7587ff481e85904a1f52d955a5f53b97_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

7587ff481e85904a1f52d955a5f53b97_JaffaCakes118
Size

151KB
MD5

7587ff481e85904a1f52d955a5f53b97
SHA1

6da04c33b7115cc581c8c311495e62aac28baade
SHA256

02531a9a1c70395e4e394f30c66ca8155b0ffbd779e3845f8ac4a41d6bcf7ad7
SHA512

1bc3d8f4cca6938e351bc6fe4f2314c561b58e006c8726ebeaab71bc98f2508df9a2e894e05385a4d55148bdab2a058c1286f012d6cfb14519170294e00d8b88
SSDEEP

3072:+Mh0UyDTYkj8bQNuuVkDXQnrHQ/NI+f0nmHtuHu3AE77gruuw+W:i9PYk4iLyLQrGO+fSmNuHuh7fu2

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
7587ff481e85904a1f52d955a5f53b97_JaffaCakes118

Files

7587ff481e85904a1f52d955a5f53b97_JaffaCakes118
.exe windows:5 windows x86 arch:x86

3f9b7453f03d327791a0a7b3d12bdcd3

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

H:\diNocWmdl\yXGFKaxra\dnmKzUwzx\hhQhkTd\IxpgbqotzOQmup.pdb

Imports

msvcrt

calloc
qsort
_controlfp
strtol
__set_app_type
time
__p__fmode
__p__commode
iswxdigit
sscanf
_amsg_exit
system
_initterm
wcscmp
atoi
towlower
fclose
wcsrchr
towupper
clock
localtime
strncpy
fputs
strspn
_acmdln
wcscspn
iswprint
iswspace
toupper
rand
exit
_ismbblead
_XcptFilter
isprint
_exit
fseek
_cexit
iswdigit
__setusermatherr
isalnum
vswprintf
isupper
__getmainargs
fread
printf
wcspbrk
swscanf
bsearch
strcoll

kernel32

SetPriorityClass
GetShortPathNameA
WaitForMultipleObjectsEx
GlobalAlloc
FileTimeToSystemTime
MapViewOfFile
LocalReAlloc
OpenFileMappingA
FileTimeToDosDateTime
MoveFileW
SetTimerQueueTimer
GlobalFlags
GetAtomNameA
GetFileAttributesW
LockResource
TransactNamedPipe
VirtualAlloc
GetSystemDirectoryA
GlobalGetAtomNameA
IsBadWritePtr
DeleteFileA
CreateMailslotW
HeapValidate
GetStartupInfoW
LoadLibraryA
LoadLibraryExW
SetHandleCount
CreateEventW
CreateFileMappingA
CopyFileW
CompareStringA
CreatePipe
ClearCommBreak
GetVersionExW
FindCloseChangeNotification
GetCommandLineW
GetWindowsDirectoryW
GetThreadPriority
GlobalGetAtomNameW
GetModuleHandleA
GetFileSize
WaitForMultipleObjects
DeviceIoControl
GetModuleFileNameA
HeapSize
LocalLock
SetCurrentDirectoryA
SetThreadContext
GlobalCompact
GlobalMemoryStatusEx
GetSystemTimeAsFileTime
SearchPathA
UnhandledExceptionFilter
FindClose
FindResourceA
RaiseException
GetUserDefaultUILanguage

gdi32

SetStretchBltMode
TextOutW
SetAbortProc
SetLayout
CreatePatternBrush
LPtoDP
MoveToEx
SelectClipRgn
CreateICW
CreateDCW
LineDDA
GetCurrentObject
SetBkColor
CreateBitmap
GetNearestColor
CreateDIBitmap
OffsetViewportOrgEx
BeginPath
EndDoc
CreateEllipticRgnIndirect
GetDIBColorTable
CreateHatchBrush
TextOutA
CreatePalette
CreateRectRgnIndirect
GetFontData
GetROP2
SetTextColor
GetClipBox
GetTextColor
GetBitmapBits
GetTextExtentPoint32A
GetTextMetricsW
GetNearestPaletteIndex
RestoreDC
CreateSolidBrush
CreateFontA
UnrealizeObject
OffsetRgn
ExcludeClipRect
Escape
DeleteObject
TranslateCharsetInfo
SetROP2
GetRgnBox
EnumFontsW
RectVisible
PolyBezier
Ellipse
Polyline
CombineRgn

