820c531208d93d2caa3237079de4d195_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

820c531208d93d2caa3237079de4d195_JaffaCakes118
Size

217KB
MD5

820c531208d93d2caa3237079de4d195
SHA1

943262d255a914eaef7fc48af93910c734f5545b
SHA256

22fa39ff976f5b7caffe38a41a4d3e4fe519cc7da95143be0424395eb3a396a1
SHA512

cf4db4feabb9f8d2faa5710e684ce113d37d946bb908eb49e2d43042a31f89d2471244ef2f20c7c4ecb28c68033afd6e89e2465e980fc43135e5a91bc7a9ad44
SSDEEP

6144:1U1rSLkUDLMtq3yjJHNkXN36LTvDuTxTCi:KrYZDII3+nOQfqtWi

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
820c531208d93d2caa3237079de4d195_JaffaCakes118

Files

820c531208d93d2caa3237079de4d195_JaffaCakes118
.exe windows:5 windows x86 arch:x86

e681b269e33062fbb438c3e8a7bab104

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

E:\zkhztEUMwmhqS\GNoooJKkY\DeXbOzg\AdnyknmoA.pdb

Imports

gdi32

StartDocW
EndPage
Polyline
DPtoLP
GetStockObject
GetTextCharsetInfo
EnumFontFamiliesW
GetFontData
SetAbortProc
GetSystemPaletteEntries
GetNearestColor
CreateFontW
SetBkMode
TextOutA
CreateSolidBrush
StartPage
PathToRegion
AddFontResourceW
SetTextAlign
GetBitmapBits
CreateFontIndirectW
SelectObject
LineTo
GetTextColor
CombineRgn
DeleteObject
MoveToEx
PatBlt
CreatePolygonRgn
OffsetRgn
GetTextMetricsA
CreateHalftonePalette
CreatePenIndirect
GetNearestPaletteIndex
TranslateCharsetInfo
SetBitmapDimensionEx
GetTextExtentPoint32W
CreateBitmap
SetLayout
ExtFloodFill
CreateFontIndirectA
CreateRectRgnIndirect
EndPath
GetRgnBox
CreateBrushIndirect
GetTextExtentPointW
SelectClipRgn
GetDeviceCaps
CreateDiscardableBitmap
CreateHatchBrush
OffsetViewportOrgEx
RectVisible
ScaleWindowExtEx
GetWindowOrgEx
GetObjectA
SetBrushOrgEx
LineDDA
Polygon
EndDoc
GetViewportOrgEx
SelectPalette
GetCurrentObject
GetTextMetricsW
GetDIBits
IntersectClipRect
ResizePalette
ExtTextOutA
CreatePalette
SetPaletteEntries

user32

SetMenuItemInfoW
SendMessageW
AttachThreadInput
GetWindowDC
GetClassLongA
GetUpdateRect
InvalidateRect
EnableScrollBar
GetLastActivePopup
ShowCaret
LoadAcceleratorsA
CreateCursor
SystemParametersInfoW
GetSystemMenu
MessageBoxExW
CharUpperA
DrawIconEx
RemoveMenu
IsMenu
LoadMenuA
PeekMessageW
InflateRect
GetUserObjectInformationW
wvsprintfA
BeginPaint
GetForegroundWindow
AppendMenuW
CharToOemA
SetWindowLongA
IsRectEmpty
LoadIconA
TranslateAcceleratorW
ReplyMessage
ScrollWindowEx
CloseDesktop
GetKeyboardType
SetRectEmpty
CascadeWindows
WindowFromPoint
PostThreadMessageA
ShowCursor
IsDialogMessageA
GetShellWindow
GetClassInfoA
InsertMenuA
MapDialogRect
CreateDialogParamW
SetMenu
OpenDesktopW
CharLowerW
GetCaretPos
ChangeMenuW
SetScrollInfo
ReleaseDC
DragObject
mouse_event
GetTopWindow
GetMenuState
OpenIcon
LoadAcceleratorsW
MapVirtualKeyW
GetDlgItemTextA
DefDlgProcA
DefWindowProcA
DestroyCursor
ToUnicodeEx
wvsprintfW
GetSysColorBrush
PostThreadMessageW
GetMenuItemInfoW
SwitchToThisWindow
KillTimer
GetKeyboardLayoutNameW
GetIconInfo
keybd_event
GetActiveWindow
GetUpdateRgn
GetPropW
MessageBoxExA
BeginDeferWindowPos
DispatchMessageA
ClipCursor
DefDlgProcW
IsWindow
DrawFrameControl
CreateCaret
CharToOemW
RegisterHotKey
CallWindowProcW
GetWindowTextLengthW
LoadCursorW
PtInRect
SetClassLongW
ScreenToClient
DestroyAcceleratorTable
RegisterWindowMessageW
SetWindowRgn
CheckRadioButton
GetMessagePos
GetDC
GetMenuItemRect
IntersectRect
EnableMenuItem
GetDlgItemInt
CreateIconFromResource
LoadBitmapW
InsertMenuItemW
GetDlgCtrlID
LookupIconIdFromDirectory
GetMenuStringA
OffsetRect
GetWindow
ShowWindow
CharNextW
RegisterWindowMessageA
GetWindowTextW
LoadMenuW
GetScrollRange
AdjustWindowRectEx
GetSystemMetrics
InSendMessage
ShowWindowAsync
FindWindowA
ModifyMenuW
GetKeyNameTextW
MessageBoxA
DefFrameProcW
GrayStringW
CreateIconIndirect
EnumThreadWindows
IsCharUpperA
InvertRect
FindWindowW
MessageBoxW
DestroyWindow
PostMessageW
CharUpperW
InternalGetWindowText
GetMessageW
TrackPopupMenuEx
ShowOwnedPopups
GetParent
InvalidateRgn
SetWindowTextW
GetMenuItemCount
EnableWindow
CreateDialogParamA
GetDesktopWindow
InsertMenuW
AllowSetForegroundWindow
DrawFocusRect
GetScrollPos
GetKeyboardLayout
ArrangeIconicWindows
CreateDialogIndirectParamW
RedrawWindow
CreateWindowExW
DrawMenuBar
HideCaret
SetRect
GetClassInfoW
GetUserObjectInformationA
GetDlgItemTextW
DefFrameProcA
IsChild
SetParent

