82786122c432b0c84c29b28baf7f95db_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

82786122c432b0c84c29b28baf7f95db_JaffaCakes118
Size

68KB
MD5

82786122c432b0c84c29b28baf7f95db
SHA1

98de857ccae9697e4a71fc63768e9a1fd289fd5d
SHA256

0932675c38c90cfe69bac83a79d2c7ed57d6de0dcb5747317899f70a2abd7294
SHA512

1e5e3b9d8b5f900a7bea50d8ff286f8014330ae710bcbaa0ca149f3b53749d88a5749117be4be76f513ab9a1455596d13ee67924fbf353a357eaac5c3b78049d
SSDEEP

1536:OEDUizO/oDEyup61H/oQBGW4bnBfPTRWHhvU+r7yHYbJ:5DUizMo1upYwQIcHhsDC

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
82786122c432b0c84c29b28baf7f95db_JaffaCakes118

Files

82786122c432b0c84c29b28baf7f95db_JaffaCakes118
.exe windows:5 windows x86 arch:x86

eb6c1d68e03e33d234fcbe78c2d81554

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

T:\kgPHYilQuu\entauQOuvbvn\lmIXwxF.pdb

Imports

shlwapi

PathIsUNCW

comdlg32

PrintDlgExW
CommDlgExtendedError
ReplaceTextW
PageSetupDlgW
GetOpenFileNameW

kernel32

FileTimeToSystemTime
CloseHandle
CopyFileA
LoadLibraryW
CreateNamedPipeA
IsBadCodePtr
TransactNamedPipe
SetFilePointer
lstrlenW
SleepEx
EnumResourceTypesA
FindNextFileW
GetShortPathNameA
lstrcatW
FindFirstFileA
FindResourceExW
SizeofResource
GetFileInformationByHandle
GetLongPathNameW
GetUserDefaultLCID
GetModuleFileNameA
VerifyVersionInfoW
GetModuleFileNameW
GetExitCodeThread
GlobalReAlloc
SetEvent
WaitCommEvent
FormatMessageA
FreeLibrary
EnumResourceNamesW
SetMailslotInfo
LocalReAlloc
EscapeCommFunction
SetEndOfFile
CreateFileMappingW
LockFile
lstrcmpW
ReleaseMutex
SetupComm
GetUserDefaultUILanguage
SetThreadContext
CreateThread
SetThreadPriority
DisconnectNamedPipe
SetErrorMode
GetCommConfig
GetFileType
HeapFree
GetVersionExA
lstrcpyW
GetSystemDirectoryA
RegisterWaitForSingleObject
WaitForSingleObject
SetHandleCount
SetFileTime
GetSystemTimeAdjustment

msvcrt

strcpy
exit
strerror
fgets
_controlfp
atol
isdigit
srand
wcscpy
strrchr
fwrite
bsearch
iswspace
realloc
__set_app_type
__p__fmode
sprintf
setlocale
setvbuf
wcschr
iswxdigit
__p__commode
swprintf
strncmp
strspn
wcstoul
_amsg_exit
_initterm
isprint
rand
system
iswctype
_ismbblead
puts
fflush
_XcptFilter
fputs
islower
_exit
_cexit
wcsrchr
wcstok
memset
__setusermatherr
vswprintf
calloc
__getmainargs
isalpha

user32

GetClientRect
ReplyMessage
LoadIconW
SetMenuItemInfoW
GetFocus
SendDlgItemMessageW
DrawIcon
GetUpdateRect
SetMenuDefaultItem
GetActiveWindow
ExitWindowsEx
InSendMessage
GrayStringW
WindowFromPoint
SetActiveWindow
SetScrollRange
SetSysColors
SendMessageW
GetUserObjectInformationW
SetParent
DragObject
OemToCharBuffA
SetDlgItemTextA
HiliteMenuItem
AppendMenuA
GetScrollInfo
IsDialogMessageW
FindWindowW
CharNextA
LoadMenuW
RemoveMenu
AppendMenuW
IsWindowVisible
GetClassInfoExW
GetMenuItemRect
DialogBoxParamW
GetDlgItem
MapDialogRect
OpenInputDesktop
HideCaret
GetForegroundWindow
ShowOwnedPopups
ValidateRect
SetFocus
SendNotifyMessageW
InSendMessageEx
BeginPaint
AdjustWindowRectEx
PostThreadMessageW
SetScrollPos
GetMessageW
SetCaretPos
TranslateMessage
GetMessageA
AttachThreadInput
InvalidateRgn
OemToCharA
AllowSetForegroundWindow
ClipCursor
GetWindowTextLengthW
MonitorFromRect
GetMonitorInfoW
DrawFrameControl
CharLowerBuffW
GetShellWindow
KillTimer
DrawIconEx
DestroyWindow
CharNextW
GetMessagePos
ShowScrollBar
InsertMenuA
IsCharAlphaA
ScreenToClient
SetRectEmpty
CheckDlgButton
GetAsyncKeyState
CharPrevA
ShowCursor
GetKeyboardType
FillRect
GetSysColor
CheckMenuItem
GetDC
IsMenu
ShowWindowAsync
ReleaseDC
TrackPopupMenu
SetLastErrorEx
CheckRadioButton
SetCursorPos
SetWindowPlacement
GetScrollPos
RegisterClassExA
mouse_event
FindWindowExA
GetPropW
CreateMenu
GetKeyNameTextW
ActivateKeyboardLayout
InternalGetWindowText
wvsprintfA
InsertMenuItemW
ModifyMenuW
DialogBoxIndirectParamW
SetMenuItemBitmaps
GetClassLongA
SendDlgItemMessageA
wsprintfA
SystemParametersInfoW
CreateCursor
RegisterClassW
GetMenuItemInfoW
ScrollWindow
GetClassNameW
GetClassInfoW
GetMenu
SetScrollInfo
GetWindowLongW
GetTopWindow
CreateDialogParamA
LoadStringW

Exports

Exports

?CalculateStringCapacity@@YGKDDPAX:O

Sections

.text
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.dati
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.date
Size: 512B - Virtual size: 99B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.char
Size: 1024B - Virtual size: 559B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.odata
Size: 13KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.align
Size: - Virtual size: 119KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tls
Size: 512B - Virtual size: 512B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 32KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 30KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

eb6c1d68e03e33d234fcbe78c2d81554

Headers

File Characteristics

PDB Paths

Imports

shlwapi

comdlg32

kernel32

msvcrt

user32

Exports

Exports

Sections

.text Size: 9KB - Virtual size: 8KB

.dati Size: 6KB - Virtual size: 5KB

.date Size: 512B - Virtual size: 99B

.char Size: 1024B - Virtual size: 559B

.odata Size: 13KB - Virtual size: 12KB

.data Size: 3KB - Virtual size: 2KB

.align Size: - Virtual size: 119KB

.tls Size: 512B - Virtual size: 512B

.rsrc Size: 32KB - Virtual size: 32KB

.reloc Size: 2KB - Virtual size: 30KB

.text
Size: 9KB - Virtual size: 8KB

.dati
Size: 6KB - Virtual size: 5KB

.date
Size: 512B - Virtual size: 99B

.char
Size: 1024B - Virtual size: 559B

.odata
Size: 13KB - Virtual size: 12KB

.data
Size: 3KB - Virtual size: 2KB

.align
Size: - Virtual size: 119KB

.tls
Size: 512B - Virtual size: 512B

.rsrc
Size: 32KB - Virtual size: 32KB

.reloc
Size: 2KB - Virtual size: 30KB