user32

DrawIcon
DispatchMessageW
InsertMenuA
ToUnicodeEx
CharToOemBuffA
AppendMenuA
DestroyCursor
IsWindowVisible
ReleaseDC
CreatePopupMenu
SetScrollInfo
IsDialogMessageA
GetForegroundWindow
GetIconInfo
IsWindowEnabled
GetSysColorBrush
TrackPopupMenuEx
GetWindowLongA
GetClassInfoW
GetUserObjectInformationW
DrawIconEx
GetScrollInfo
IsMenu
SetWindowLongW
GetFocus
DefFrameProcW
ScrollWindow
AttachThreadInput
wvsprintfW
GetUserObjectInformationA
EnableMenuItem
FindWindowExW
SetLastErrorEx
MonitorFromRect
SetWindowTextA
GetDlgItemTextW
DestroyCaret
LoadAcceleratorsW
GetClassInfoExW
RegisterClassExW
InSendMessage
OemToCharA
GetAsyncKeyState
DefDlgProcA
SetDlgItemInt
GetClientRect
GetCursorPos
PostThreadMessageA
IsChild
SendDlgItemMessageA
DestroyAcceleratorTable
RegisterClassW
SetMenuItemBitmaps
SendMessageW
ClipCursor
CharUpperBuffW
GetWindowDC
GetCaretPos
DrawTextExW
DestroyWindow
GetMenuItemID
ModifyMenuW
EndDialog
RegisterWindowMessageW
SwitchToThisWindow
BeginDeferWindowPos
WindowFromPoint
SetFocus
SetCaretPos
ClientToScreen
GetDlgItemTextA
SetWindowTextW
SetScrollRange
GetUpdateRgn
RegisterClassExA
GetClassNameW
IsIconic
SetTimer
SendMessageTimeoutW
FrameRect
CheckMenuRadioItem
ValidateRect
DeleteMenu
CharLowerBuffW
GetWindowPlacement
DialogBoxIndirectParamW
MessageBoxExW
IsRectEmpty
GetTopWindow
IsCharAlphaW
InvalidateRect
IsWindow
MapVirtualKeyA
MapDialogRect
LoadStringW
LoadMenuA
SystemParametersInfoW
SetWindowLongA
ShowWindow
GetMenuItemCount
SetCursorPos
CascadeWindows
LoadImageA
LoadIconA
CreateWindowExW
ChangeMenuW
EnableWindow
DrawStateA
PostThreadMessageW
GetDCEx
DispatchMessageA
GetKeyboardType
KillTimer
GetWindowTextLengthW
DrawAnimatedRects
OpenDesktopW
MessageBoxExA
AllowSetForegroundWindow
LookupIconIdFromDirectory
LoadCursorW
OpenInputDesktop
EndPaint