kernel32

GetCurrentDirectoryW
GetTempFileNameA
FlushFileBuffers
GetSystemTimeAsFileTime
GlobalUnlock
ClearCommBreak
IsDBCSLeadByteEx
GlobalCompact
lstrcmpiA
SetLastError
GetTickCount
GetSystemWindowsDirectoryW
SetFileAttributesA
WinExec
lstrcatA
OpenFile
CreateDirectoryA
GetFileAttributesExA
FormatMessageW
lstrcmpW
CallNamedPipeW
OpenSemaphoreW
GetFileType
CreatePipe
GetSystemDirectoryA
GetNumberFormatA
MoveFileA
GetBinaryTypeW
GetCompressedFileSizeW
SleepEx
CancelIo
DuplicateHandle
ReadFile
GetTimeZoneInformation
GetModuleHandleA
ResumeThread
GetFileAttributesW
GetOEMCP
GetNumberFormatW
GetLocaleInfoA
LCMapStringW
SearchPathA
SetCurrentDirectoryW
MoveFileExW
FindNextFileW
GetStdHandle
GetDateFormatA
HeapCreate
DeleteFileW
CreateEventA
OpenFileMappingA
GetCommState
GetUserDefaultLCID
Sleep
CreateFileW
TlsFree
GetTempPathW
RemoveDirectoryA
DeleteFileA
GetModuleFileNameA
SetFileTime
FindNextFileA
GetStringTypeExW
SetTimerQueueTimer
GetFullPathNameA
IsValidLanguageGroup
CreateMailslotW
LoadLibraryW
GlobalAlloc
FreeLibrary
QueryDosDeviceW
lstrlenA
GetComputerNameExA
GetCPInfo
SetWaitableTimer

msvcrt

wcsstr
wcstok
strcoll
ungetc
tolower
isupper
_controlfp
strchr
malloc
wcschr
__set_app_type
wcspbrk
iswxdigit
fread
isdigit
isalnum
qsort
atol
wcscpy
wcscspn
strncpy
isalpha
__p__fmode
setvbuf
remove
wcsncmp
fclose
mbtowc
__p__commode
_amsg_exit
wcscat
mbstowcs
strcspn
_initterm
fflush
_ismbblead
gets
system
localtime
_XcptFilter
strstr
strcpy
exit
ftell
realloc
_exit
atoi
wcslen
strpbrk
_cexit
wcstoul
fwrite
memset
__setusermatherr
getc
__getmainargs
wcstombs
fputc
bsearch
gmtime
iswalpha

Exports

Exports

?FormatFilePathExA@@IJDKJFH@X
?RemoveTextA@@IJXNFHPAK@X
?GlobalAppNameW@@IJPA_NPAHFG@X

Sections

.text
Size: 60KB - Virtual size: 59KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.code
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 11KB - Virtual size: 81KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 130KB - Virtual size: 130KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e681b269e33062fbb438c3e8a7bab104

Headers

File Characteristics

PDB Paths

Imports

gdi32

user32

kernel32

msvcrt

Exports

Exports

Sections

.text Size: 60KB - Virtual size: 59KB

.code Size: 12KB - Virtual size: 12KB

.data Size: 11KB - Virtual size: 81KB

.rsrc Size: 130KB - Virtual size: 130KB

.reloc Size: 2KB - Virtual size: 1KB

.text
Size: 60KB - Virtual size: 59KB

.code
Size: 12KB - Virtual size: 12KB

.data
Size: 11KB - Virtual size: 81KB

.rsrc
Size: 130KB - Virtual size: 130KB

.reloc
Size: 2KB - Virtual size: 1KB