7338b4462747964906a7523eb3d8cd9d_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

7338b4462747964906a7523eb3d8cd9d_JaffaCakes118
Size

141KB
MD5

7338b4462747964906a7523eb3d8cd9d
SHA1

a717e20dd1984d756f898e0d1cb0b8de41cc68ad
SHA256

854e2b591f11ee8e9633723c06453bb7b56690d85bd8ef2e4c987bb5412530a2
SHA512

ae26a154a030b169aa4666ea8ca76a146cfad433de207264083a6e82e09f57eef618ec0f69b38d5f49c4fb7d05d51dd9a12c684a5705f421cea6938030db068f
SSDEEP

3072:S/u5XJtPrBOTCIniXf8VIBADtgOZUYTCkytMLys1rfz1gSoXsWt5fyL:auBJJSCyiXUqBAWOZUYTxztorfyL

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
7338b4462747964906a7523eb3d8cd9d_JaffaCakes118

Files

7338b4462747964906a7523eb3d8cd9d_JaffaCakes118
.exe windows:5 windows x86 arch:x86

ddcd5f65d57e4999c5d55159221302a3

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

J:\yhJwXHnDcD\aZngdkketxMWti\cTuoung.pdb

Imports

user32

SetDlgItemTextA
CreatePopupMenu
SetClassLongW
GetClassLongW
IsDialogMessageW
ReleaseDC
EnableMenuItem
CharUpperW
GetKeyNameTextW
GetDlgItemTextA
CharLowerBuffW
LoadBitmapW
GetMessageExtraInfo
IsWindowVisible
SetRectEmpty
GetKeyboardLayoutNameW
CheckRadioButton
CreateDialogIndirectParamW
DeleteMenu
ActivateKeyboardLayout
OemToCharA
GetDlgCtrlID
GetDlgItemInt
SetCaretPos
CharLowerW
DestroyCaret
FindWindowA
IsCharAlphaA
SetScrollInfo
DrawTextW
DestroyMenu
SetParent
CharPrevA
VkKeyScanA
wsprintfW
LoadStringW
GetForegroundWindow
CreateWindowExA
GetUpdateRgn
GetSysColorBrush
wsprintfA
RegisterWindowMessageA
DefWindowProcA
IsDialogMessageA
IsZoomed
DrawTextA
InflateRect
DrawAnimatedRects
LoadStringA
GetShellWindow
LoadMenuA
AllowSetForegroundWindow
HideCaret
CharToOemW
RemoveMenu
wvsprintfA
EqualRect
GetWindowTextA
VkKeyScanW
PostMessageW
SetDlgItemInt
GetDlgItem
RegisterClassA
FindWindowExA
InsertMenuW
TrackPopupMenu
AdjustWindowRect
IsWindowUnicode
GetDoubleClickTime
InvalidateRgn
IsChild
GetMenuItemID
BringWindowToTop
SetScrollRange
WaitMessage
UpdateWindow
SetMenuItemInfoW
CheckMenuRadioItem
RemovePropW
GetScrollRange
SetForegroundWindow
GetClipCursor
EndDialog
CreateCaret
SetCursorPos
GetKeyState
MapWindowPoints
SetScrollPos
ScrollWindow
OemToCharBuffA
GetClassInfoExA
PostMessageA
GetClientRect
BeginPaint
DrawIcon
GetSystemMenu
InSendMessage
GetScrollInfo
CallWindowProcA
CreateMenu
IsCharLowerA
ArrangeIconicWindows
CheckDlgButton
GetMonitorInfoW
EnumThreadWindows
GetFocus
LookupIconIdFromDirectory
DrawIconEx
DefDlgProcA
IsWindow
RegisterClassExW
SetWindowRgn
AppendMenuA
CreateAcceleratorTableW
GetWindowLongW
PostQuitMessage
InvalidateRect
InSendMessageEx
DispatchMessageA
AppendMenuW
SetLastErrorEx
DestroyCursor
GetDialogBaseUnits

kernel32

GetAtomNameW
lstrcmpW
CallNamedPipeW
lstrcpynW
HeapFree
GetTempFileNameA
RaiseException
GetFileTime
DeleteCriticalSection
lstrlenA
SetCommState
GlobalReAlloc
IsValidLocale
VerSetConditionMask
IsDBCSLeadByteEx
DeleteAtom
GetThreadContext
GetCommConfig
FileTimeToLocalFileTime
SetHandleCount
SetUnhandledExceptionFilter
LocalFree
ExitThread
FormatMessageW
EnterCriticalSection
GlobalFlags
GetBinaryTypeA
SetThreadExecutionState
CreateEventW
GetStdHandle
GetModuleHandleA
IsBadWritePtr
AreFileApisANSI
SetEndOfFile
GetModuleFileNameW
MoveFileW
GetThreadLocale
LoadLibraryW
ResumeThread
GetShortPathNameA
TlsFree
PulseEvent
ResetEvent
GetModuleFileNameA
GetFileInformationByHandle
CompareFileTime
CompareStringA
GetCommProperties
ClearCommError
CreateSemaphoreA
MapViewOfFile
SizeofResource
GetCurrentThread
LCMapStringA
GlobalFree
DisconnectNamedPipe
OpenFileMappingW

comdlg32

FindTextW
GetFileTitleW
ChooseColorW
ReplaceTextW

msvcrt

_controlfp
strchr
__set_app_type
__p__fmode
towupper
qsort
swprintf
__p__commode
towlower
putchar
_amsg_exit
_initterm
tolower
wcscmp
exit
remove
_ismbblead
vswprintf
wcslen
strrchr
_XcptFilter
strcspn
isspace
ungetc
perror
_exit
strtok
toupper
isalpha
mbstowcs
_cexit
strtol
system
wcscat
__setusermatherr
strcpy
mbtowc
iswxdigit
wcstombs
setvbuf
iswctype
getenv
isprint
wcstol
__getmainargs
wcsncmp
printf

Exports

Exports

?RegenerateMainValues@@YGKPBDDPAX:O

Sections

.text
Size: 22KB - Virtual size: 22KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.e_tab
Size: 512B - Virtual size: 125B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.redit
Size: 1KB - Virtual size: 123KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.i_tab
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.site
Size: 1024B - Virtual size: 526B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.wdata
Size: 1024B - Virtual size: 704B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 105KB - Virtual size: 105KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ddcd5f65d57e4999c5d55159221302a3

Headers

File Characteristics

PDB Paths

Imports

user32

kernel32

comdlg32

msvcrt

Exports

Exports

Sections

.text Size: 22KB - Virtual size: 22KB

.e_tab Size: 512B - Virtual size: 125B

.redit Size: 1KB - Virtual size: 123KB

.data Size: 2KB - Virtual size: 1KB

.i_tab Size: 6KB - Virtual size: 5KB

.site Size: 1024B - Virtual size: 526B

.wdata Size: 1024B - Virtual size: 704B

.rsrc Size: 105KB - Virtual size: 105KB

.text
Size: 22KB - Virtual size: 22KB

.e_tab
Size: 512B - Virtual size: 125B

.redit
Size: 1KB - Virtual size: 123KB

.data
Size: 2KB - Virtual size: 1KB

.i_tab
Size: 6KB - Virtual size: 5KB

.site
Size: 1024B - Virtual size: 526B

.wdata
Size: 1024B - Virtual size: 704B

.rsrc
Size: 105KB - Virtual size: 105KB