Exports

Exports

?IncrementFullNameA@@YGIFPADHPAM]A
?HideTaskExW@@YGPAXPAGFPAJ]A
?IncrementWindowOld@@YGXEID]A
?CloseAnchorExA@@YGHPAMDDD]A
?OnTextNew@@YGMJ]A
?CrtTimerExW@@YGXH]A
?KillSystemExW@@YGFPAI]A
?CallWidthNew@@YGPAXK]A
?CloseState@@YGPAXJG]A
?ModifyVersionA@@YGMPAFK]A
?CancelFolder@@YG_NIEME]A
?HideWindowInfoA@@YGKPAHGIH]A
?OnFileExA@@YGIMPAJF]A
?HideDateTimeExA@@YGPAGNMD]A
?EnumPath@@YGXHGNF]A
?FindListItem@@YGPAKDPADJK]A
?ShowRectEx@@YGXPADPAEH]A
?EnumMediaTypeOld@@YGPAKFJH]A
?GlobalListExA@@YGKF]A
?DecrementNameExW@@YGKPAJPAG]A
?DecrementDeviceExW@@YGEPAHI]A
?EnumFunctionA@@YGDDMKH]A
?CloseModuleExA@@YGPAHDEK]A
?InvalidateWindowInfoW@@YGXPAJ]A
?CopyDeviceNew@@YGPAJD]A
?ShowSectionOriginal@@YGPAHDEKG]A
?IncrementDateTimeExW@@YGPA_NJ]A
?ShowNameW@@YG_NPAFM]A
?FreeRectExA@@YGPAMFPAK]A
?AddTask@@YGPAEG]A
?ShowSemaphoreA@@YGIPAJJPAD]A
?OnWindowOld@@YGPAGPAFPAGPAI]A
?CloseAppNameOld@@YGPA_NIKE]A
?CancelWindowEx@@YGPAKFI]A
?LoadScreenOriginal@@YG_NPAHGPAF]A
?PutSystemOriginal@@YGHHKI]A
?SetMonitorExA@@YGMPAJ]A
?LoadFileEx@@YGHDJEPAD]A
?CallNameExA@@YGEK]A
?InvalidateFolderExA@@YGPAFPAFPAHM]A
?FreeObjectOld@@YGIDNPAI]A
?EnumWidthOld@@YGHPAG]A
?FindArgumentW@@YGN_NPAM]A
?EnumDevice@@YGGIFPAE]A
?InsertProjectOld@@YGPAXF]A
?InsertSection@@YGXG]A
?SetFullNameW@@YGJPA_NEPAHM]A
?HideProfileExA@@YGGDPAGPAIJ]A
?EnumDateNew@@YGG_NF_NPAD]A
?DeleteState@@YGXGPA_NEJ]A
?EnumProfileOriginal@@YGPA_NFPAIPAFPAG]A
?KillSystemW@@YGPAJ_NPAD]A
?GetCommandLineEx@@YGPAJPAFN]A
?ValidateSectionEx@@YGHKIPAGPAJ]A
?OnName@@YGDPAIKPAJ]A
?InsertScreenA@@YGXPAF]A
?PutFilePathNew@@YGXPAEPA_N]A
?IsValidSemaphoreW@@YGFPAHPAF]A
?GetProfileExA@@YGXG]A
?CallWindowInfoNew@@YGPAGPAHIG]A
?IsValidPathExA@@YGPADPAK]A
?EnumModuleA@@YG_NHDPAE]A
?ModifyObjectOriginal@@YGGHPAFPAIM]A
?AppNameA@@YGKPAIF]A
?RemovePoint@@YGPAXJPAG]A
?CrtStateNew@@YGPA_NPAJGE]A
?CopyProfileExW@@YGEPAED]A
?GetDateExW@@YGJPAEEEPAI]A
?ValidateProvider@@YGPAX_NH]A
?SendPointerExW@@YGHH_NGF]A
?HideData@@YGIMJH]A
?CrtProviderEx@@YGMPAJ]A
?ValidateHeightNew@@YGPAGPAIPA_NG]A
?InstallChar@@YGIH]A
?IsNotAnchor@@YGPAXEPAJ]A
?CopyMemoryExW@@YGKMMG]A
?FormatMediaTypeOld@@YGHDD]A
?KillEventExA@@YGJJNH]A
?ShowDialogExW@@YGGKPAN]A
?HideObjectEx@@YGEHE]A
?CancelStateExA@@YGEPAD]A
?RemoveDateOriginal@@YG_NMG]A
