762e667a28a9d7bb158b1a5ded26b9c3_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

762e667a28a9d7bb158b1a5ded26b9c3_JaffaCakes118
Size

218KB
MD5

762e667a28a9d7bb158b1a5ded26b9c3
SHA1

030976214eb95cc2caa9973516e641f513980d8d
SHA256

eca4d7763c9556c089fe827d1382ad6b83817ea12fe025881c040ca1057f9094
SHA512

18489c8debf9d9e3d450980bb1b346456eb40f508d4174079970a8e6263b28577986a697767e399e56471196783bbaa05075c47e3a08711494ec8ab02cb4ba70
SSDEEP

6144:T/eG8YTRrVdSk7O8q7Hk/zOFDarkQbI1wo98E0:ThlrVvw7Hk0arkQU1woP0

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
762e667a28a9d7bb158b1a5ded26b9c3_JaffaCakes118

Files

762e667a28a9d7bb158b1a5ded26b9c3_JaffaCakes118
.exe windows:5 windows x86 arch:x86

8268dbb60d9d2dfbcc65c4ae1819ecf7

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

D:\nyKqdfkybBj\Hrsywuzajswsfs\hTkatMzwrqc\hiIjaKwOjeIurg\nwDuGqnd.pdb

Imports

gdi32

RealizePalette
CreateCompatibleDC
SetViewportExtEx
CreateHatchBrush
CreateICW
ExtTextOutW
CreateFontIndirectW
CreateBitmap
GetTextExtentPointA
SetBrushOrgEx
SetTextColor
EndPage
SelectObject
SetDIBitsToDevice
CreateHalftonePalette
DPtoLP
GetNearestPaletteIndex
GetPixel
GetPaletteEntries
Rectangle
SetRectRgn
SelectClipRgn
WidenPath
CreateCompatibleBitmap
CreateFontA
OffsetViewportOrgEx
SetLayout
GetTextCharsetInfo
CreatePalette
SetAbortProc
GetROP2
StretchBlt
GetTextAlign
GetBitmapBits
RectInRegion
AddFontResourceW
SetViewportOrgEx
GetClipBox
EnumFontsW
LPtoDP
SetMapMode
CreateRectRgn
CombineRgn
GetBkMode
PathToRegion
GetSystemPaletteUse
CreateRoundRectRgn

msvcrt

_controlfp
isspace
fflush
__set_app_type
fgetc
srand
wcscpy
__p__fmode
__p__commode
vswprintf
fread
calloc
fputs
wcschr
clearerr
_amsg_exit
sprintf
setlocale
_initterm
_acmdln
qsort
isupper
strpbrk
iswspace
exit
gets
_ismbblead
rand
fseek
tolower
iswdigit
atol
_XcptFilter
isalnum
_exit
islower
_cexit
fputc
__setusermatherr
perror
isalpha
wcstod
__getmainargs
isdigit
swprintf
wcstombs

kernel32

CopyFileA
GetFullPathNameW
SizeofResource
GetModuleHandleW
GetBinaryTypeW
GetVersionExA
GetFileAttributesW
lstrlenW
CompareStringW
QueryPerformanceCounter
SetMailslotInfo
TlsFree
FindFirstFileW
DeleteFileW
WideCharToMultiByte
SetCommMask
EnumResourceNamesA
lstrcpynA
GetCommModemStatus
ReadConsoleInputW
GetAtomNameA
AddAtomA
MoveFileA
SetCommState
TlsGetValue
GetCurrentProcessId
SetUnhandledExceptionFilter
FreeLibrary
WaitForSingleObject
TransactNamedPipe
ExitThread
GetShortPathNameA
LocalLock
GetPriorityClass
GetSystemTime
RemoveDirectoryA
LocalReAlloc
GetFileInformationByHandle
CreateSemaphoreW
RtlUnwind
GetStartupInfoW
GetLocaleInfoW
EnumSystemLocalesA
CreateEventA
UnmapViewOfFile
SetHandleCount
GlobalAddAtomW
HeapCreate
SetFileTime
FindFirstChangeNotificationW
GetFileAttributesExA
CompareStringA

