8477a924ecc052d49ea60bc291366772_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

8477a924ecc052d49ea60bc291366772_JaffaCakes118
Size

41KB
MD5

8477a924ecc052d49ea60bc291366772
SHA1

1f72f4985ccba184bdac3ffbbf47d2fcd236d3b8
SHA256

97d490c2998f56a64c6e5bebc10b8a066e2f1848313fc1614ad41e1d4c847f49
SHA512

8350954c314f8a675f22d7d11f2bde115ef6e039b9da26d33345b8401d90a4f2f63ae2e491ada10472cd8070e872ec88e5724551fb300204e289cf64a19cd3e3
SSDEEP

768:PXwrw/XWs9nE0zeO6+bPOmsYIBcHuluF5rhGkIGqZB9NANbpdWb9KR1b7bRy:PXh/RE8sRBcYDQpzR1

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8477a924ecc052d49ea60bc291366772_JaffaCakes118

Files

8477a924ecc052d49ea60bc291366772_JaffaCakes118
.exe windows:5 windows x86 arch:x86

d6c64fb62c4c9fbf0a736a784447e5f8

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

R:\gzwkhuymkdDYxe\iqmrRFfktxiZtC\jvlnfvK\ugsonbrYDYQ\VaPVxcHuv.pdb

Imports

shlwapi

UrlIsA

msvcrt

wcsncmp
isdigit
wcschr
strchr
printf
strspn
srand
strtol
_controlfp
__set_app_type
__p__fmode
__p__commode
isupper
qsort
remove
fwrite
ungetc
iswdigit
_amsg_exit
wcscoll
strrchr
_initterm
towupper
mbstowcs
toupper
_ismbblead
_XcptFilter
_exit
iswspace
strstr
_cexit
__setusermatherr
fflush
gets
wcstod
iswctype
__getmainargs
strcspn
calloc
isprint
bsearch
fread
wcspbrk
clock
perror
towlower
free

user32

CharUpperBuffW
GetMenuState
CascadeWindows
IsCharAlphaW
DrawFrameControl
DrawMenuBar
GetAltTabInfoA
TranslateAcceleratorW
MessageBoxA
SetCursor
SetForegroundWindow
DrawStateA
GetSystemMetrics
SetUserObjectInformationW
ExitWindowsEx
GetClassNameW
TrackPopupMenu
OffsetRect
LoadMenuA
CharToOemW
InflateRect
LoadBitmapA
SetMenu
CreateWindowExA
SetLastErrorEx
MonitorFromRect
SetMenuDefaultItem
DrawEdge
GetMenuCheckMarkDimensions
SetFocus
GetNextDlgTabItem
DialogBoxIndirectParamW
UpdateWindow
FindWindowA
GetLastActivePopup
GetDlgItemTextA
SetWindowLongA
KillTimer
IsRectEmpty
MonitorFromPoint
IsIconic
AttachThreadInput
MapVirtualKeyA
GetDlgItem
BeginPaint
ReleaseDC
ScrollWindow
DragObject
SendMessageA
GetDlgItemInt
GetMessageTime
CharLowerBuffW
SetWindowLongW
DestroyCursor
ModifyMenuW
AllowSetForegroundWindow
TranslateMessage
SetActiveWindow
ShowOwnedPopups
GetAsyncKeyState
SwitchToThisWindow
SetCursorPos
ShowWindow
GetClassInfoW
IntersectRect
FindWindowExA
GetWindowTextLengthW
MoveWindow
SetWindowTextW
AdjustWindowRect
CheckMenuItem
DrawAnimatedRects
CheckDlgButton
SetDlgItemTextW
TranslateAcceleratorA
SetTimer
GetUpdateRect
GetWindowLongA
GetKeyboardLayoutList
CheckRadioButton
EqualRect
LoadCursorW
GetKeyboardLayout
DialogBoxParamA
IsCharLowerA
PostMessageA
WindowFromPoint
LoadCursorA
IsWindowVisible
MessageBoxExW
GetScrollPos
GetSysColorBrush
MapVirtualKeyExW
ArrangeIconicWindows
SetClassLongW
SendDlgItemMessageW
SetWindowPos
GetMenuStringW
DefFrameProcW
PeekMessageA
GetMenuItemRect
CreateDialogParamW
FrameRect
mouse_event
InsertMenuW
SendInput
GetClassLongA
ActivateKeyboardLayout
CharUpperW
ChangeMenuW
GetMenuItemInfoW
GetClassLongW
CreateDialogIndirectParamW
SetPropW
GetScrollRange
SetWindowRgn
SendDlgItemMessageA
OemToCharBuffA
ChildWindowFromPointEx
DeleteMenu
PostThreadMessageA
DestroyCaret

kernel32

GetProcessHeap
GetLocaleInfoW
GetThreadContext
AddAtomA
TerminateThread
FindResourceExW
VirtualFree
SetFileAttributesA
GlobalAlloc
GetAtomNameA
GlobalAddAtomW
GetStartupInfoW
LoadLibraryW
SetFileAttributesW
FoldStringW
GetModuleFileNameA
WaitForSingleObject
CreateFileA
SetCurrentDirectoryA
MoveFileW
SetNamedPipeHandleState
OpenFileMappingA
SetThreadContext
HeapLock
GetOEMCP
HeapAlloc
GetFileSize
CreateFileMappingA
GetModuleHandleW
lstrcmpA
GetFileAttributesW
GetFileAttributesExW
HeapSize
HeapFree
UnmapViewOfFile
GetSystemWindowsDirectoryW
lstrcpyA
UnhandledExceptionFilter
ResetEvent
GetComputerNameW
CancelWaitableTimer
CreateDirectoryW
GetComputerNameExA
GetShortPathNameW
SetTimerQueueTimer
GlobalHandle
GetStdHandle
GetThreadPriority
GlobalMemoryStatusEx
HeapCreate
GetFileTime
VirtualAlloc
GetBinaryTypeA
EscapeCommFunction
SetWaitableTimer
GlobalMemoryStatus
QueryPerformanceCounter
ClearCommError
EnumSystemLocalesA

Exports

Exports

?BinaryRedirectNetDYuyhDBH@@YGKGE[D

Sections

.text
Size: 20KB - Virtual size: 20KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d6c64fb62c4c9fbf0a736a784447e5f8

Headers

File Characteristics

PDB Paths

Imports

shlwapi

msvcrt

user32

kernel32

Exports

Exports

Sections

.text Size: 20KB - Virtual size: 20KB

.data Size: 8KB - Virtual size: 8KB

.rsrc Size: 9KB - Virtual size: 9KB

.reloc Size: 1KB - Virtual size: 1KB

.text
Size: 20KB - Virtual size: 20KB

.data
Size: 8KB - Virtual size: 8KB

.rsrc
Size: 9KB - Virtual size: 9KB

.reloc
Size: 1KB - Virtual size: 1KB