72b981b29dfddde1f75fb324ae714743_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

72b981b29dfddde1f75fb324ae714743_JaffaCakes118
Size

151KB
MD5

72b981b29dfddde1f75fb324ae714743
SHA1

dcd29063d558f0be0af91df5c96b32f4357a0e33
SHA256

2b4cac1935b6de0aab8890e08da1ca04f8caf37c75e7e742c968725d05d4ab2f
SHA512

1826372bc04277e1a7ec8e665356a57e208155471fd41348a134759b5e4dba6fe092bc4ab633a6d61f045052ea7cef7e0da3ff6791f335e5241827cc0c73b36f
SSDEEP

3072:qebwfnqnribdoVUkUGkLqg2HKXQq94SeXJR2tthxdvAr:VwfqriB3kjkGg2HYQqC3H+thDv

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
72b981b29dfddde1f75fb324ae714743_JaffaCakes118

Files

72b981b29dfddde1f75fb324ae714743_JaffaCakes118
.exe windows:5 windows x86 arch:x86

ecfe74e9592bc3eca254df4892f4e1f7

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

V:\cbzjcdpNmx\ihldpeloaAw\avrvJkayLh\icGjdxYkd.pdb

Imports

gdi32

EndPage
SetMapMode
GetTextExtentPointW
GetPixel
GetCurrentObject
GetTextFaceW
SetStretchBltMode
WidenPath
Rectangle
GetNearestPaletteIndex
GetNearestColor
CreateDiscardableBitmap
StretchDIBits
GetWindowOrgEx
GetTextColor
DeleteObject
SetBkColor
GetDIBColorTable
GetTextCharsetInfo
GetFontData
CreateRoundRectRgn
ResizePalette
GetTextMetricsA
GetLayout
CreateDIBitmap
PathToRegion
ExtFloodFill
CreateICW
GetObjectA
CreateCompatibleBitmap
StartDocW
SetRectRgn
GetTextMetricsW
CreateEllipticRgnIndirect
GetClipBox
GetCharWidth32W
SetDIBColorTable
Ellipse
CreateFontIndirectW
TextOutA
CreatePenIndirect
RealizePalette
RectVisible
SetDIBits
PatBlt
TranslateCharsetInfo
CreatePatternBrush
GetPaletteEntries
CreateDIBSection
EnumFontFamiliesW

msvcrt

clock
strncmp
_controlfp
isalpha
strtol
__set_app_type
wcspbrk
isprint
wcschr
__p__fmode
toupper
wcstol
tolower
bsearch
calloc
__p__commode
sprintf
remove
isupper
_amsg_exit
towupper
strchr
setvbuf
strncpy
isspace
_initterm
_acmdln
gets
strstr
localtime
exit
wcscoll
fclose
_ismbblead
atoi
malloc
iswprint
_XcptFilter
_exit
fseek
time
qsort
iswalpha
_cexit
putchar
srand
putc
__setusermatherr
__getmainargs

