70d5da105c06622d577c758b9aa1f67a_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

70d5da105c06622d577c758b9aa1f67a_JaffaCakes118
Size

56KB
MD5

70d5da105c06622d577c758b9aa1f67a
SHA1

bbc6dbe204e0a27b1219f09e1bb12a31d7a556bd
SHA256

b538e79db58ad4bf76765521eef7001ab35665e54f6875843872f92dc21f8883
SHA512

e0c0782a08e43c6656ba0c722874c091a09ddcaa2f0873687a408dbc09ef91a36be3eb2455f6aec9294027eaf6d0abbabfbbeec953f8ff7ef0b90e8ec36de9cf
SSDEEP

1536:mkwPHpnA+sjWo2sUvcWc3wRazE/iWCbRZsi:aPoWo2sUvE3etiWCzsi

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
70d5da105c06622d577c758b9aa1f67a_JaffaCakes118

Files

70d5da105c06622d577c758b9aa1f67a_JaffaCakes118
.exe windows:5 windows x86 arch:x86

16e5c485aabc3e9f7bcbf3c48a8c80bc

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

T:\jrolcHAdakBi\vwgCwTuzvmh\axjCejkf.pdb

Imports

user32

SendDlgItemMessageW
IsDialogMessageW
WindowFromPoint
RegisterClassW
LoadAcceleratorsW
GetLastActivePopup
SetDlgItemTextW
AdjustWindowRect
IsIconic
GetMenuItemCount
EnumThreadWindows
ModifyMenuW
RegisterWindowMessageW
InternalGetWindowText
LoadImageA
LoadImageW
CharPrevA
DestroyAcceleratorTable
SendMessageW
LoadStringW
GetDlgItemTextW
DrawIconEx
GetClientRect
GetWindowRect
GetMessageExtraInfo
MapDialogRect
ScrollWindow
CharLowerW
DrawMenuBar
GetClipCursor
SetMenu
GetCaretPos
OffsetRect
IsRectEmpty
GetDlgItemTextA
GetTopWindow
CheckRadioButton
DialogBoxParamA
CopyRect
SystemParametersInfoA
LoadMenuW
GetDlgItemInt
CreateDialogIndirectParamW
TrackPopupMenuEx
FrameRect
GetMenuCheckMarkDimensions
CharUpperBuffW
DrawEdge
RemovePropW
LoadStringA
IsWindowEnabled
CallWindowProcA
DeleteMenu
DeferWindowPos
MoveWindow
ShowOwnedPopups
GetSystemMenu
CreateAcceleratorTableW
InSendMessageEx
GetMessagePos
CreateWindowExA
SetWindowPlacement
TranslateAcceleratorA
FillRect
wsprintfA
GetUserObjectInformationA
GetDialogBaseUnits
EnumWindows
InsertMenuW
AppendMenuA
GetUpdateRect
GetClassLongA
GetDlgItem
GetMenuItemID
InvertRect
GetIconInfo
DestroyCaret
ScrollWindowEx
GetClassInfoA
GetWindowTextW
SetCursorPos
SetWindowRgn
IsMenu
CascadeWindows
SetParent
MessageBoxW
DrawStateA
GetAsyncKeyState
GetScrollInfo
GetSysColor
ScreenToClient
SetCaretPos
AppendMenuW
wvsprintfA
GetKeyNameTextW
DragObject
DrawTextW
keybd_event
AdjustWindowRectEx
FindWindowA
SetScrollInfo
GetKeyboardLayoutNameW
GetClassInfoExW
GetNextDlgTabItem
DefDlgProcA
LoadBitmapW
RegisterHotKey
PostThreadMessageA
LoadIconW
GetMenuItemInfoW
EqualRect
OpenIcon
wvsprintfW
GetWindowDC
GetKeyboardType
GetForegroundWindow
CopyImage
GetMenuStringA
CharLowerBuffW
DispatchMessageA

msvcrt

wcscspn
floor
isprint
isdigit
strtok
wcstol
_controlfp
gets
fgets
vsprintf
getc
wcsncmp
remove
wcspbrk
__set_app_type
wcscmp
__p__fmode
__p__commode
qsort
_amsg_exit
perror
_initterm
rand
_ismbblead
iswspace
_XcptFilter
free
swprintf
towlower
fgetc
isalnum
toupper
_exit
fflush
wcstod
wcstok
strtoul
sprintf
fputc
fread
strncmp
_cexit
__setusermatherr
__getmainargs
iswprint
wcsncpy
atol

shlwapi

StrToIntW

kernel32

GlobalAddAtomW
GetLocalTime
EscapeCommFunction
LoadLibraryA
GetAtomNameA
FileTimeToLocalFileTime
GetSystemDirectoryA
GetProcAddress
GetWindowsDirectoryW
GetFullPathNameW
GetFileType
IsBadReadPtr
SearchPathA
VirtualProtect
SetLastError
GlobalReAlloc
GetComputerNameExA
FindNextChangeNotification
FormatMessageA
GetVersion
FindNextFileW
SetFileAttributesW
GetFileInformationByHandle
HeapSize
GetCurrentDirectoryW
GetCommProperties
HeapFree
GetFileSize
lstrcpyA
GlobalMemoryStatus
WinExec
WaitCommEvent
FlushViewOfFile
HeapWalk
SetCurrentDirectoryA
QueryPerformanceCounter
GetFileAttributesA
MulDiv
GetCurrentThread
GlobalDeleteAtom
HeapLock
TlsSetValue
RegisterWaitForSingleObject
CloseHandle
SetMailslotInfo
IsValidLanguageGroup
lstrcpynW
FindFirstChangeNotificationW
WaitForSingleObject
SetWaitableTimer
EnumResourceLanguagesA
MoveFileW
SetCommMask
RemoveDirectoryW

Exports

Exports

?Extract_Options@@YGK_KHE:O

Sections

.text
Size: 20KB - Virtual size: 19KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 134B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.feed
Size: 512B - Virtual size: 128B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 2KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 24KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

16e5c485aabc3e9f7bcbf3c48a8c80bc

Headers

File Characteristics

PDB Paths

Imports

user32

msvcrt

shlwapi

kernel32

Exports

Exports

Sections

.text Size: 20KB - Virtual size: 19KB

.idata Size: 6KB - Virtual size: 5KB

.edata Size: 512B - Virtual size: 134B

.feed Size: 512B - Virtual size: 128B

.data Size: 2KB - Virtual size: 23KB

.rsrc Size: 24KB - Virtual size: 24KB

.reloc Size: 1KB - Virtual size: 1KB

.text
Size: 20KB - Virtual size: 19KB

.idata
Size: 6KB - Virtual size: 5KB

.edata
Size: 512B - Virtual size: 134B

.feed
Size: 512B - Virtual size: 128B

.data
Size: 2KB - Virtual size: 23KB

.rsrc
Size: 24KB - Virtual size: 24KB

.reloc
Size: 1KB - Virtual size: 1KB