734c4c962d1b075a6c7d58445911addf_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

734c4c962d1b075a6c7d58445911addf_JaffaCakes118
Size

69KB
MD5

734c4c962d1b075a6c7d58445911addf
SHA1

05c38d41c1145521bd31665a9f000ed30734ee60
SHA256

b64ea65550f0df2795c4e19f69f6e38ae5c61f82419658a44d6eb53830c24a9e
SHA512

8df4cf6159596c5bc1f4f643e32488dd44b7bd2f48455458850a8b6a4e530b64bed31e2dbbd06d6e25aa889d4ce9618566ae3896f98b45691fa870f3ec712514
SSDEEP

768:7sLqWJmxnrp7Rye+zYfiVIAbs5AtedcRvtOPLCFOgUC+YNhorSOvtSPaBhazrMrB:7sFKrBkvdZyYpIPWzrMJsuUQK

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
734c4c962d1b075a6c7d58445911addf_JaffaCakes118

Files

734c4c962d1b075a6c7d58445911addf_JaffaCakes118
.exe windows:5 windows x86 arch:x86

6ff72f9e8c4d8a562958f3ab6d41431f

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

S:\fNsMmhi\qzzESoxtCcotlB\cvUWehaT\nnewQzzBx.pdb

Imports

msvcrt

_controlfp
toupper
iswalpha
malloc
strcoll
__set_app_type
strncpy
wcsrchr
isspace
free
wcstod
fputs
wcscat
strspn
strcpy
gmtime
strcspn
__p__fmode
__p__commode
wcslen
wcspbrk
atol
_amsg_exit
_initterm
wcstok
floor
ungetc
fgets
setvbuf
iswspace
fgetc
strerror
mbstowcs
fputc
_ismbblead
memset
_XcptFilter
_exit
_cexit
tolower
fclose
vswprintf
__setusermatherr
__getmainargs
wcstol
swprintf
strtol
isupper
realloc
isxdigit

kernel32

GetPriorityClass
ConvertDefaultLocale
FileTimeToSystemTime
GetSystemWindowsDirectoryW
GetVersionExA
HeapFree
GetComputerNameExA
MoveFileA
LoadLibraryExW
OpenFileMappingW
GetThreadPriority
FindNextFileW
SleepEx
GetCommandLineW
FindFirstFileA
ReleaseMutex
LCMapStringA
CreateWaitableTimerA
ResumeThread
GlobalGetAtomNameW
GetBinaryTypeW
RemoveDirectoryW
GlobalSize
Sleep
UnhandledExceptionFilter
lstrcpyA
GetBinaryTypeA
GetCurrentThread
SetThreadContext
MoveFileExW
CreateFileW
GetModuleFileNameW
SetErrorMode
SetThreadPriority
VirtualAlloc
GetCurrentDirectoryW
HeapSize
lstrcpyW
IsDBCSLeadByte
GlobalUnlock
GetFullPathNameA
CompareStringW
EnumResourceNamesW
GlobalAlloc
GetTempPathW
GetVersion
DefineDosDeviceW
LCMapStringW
SetLocalTime
TlsSetValue
GetLocaleInfoA
AddAtomA

shlwapi

PathIsUNCA

comctl32

CreateToolbarEx
ImageList_Read
CreateStatusWindowW
PropertySheetA
ImageList_LoadImageW
ImageList_Create