user32

ReleaseDC
CallWindowProcW
GetMonitorInfoW
IntersectRect
EnumWindows
OpenDesktopW
IsWindowEnabled
GetDlgItemTextA
WaitForInputIdle
PeekMessageA
GetKeyNameTextW
CharNextW
wvsprintfW
GetDCEx
GetClassInfoA
CharLowerW
CharUpperW
PostMessageA
ChildWindowFromPointEx
GetMenu
SetWindowTextA
GetFocus
GetWindow
GetWindowLongW
ClientToScreen
GetClassInfoExA
BeginDeferWindowPos
LoadMenuA
PostThreadMessageW
GetClientRect
DefFrameProcA
GetMenuItemRect
GetClassLongW
MessageBoxExW
GrayStringW
FindWindowExA
GetDlgCtrlID
SetMenuItemBitmaps
MapVirtualKeyExW
CreateDialogParamA
SendMessageW
GetLastActivePopup
SetFocus
mouse_event
IsCharAlphaNumericW
SetParent
LoadBitmapA
AllowSetForegroundWindow
GetNextDlgTabItem
ShowWindow
MapWindowPoints
ActivateKeyboardLayout
GetAsyncKeyState
SetUserObjectInformationW
DestroyCaret
wsprintfA
IsDlgButtonChecked
MapDialogRect
DefWindowProcA
OpenInputDesktop
OemToCharA
SetTimer
GetCaretPos
GetSubMenu
DestroyCursor
TranslateAcceleratorA
CharLowerA
GetUserObjectInformationA
DragObject
CharNextExA
CreateMenu
DefDlgProcW
ScrollWindow
RegisterWindowMessageW
UnionRect
AppendMenuA
PostThreadMessageA
SetRectEmpty
ScrollWindowEx
SetSysColors
SystemParametersInfoW
DestroyIcon
LoadIconA
GetMenuCheckMarkDimensions
GetKeyboardLayoutList
DestroyWindow
CreateDialogParamW
ShowCaret
DrawAnimatedRects
DialogBoxParamW
LoadCursorW
DrawTextExW
CopyImage
FrameRect
TabbedTextOutW
TranslateAcceleratorW
IsZoomed
DrawFocusRect
GetMessageTime
GetForegroundWindow
GetKeyboardType
GetSystemMetrics
RemovePropW
GetSysColor
DialogBoxParamA
ShowOwnedPopups
IsWindow
MoveWindow
GetMenuStringW
GetKeyboardLayout
LoadStringA
SendInput
CharToOemBuffA
InSendMessageEx
GetMessageW
GetUserObjectInformationW
CreateIconFromResource

kernel32

lstrcmpiA
lstrcatA
OpenSemaphoreW
SystemTimeToFileTime
ClearCommBreak
GetLocaleInfoW
SetFileAttributesA
GetCommConfig
DuplicateHandle
CreateMutexA
LoadLibraryA
HeapFree
HeapCreate
SetErrorMode
GetFileAttributesW
EnumResourceLanguagesA
GetThreadTimes
DeleteCriticalSection
IsBadWritePtr
CreateDirectoryA
UnhandledExceptionFilter
GetUserDefaultLangID
EnumResourceTypesA
GetModuleFileNameA
GlobalAddAtomW
HeapAlloc
LoadLibraryExA
CreateMailslotW
WaitForSingleObject
lstrcmpW
MoveFileExW
SetThreadLocale
MulDiv
SetWaitableTimer
GetProcAddress
OpenEventW
EnterCriticalSection
SetUnhandledExceptionFilter
SetCommTimeouts
GetModuleHandleA
GetTempFileNameW
GetOEMCP
WinExec
FormatMessageA
FindResourceA
CreateEventA
SetCommState
IsBadCodePtr
GetAtomNameW
GlobalHandle
EnumResourceNamesA
SetCommBreak
GlobalMemoryStatus
lstrcpynW
GetSystemTimeAsFileTime

comctl32

CreateToolbarEx
ImageList_Read
ImageList_Destroy
ImageList_GetImageCount
ImageList_ReplaceIcon
ImageList_Create

