926B

.rsrc Size: 512B - Virtual size: 16B

.reloc Size: 2KB - Virtual size: 2KB

.text
Size: 194KB - Virtual size: 193KB

.tbl_i
Size: 1KB - Virtual size: 1KB

.tbl_e
Size: 2KB - Virtual size: 1KB

.bitdat2
Size: 512B - Virtual size: 32B

.bitdat0
Size: 512B - Virtual size: 32B

.bitdat1
Size: 5KB - Virtual size: 5KB

.vptr4
Size: 512B - Virtual size: 32B

.data
Size: 13KB - Virtual size: 13KB

.rdata
Size: 1024B - Virtual size: 926B

.rsrc
Size: 512B - Virtual size: 16B

.reloc
Size: 2KB - Virtual size: 2KB