user32

CopyRect
DestroyWindow
DrawFocusRect
GetWindow
GetCursorPos
KillTimer
CheckRadioButton
DrawEdge
ShowOwnedPopups
GetDlgItem
ChildWindowFromPointEx
AttachThreadInput
CreatePopupMenu
AppendMenuA
DestroyCursor
CheckMenuItem
IsDialogMessageA
DialogBoxIndirectParamA
SendMessageW
LoadBitmapW
GetLastActivePopup
GetActiveWindow
WaitForInputIdle
CreateWindowExA
PostThreadMessageA
CharUpperW
GetUpdateRgn
CopyAcceleratorTableW
VkKeyScanW
EndDialog
EnableScrollBar
SwitchToThisWindow
MapVirtualKeyExW
LoadMenuA
CharPrevW
DrawTextA
SetDlgItemTextW
SetForegroundWindow
CharUpperBuffA
LoadStringW
wsprintfA
GetMenu
LoadIconW
DeleteMenu
UnionRect
GetClassLongA
OffsetRect
CharNextW
WaitMessage
EnableMenuItem
CreateCursor
OemToCharA
wvsprintfW
CheckDlgButton
IsMenu
SetPropW
CallWindowProcW
MonitorFromPoint
GetNextDlgGroupItem
BeginPaint
DrawStateW
DeferWindowPos
SetParent
IsWindowVisible
GetMessageA
PostThreadMessageW
DrawTextExW
GetDCEx
GetAsyncKeyState
InSendMessageEx
FindWindowExW
CheckMenuRadioItem
SetFocus
SetMenu
SetScrollInfo
ScrollWindowEx
GetMenuItemCount
DrawAnimatedRects
InsertMenuItemW
MapWindowPoints
CharToOemBuffA
DialogBoxIndirectParamW
InternalGetWindowText
SetWindowRgn
GetCaretPos
GetScrollInfo
CreateIconFromResource
SetScrollPos
GetKeyboardLayoutList
CreateIconIndirect
HideCaret
ClipCursor
OpenInputDesktop
DrawMenuBar
CharToOemW
GetMessageW
ScrollWindow
DestroyCaret
CharToOemA
SetClassLongW
SystemParametersInfoW
UpdateWindow
TabbedTextOutW
GetClipCursor
CharNextExA
GetForegroundWindow
ReplyMessage
DrawTextW
SetWindowPlacement
DialogBoxParamA
GetDialogBaseUnits
GetSysColorBrush
IsDlgButtonChecked
SendMessageA
SendDlgItemMessageW
wsprintfW
IsWindow
ReleaseDC
DrawFrameControl

comdlg32

GetOpenFileNameA
PrintDlgW
ChooseFontW
PrintDlgExW
GetFileTitleW
GetOpenFileNameW

Exports

Exports

?ForwardControlItem@@YGK_KK:O

Sections

.text
Size: 22KB - Virtual size: 21KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.init
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.erts
Size: 512B - Virtual size: 88B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.wall
Size: 1024B - Virtual size: 40KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.info
Size: 512B - Virtual size: 192B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.udata
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tls
Size: 512B - Virtual size: 512B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 25KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

6ff72f9e8c4d8a562958f3ab6d41431f

Headers

File Characteristics

PDB Paths

Imports

msvcrt

kernel32

shlwapi

comctl32

user32

comdlg32

Exports

Exports

Sections

.text Size: 22KB - Virtual size: 21KB

.init Size: 6KB - Virtual size: 5KB

.erts Size: 512B - Virtual size: 88B

.wall Size: 1024B - Virtual size: 40KB

.info Size: 512B - Virtual size: 192B

.data Size: 3KB - Virtual size: 2KB

.udata Size: 7KB - Virtual size: 7KB

.tls Size: 512B - Virtual size: 512B

.rsrc Size: 25KB - Virtual size: 24KB

.reloc Size: 2KB - Virtual size: 1KB

.text
Size: 22KB - Virtual size: 21KB

.init
Size: 6KB - Virtual size: 5KB

.erts
Size: 512B - Virtual size: 88B

.wall
Size: 1024B - Virtual size: 40KB

.info
Size: 512B - Virtual size: 192B

.data
Size: 3KB - Virtual size: 2KB

.udata
Size: 7KB - Virtual size: 7KB

.tls
Size: 512B - Virtual size: 512B

.rsrc
Size: 25KB - Virtual size: 24KB

.reloc
Size: 2KB - Virtual size: 1KB