?CancelFolderNew@@YGXF]A
?IncrementRectExW@@YGDIPANPAEPAE]A
?ModifyWidthEx@@YGJI]A
?MediaTypeA@@YGEF]A
?CallExpressionOriginal@@YGKJGPAFE]A
?InsertPointOriginal@@YGPAD_NPAK]A
?GetMutexExW@@YGXDF]A
?DeleteAppNameExA@@YGPAJPADJPAM]A
?GenerateWidthOriginal@@YGPAKDPAMPAN]A
?GlobalArgumentExA@@YGEPAH]A
?RemoveExpressionA@@YGKDKFI]A
?GlobalDirectoryW@@YGXG]A
?CloseMemoryEx@@YGPAGK]A
?SendListNew@@YGJMD]A
?GlobalKeyboardW@@YGPAXD]A
?DeleteDate@@YGFE]A
?FormatWindowInfoNew@@YGXPAMIG]A
?PutExpressionW@@YGM_NFPAJ]A
?RemoveKeyNameA@@YGJG]A
?FindFullNameA@@YGPAXMFPAK]A
?CancelProcessOld@@YGJNMEPAF]A
?FindAppNameEx@@YGPAXMEPA_N]A
?GenerateCharW@@YGGG]A
?HideNameEx@@YGXED]A
?RtlTimeOriginal@@YGFPAHPANK]A
?SetFullNameA@@YGPAHK]A
?CopyFilePathOld@@YGNJE]A
?InsertMonitorOriginal@@YGEM_NJK]A
?GetOptionEx@@YGEFEK]A
?EnumName@@YGXG]A
?CancelSize@@YGPAH_N]A
?ShowFileOriginal@@YGPAJHDJ]A
?FreeDialogExW@@YGIPAJ]A
?FindMutantNew@@YGPAJHPAKPAE]A
?CloseTimerOld@@YGXJHPAH]A
?CancelDateTimeA@@YGPAMPA_NM]A
?AnchorExA@@YGJIPAM]A
?FormatTaskOld@@YGPAMKMPAJ]A
?DeleteAnchorExA@@YGFHMME]A
?SendFullNameOriginal@@YGFKKGH]A
?SetMessageA@@YGIPAKK]A
?CallKeyNameNew@@YGPADKKPAD]A
?GeneratePointerOriginal@@YGJPAMPAG]A
?CopyDeviceEx@@YGPAGJGPAFM]A
?CrtMutantEx@@YGIEPAK]A
?EnumProcessExA@@YGMHPAF]A
?AddKeyboardOriginal@@YGIPAHGPAF]A
?KillMutexNew@@YGIFFD]A
?KillHeader@@YGHPAH]A
?IsCommandLine@@YGXH]A
?HideFolderPathExW@@YGPAXGPAN]A
?FindRectW@@YGDPADFF]A
?HideVersionEx@@YGFPA_NPAK]A
?PutSystem@@YGGHF]A
?InsertProfileNew@@YGXJ]A
?CopyThreadA@@YGGJPAF]A
?DeleteStringA@@YGJGPAMKM]A
?InstallDeviceNew@@YGPAMJMPANG]A
?FormatMonitorOriginal@@YGIEJKH]A
?RtlFilePathNew@@YGGPAMDM]A
?SetOptionW@@YGDEDJG]A
?AddSizeA@@YGMPAH_NHPAE]A
?ModifyDirectoryExW@@YGPANHJ]A
?EnumMemoryW@@YGKIEPA_NE]A
?RemoveTimerW@@YGDPAM]A
?InvalidateRectOld@@YGPAJPA_NFK_N]A
?ModifyCommandLineExA@@YGNGI]A
?DecrementDialogA@@YGXPAG]A
?FreeFolderA@@YGKPAMGG]A
?DecrementFunctionA@@YGDG]A
?CallKeyboardA@@YGPAGN]A
?FormatValueOriginal@@YGMMPAF]A
?RtlHeaderExA@@YGXPAFGPAI]A
?RtlFolderPathW@@YGXGIPAE]A
?DeleteWindowInfo@@YGIPA_NGPAI]A
?CancelRectOld@@YGMNJ]A
?InsertStateExW@@YGPA_N_N]A
?ValidateFolder@@YGPAXPAHPAN]A
?SetHeader@@YGGDGF]A
?IsTimeA@@YGXHHI]A
?KillFunctionW@@YGMJIFPA_N]A
?InstallHeaderExW@@YGEFFGPAN]A