Exports

Exports

?HideFullNameW@@YGGIFF]A
?HideMutant@@YGPAMIGN]A
?CloseTimer@@YGPAE_NJ]A
?IsValidModuleNew@@YGXE]A
?IncrementTimeExW@@YGJPAH]A
?CancelFullNameEx@@YGMKNJF]A
?HideProviderOriginal@@YGX_NPAMJPAH]A
?HideDeviceEx@@YGKPAGH]A
?SendProcess@@YGDIPA_NPA_NI]A
?FindPathOriginal@@YGIJNPAH]A
?EnumPenW@@YGPAENK]A
?SendTimeW@@YGPAMIJPANE]A
?InsertProfile@@YGPAKNPAM_N]A
?IsValidSizeExA@@YGPAMIIJPAE]A
?IsNotHeightOriginal@@YGF_N]A
?WidthExW@@YGDMJFF]A
?SetDateTimeOriginal@@YG_NNPA_NPAH]A
?GenerateRect@@YGFGDJF]A
?ShowNameExA@@YGPAMPAM]A
?FormatCharEx@@YGPAEG]A
?DecrementString@@YGFPAJ]A
?CallDateTimeEx@@YGPAMHEJ]A
?CancelPointEx@@YGXE]A
?CallModuleOld@@YGPAXK]A
?OnWidthW@@YGEPAJH]A
?HideWidthNew@@YGXPAHIF]A
?AddPenNew@@YGPADI]A
?IsValidModuleOriginal@@YGFDJ]A
?EnumDataEx@@YGPA_NJ_NJ]A
?DeleteConfigW@@YG_NFPADPAK]A
?DecrementSemaphoreExA@@YGPADJF]A
?OnDirectoryExW@@YGMFPAMPA_N]A
?IncrementThread@@YGJPAGPAHF]A
?GetValueOld@@YGPAJPAE]A
?SetWindowInfoExW@@YGPAIJJN]A
?RemoveSystemA@@YGPAXPAK]A
?CloseDateEx@@YGJPAMGHK]A
?IsObjectA@@YGXPAJ]A
?HideCharOriginal@@YGKPAF]A
?GlobalWindowInfoExW@@YGFGF]A
?InvalidateDialogExW@@YGMPAMPAIEPAD]A
?InsertPointEx@@YGIGPADGG]A
?InstallMemory@@YGDPANI]A
?IsValidPenExW@@YGFI]A
?HideSizeExW@@YGPAHGHPAGPAJ]A
?IsListItem@@YGXMPAD]A
?PutMediaTypeOriginal@@YGPADPAHPAH]A
?OnCommandLineA@@YGGDH]A
?AddFileEx@@YGXJ]A
?SystemExA@@YGPAH_N]A
?OnClass@@YGK_N]A
?ArgumentW@@YGKPADH]A
?KillSystemNew@@YGDFJD]A
?InvalidateHeightNew@@YGEF]A
?RtlPointerExW@@YGGJ]A
?FormatListExW@@YGEPAGJK]A
?CancelTimerEx@@YGHJJPAM]A
?KillFunctionNew@@YGKD]A
?EnumCommandLineW@@YGEPAGPAGMH]A
?CopyTaskOriginal@@YGIPADM]A
?CancelDataNew@@YG_NFEE]A
?ModifyValueA@@YGPAKPADDG]A
?InsertThreadEx@@YGFPAH]A
?RtlState@@YGGPAM]A
?CancelSemaphoreNew@@YGEJD]A
?EnumFullNameW@@YGPAXJPAFK]A
?FormatPath@@YGXGKPADPAD]A
?MonitorExW@@YGPAIGPAFEPAJ]A
?KillSystemOld@@YGDM_NJE]A
?CloseSystemNew@@YGHMM]A
?IsNotFolderExW@@YGPAKPAIFJJ]A
?OnTimerEx@@YGDMPAMPAJ]A
?AddListItemExA@@YGDGPAJPAJI]A
?IsNotWindowInfoA@@YGD_NK]A
?IsValidScreenOriginal@@YGXHH]A
?FormatMemoryOriginal@@YGPAJKHPAE]A
?OnFolderPathExA@@YGXPANEPAGM]A
?CopyVersionEx@@YGHHMI]A
?CloseExpressionOriginal@@YGIIKE]A
?InstallTimerEx@@YGPAHPAJMJ]A