user32

CharNextExA
DrawTextExW
FindWindowExA
LookupIconIdFromDirectory
LoadBitmapW
SetWindowPlacement
GetWindowPlacement
DrawAnimatedRects
DefWindowProcW
ArrangeIconicWindows
SetScrollInfo
GetMenuCheckMarkDimensions
ActivateKeyboardLayout
GetSysColorBrush
PostMessageW
ClipCursor
EndDialog
ReplyMessage
IsWindowUnicode
CharUpperBuffW
PtInRect
RegisterClassA
GetWindowLongA
MapVirtualKeyW
InsertMenuW
LoadImageA
SetRectEmpty
WaitForInputIdle
MessageBoxA
ToUnicodeEx
EndPaint
SetMenuDefaultItem
OffsetRect
IsDialogMessageW
ScrollWindowEx
MessageBoxW
DeleteMenu
CreatePopupMenu
PostMessageA
PostThreadMessageW
SetTimer
GetClassInfoW
wsprintfW
CheckRadioButton
GetDlgCtrlID
DrawFrameControl
ShowWindow
DestroyCaret
GetClassNameW
CharLowerA
GetKeyNameTextW
KillTimer
SystemParametersInfoA
TranslateMessage
SetMenuItemBitmaps
IsCharAlphaNumericW
CloseDesktop
UpdateWindow
IsWindowVisible
SetWindowTextA
SendMessageTimeoutA
GetActiveWindow
GetScrollRange
IsMenu
GetMonitorInfoW
GetCaretPos
SendInput
InSendMessage
LoadStringA
CreateWindowExA
SetMenuItemInfoW
MoveWindow
TranslateAcceleratorA
wsprintfA
CharNextA
GetDesktopWindow
IsCharAlphaW
PostQuitMessage
ChangeMenuW
GetLastActivePopup
FindWindowW
ChildWindowFromPointEx
RedrawWindow
IsDialogMessageA
RemovePropW
SendDlgItemMessageW
LoadIconA
GetKeyboardLayoutNameW
SendMessageA
SetDlgItemTextW
ShowScrollBar
DefFrameProcW
SetMenu
LockWindowUpdate
LoadImageW
SendMessageW
BeginDeferWindowPos
GetTopWindow
GetMenu
keybd_event
HideCaret
DialogBoxParamW
ShowCaret
SetScrollRange
SetRect
CharUpperBuffA
InSendMessageEx
ClientToScreen
GetKeyState
ScreenToClient
GetParent

comdlg32

GetSaveFileNameW
GetOpenFileNameW
GetSaveFileNameA
GetOpenFileNameA
CommDlgExtendedError
PrintDlgExW

Exports

Exports

?IsNotProjectOld@@YGPAJIJ&U
?GenerateMonitorExW@@YGPAII&U
?InstallSize@@YGDFPAF&U
?IncrementCommandLineOriginal@@YGPAM_N&U
?ShowHeaderNew@@YGXPAMN&U
?InvalidateProcessNew@@YGPAINKI&U
?EnumHeaderOriginal@@YGEFPADHE&U
?IsDialogA@@YGF_N&U
?CallMutantW@@YGPAHPAEK&U
?HideDateTimeExA@@YG_NMPANH&U
?GenerateScreenEx@@YGPAKE&U
?ModifyFolder@@YGGF&U
?AddPenEx@@YGFMPAHEPAM&U
?LoadDateTimeEx@@YGEDE&U
?CancelKeyNameOriginal@@YGEI_N&U
?IncrementComponentExA@@YGHJI&U
?GetKeyboardEx@@YGEPAMPANM&U
?ProfileOld@@YGKG&U
?CallPointEx@@YGPAXGMM&U
?CrtPointW@@YGJG&U
?CloseFileNew@@YGPAGH&U
?ModifyProcessOriginal@@YGDPAKMF&U
?KillProviderW@@YGEPAEGFPAJ&U
?InvalidateThread@@YGPAXDDPAM&U
?IsNotDeviceA@@YGXPAHPAJPAD&U
?HideWindowInfoExA@@YGIPAKJ&U
?KillHeightExW@@YGPAGHHJI&U
?ModifyPenExW@@YGIPAMFKG&U
?SetHeightExA@@YGXMPAJEPAK&U
?InvalidateWindowW@@YGJFF&U
?AddNameW@@YGPAFFPAMPAEI&U
?InvalidateMutexExA@@YGPA_NJPAG&U
?IsValidSizeEx@@YGPAMPAKKH&U
?OnListItemOriginal@@YGJIPAFKN&U
?InvalidateFolderNew@@YGPAFGMMN&U
?InvalidateObject@@YGNPAIFE&U
?InstallTextEx@@YGPAJPADPAFE&U
?CancelMediaTypeOriginal@@YGJFPAJ&U

Sections

.text
Size: 75KB - Virtual size: 75KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.imp
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.exp
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.code
Size: 512B - Virtual size: 32B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.byte
Size: 512B - Virtual size: 44B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 6KB - Virtual size: 66KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 116KB - Virtual size: 115KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

8268dbb60d9d2dfbcc65c4ae1819ecf7

Headers

File Characteristics

PDB Paths

Imports

gdi32

msvcrt

kernel32

user32

comdlg32

Exports

Exports

Sections

.text Size: 75KB - Virtual size: 75KB

.imp Size: 1KB - Virtual size: 1KB

.exp Size: 1KB - Virtual size: 1KB

.code Size: 512B - Virtual size: 32B

.byte Size: 512B - Virtual size: 44B

.data Size: 13KB - Virtual size: 13KB

.rdata Size: 6KB - Virtual size: 66KB

.rsrc Size: 116KB - Virtual size: 115KB

.reloc Size: 2KB - Virtual size: 1KB

.text
Size: 75KB - Virtual size: 75KB

.imp
Size: 1KB - Virtual size: 1KB

.exp
Size: 1KB - Virtual size: 1KB

.code
Size: 512B - Virtual size: 32B

.byte
Size: 512B - Virtual size: 44B

.data
Size: 13KB - Virtual size: 13KB

.rdata
Size: 6KB - Virtual size: 66KB

.rsrc
Size: 116KB - Virtual size: 115KB

.reloc
Size: 2KB - Virtual size: 1KB