?ValidateRectNew@@YGXM]A
?HideClassNew@@YGPAHIPAHKF]A
?DeviceExA@@YGHJJPAMI]A
?CallOptionEx@@YGPA_NPAJK]A
?KillFileOriginal@@YGXG]A
?ModifyObjectOld@@YGIPADPAH_N]A
?HideObjectExW@@YGMJ_N]A
?ValidateKeyboardW@@YGNPAM]A
?RemoveOption@@YGPAGKID]A
?CancelDataOld@@YGMHD]A
?SendDialogW@@YGHMJM]A
?FormatProcessOriginal@@YGJEDKJ]A
?IsNotSemaphoreOriginal@@YGPAJPAMFFH]A
?ValidateTimeExW@@YGHPAHN]A
?ValidateCommandLine@@YGPAXPANEK]A
?IsKeyNameExA@@YGKK_N]A
?GetAppNameEx@@YGPAXH]A
?IsNotMutexExW@@YGJDPAH]A
?CallDialogW@@YGNMPAHF_N]A
?InvalidateProviderExA@@YGDE]A
?FindOptionExW@@YGXEE]A
?CrtDirectoryNew@@YGHHPADNK]A
?IsValidDirectoryExA@@YGPAKPAEIPAM]A
?AddHeaderNew@@YGXPAKPAFPAJ]A
?CloseListExA@@YGNGPAJ_N]A
?PutStringExW@@YGPAXJK]A
?ShowTimerA@@YGFPAJF]A
?DecrementRectOld@@YGGPAEPAMHD]A
?DestinationSysCounterDnDHuuey@@YGKGHE@Z
?CallProjectA@@YGPAXPAKD]A
?RemoveKeyboardOriginal@@YGXE]A
?DecrementDirectory@@YGHPANNH]A
?RemoveAppNameOriginal@@YGHPAF]A
?KillNameExW@@YGIPAGHKPAM]A
?CancelHeaderW@@YGGM]A
?ModifyClassA@@YGKFFH]A
?InvalidateListItemA@@YGPAKPAK]A
?KillConfigW@@YGJMN]A
?InstallHeight@@YGPADMGPAE]A
?DecrementProjectOld@@YGPAGI_NF]A
?GetPathExW@@YGFJ]A
?OnOption@@YGHGMPA_NE]A
?FormatSystem@@YGMFPAEH]A
?DeleteKeyboardExA@@YGPAFPAFPAHHG]A
?FindFunctionExW@@YGFPAJH_N]A
?GenerateListNew@@YGXPAKI]A
?DeleteHeaderExW@@YGPAIPAJPADJ]A
?ShowMemoryA@@YGIMPAH]A
?PutProcessExA@@YGGJ]A
?ModifyMutantW@@YGPAKKPAJPAJ]A
?ValidateFolderOriginal@@YGXPAKFE]A

Sections

.text
Size: 30KB - Virtual size: 30KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 4KB - Virtual size: 50KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 109KB - Virtual size: 108KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

3f9b7453f03d327791a0a7b3d12bdcd3

Headers

File Characteristics

PDB Paths

Imports

msvcrt

kernel32

gdi32

user32

Exports

Exports

Sections

.text Size: 30KB - Virtual size: 30KB

.idata Size: 6KB - Virtual size: 5KB

.data Size: 4KB - Virtual size: 50KB

.rsrc Size: 109KB - Virtual size: 108KB

.reloc Size: 1KB - Virtual size: 1KB

.text
Size: 30KB - Virtual size: 30KB

.idata
Size: 6KB - Virtual size: 5KB

.data
Size: 4KB - Virtual size: 50KB

.rsrc
Size: 109KB - Virtual size: 108KB

.reloc
Size: 1KB - Virtual size: 1KB