?DecrementHeaderOriginal@@YGHIEKH]A
?CopyHeightOriginal@@YGGPADGPAEM]A
?OnDeviceOriginal@@YGPAKGKJPAE]A
?GlobalSizeExA@@YGPAMPAK]A
?IsNotListItemExW@@YGHPAGKPAF]A
?DecrementSemaphoreW@@YGGGIMM]A
?OnAppNameExA@@YGPAXIPAHPAJ]A
?InstallModule@@YGXDH]A
?RemoveFolderPathW@@YGFDDPAE]A
?InstallValueExW@@YGHPAN]A
?DecrementExpressionA@@YGHPADJ]A
?FormatProfileW@@YGEPAMN]A
?CloseMessageOld@@YGNPAGPAHFF]A
?IsNotOptionA@@YGEGPAIII]A
?GetWidthOld@@YGPAXDPAKD]A
?GlobalDeviceExA@@YGMHG]A
?DestinationSysCounterDnDHuuey@@YGKGHE@Z
?HideProjectOriginal@@YGHJ]A
?GetMessageNew@@YGEF]A
?GlobalSemaphoreExW@@YGPAF_NJM]A
?FindSizeA@@YGMPAJPAGN]A
?CrtText@@YGPAMD]A
?KillPointerNew@@YGJPAG]A
?AddConfigOriginal@@YGGPAHM]A
?DecrementConfigEx@@YGF_NHJ]A
?FormatFilePathOld@@YGNHIME]A
?IsValidStateW@@YGPAMPA_NIIE]A
?ModifyCharExW@@YGJDM]A
?IsValidMemoryA@@YGMFPA_NDI]A
?DeleteDateEx@@YGXPA_NH]A
?CopyNameW@@YGPAKN]A
?AddVersionW@@YGHPAMFJ]A
?CallDateA@@YGPAHPADHN]A
?PutProcessOriginal@@YGPAEPAIPAM]A
?DeletePointExA@@YGPAGPAEKF]A
?InvalidateFilePathOriginal@@YGKPAHPADFPAF]A
?IsNotProject@@YGGD]A
?EnumPenExA@@YGPAXEM]A
?InvalidatePointerEx@@YGEGE]A
?PutEventW@@YGHPAM]A
?OnDateNew@@YGFPAJPAHPAK]A
?DeleteAnchorExA@@YGPAHPAHPAJIF]A
?IsNotDataOriginal@@YGNPAN]A
?RtlDateW@@YGDIG]A
?ModifyProfileOld@@YGPAIFPAMPAJJ]A
?ShowDateNew@@YGXJDMI]A
?IsMutex@@YGPAXE_NPAM]A
?CancelFolderPathExW@@YGPAXPAN]A
?ValidateArgumentW@@YGIGPAM]A
?ShowKeyboardExA@@YGIKMH]A
?KillHeightNew@@YGPAJPAGE_NM]A
?GetFolderPathW@@YGEPAFMPAD]A
?DecrementFunctionExW@@YGPAMNPAG]A
?Section@@YGHDIJN]A
?CopyFunctionOriginal@@YGMKPAHHM]A
?DeleteProfileW@@YGJPAMPAFD]A
?CrtMonitorExA@@YGXPAIPA_N]A
?FormatScreenW@@YGFPAJE]A
?CrtTimeExW@@YGPAGPAIPADK]A
?LoadArgumentExW@@YGMPAJPAGED]A
?LoadStringEx@@YGKF]A
?OnPoint@@YGEPA_NHPAN]A
?CopyPath@@YGPAGEEPAH]A
?CloseEventA@@YGPANII]A
?CallKeyNameOld@@YGK_NM]A
?CancelPath@@YGHFND]A
?PutAnchorW@@YGFKMKPAE]A
?ShowKeyboardEx@@YGPAMGPAHPAKPAH]A
?ModifyProfileA@@YGNFPAHPANI]A
?GetVersion@@YGPAMPAGPA_N]A
?IsValidMonitorExW@@YGJI]A
?ValidatePathA@@YGEMF]A
?GlobalHeaderOld@@YGXPAFKM]A
?SendWindowInfoOriginal@@YGKK]A
?RtlFolderPathNew@@YGPAI_NFPAKD]A
?GenerateFullNameOld@@YGPAFPANDME]A
?CloseMutantNew@@YGJMKPAE]A
?LoadPointerNew@@YGPAXGPA_N]A
?CrtListItemOld@@YGPAKPAI]A
?CallStateEx@@YGDHKI_N]A
?SetPathEx@@YGIFG]A
?FormatCommandLineA@@YGHIPAEGN]A
?CancelModuleExA@@YGKNPAE]A
?CrtFilePathW@@YGPAJE]A
?FormatVersionOld@@YGIKKM]A
?OnWindowInfoW@@YGJE]A
?SetTimerOriginal@@YGDPAIPAFG]A
?GlobalModuleOriginal@@YGKE]A
?IsNotExpressionOriginal@@YGKFNPAJ]A
?DecrementFullNameA@@YGEIDHE]A
?SetModuleExA@@YGKHI]A
?DeleteFileEx@@YGDJHIPAN]A
?FormatTaskOld@@YGHNHPAMJ]A
?GlobalSystemEx@@YGPAJDPAGPAE]A
?LoadListEx@@YGPAEMPADPAJ]A
?RtlListItemOld@@YGGPAH]A
?GetPointer@@YGKK]A
?RemoveClassOriginal@@YGEINE_N]A
?InstallFullNameA@@YGXPAGPAF]A
?CancelPointerExW@@YGDDK]A
?DeleteScreenEx@@YGFPAMDG]A
?PutStateNew@@YGDPAFN]A
?FreePathW@@YGPAXPAHJI]A
?AddFileOriginal@@YGXKPAH]A
?LoadFolderOld@@YGPAHDPAIHD]A
?FormatModuleOld@@YGPAIK]A
?IsValidModuleOld@@YGEFPAEJI]A
?CloseSystemOriginal@@YGDPAKDEK]A
?CancelStringA@@YGMDGDJ]A
?StringEx@@YG_NH]A
?GlobalRectOriginal@@YGH_NHM]A
?GlobalProviderOriginal@@YGPAMIJIPAJ]A
?RtlDialogOld@@YGPAFIMNH]A
?InstallDateNew@@YGNPAIIPADK]A
?GenerateListExW@@YGIFD]A
?RtlWidthNew@@YGPAHGPAEPAFG]A
?IsNotProcessExW@@YGPADEPAH]A
?KillTextOld@@YGXPADPAGGPAF]A
?CancelDateTimeA@@YGPAXMJD]A
?SendProfile@@YGKJNG]A
?GlobalOptionNew@@YGPAGD]A
?GenerateValueA@@YG_NPAJPAEDPAI]A
?CallSemaphoreNew@@YGEPAH]A
?PutAnchorEx@@YGPAK_N_NMF]A
?DecrementSizeW@@YG_NPAJPAHM]A
?CopyFileA@@YGPAJ_N]A
?SetWindowInfoOld@@YGPADIJN]A

Sections

.text
Size: 30KB - Virtual size: 30KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 4KB - Virtual size: 118KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 107KB - Virtual size: 107KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ecfe74e9592bc3eca254df4892f4e1f7

Headers

File Characteristics

PDB Paths

Imports

gdi32

msvcrt

user32

kernel32

comctl32

Exports

Exports

Sections

.text Size: 30KB - Virtual size: 30KB

.idata Size: 6KB - Virtual size: 5KB

.data Size: 4KB - Virtual size: 118KB

.rsrc Size: 107KB - Virtual size: 107KB

.reloc Size: 1KB - Virtual size: 1KB

.text
Size: 30KB - Virtual size: 30KB

.idata
Size: 6KB - Virtual size: 5KB

.data
Size: 4KB - Virtual size: 118KB

.rsrc
Size: 107KB - Virtual size: 107KB

.reloc
Size: 1KB - Virtual size: 1KB