84a335e49f5c7b640a7490dce9af5ea3_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

84a335e49f5c7b640a7490dce9af5ea3_JaffaCakes118
Size

201KB
MD5

84a335e49f5c7b640a7490dce9af5ea3
SHA1

c39a44f589de633f514fa909f4a0572b876f34c3
SHA256

7a81f1fbbd9c121ede96a91bd0af31f1037965dd178b7f760363b705c457c470
SHA512

9ebfac482bca63050c0d77740977bfda402c739e836782f90ccf45170ea9b2299cd3d810547f2483001553bba70e8cb45c7d885634e42ec8eb608d57265ae731
SSDEEP

3072:8U3kcvrM//H7SKidDb/LxhPJlgBfX/dkl73vIdZqQIeNmVB3xh1oWY/tzd0FhKN:8ZX7fyTJl6dkl7fIdZqQIeAB6WOfK2r

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
84a335e49f5c7b640a7490dce9af5ea3_JaffaCakes118

Files

84a335e49f5c7b640a7490dce9af5ea3_JaffaCakes118
.exe windows:5 windows x86 arch:x86

a1c7b263480195264b280aef644525f6

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

T:\OxFhccsv\VsKmUeGX\RWhfrsnOuW\vJrcjdh\pAohJkBbyuH.pdb

Imports

gdi32

SetBitmapDimensionEx
GetRgnBox
CreateFontIndirectA
AddFontResourceW
GetTextMetricsW
ScaleViewportExtEx
SelectPalette
SetWindowExtEx
SetTextColor
CreateDCW
StartPage
GetNearestPaletteIndex
RectVisible
GetBkMode
GetTextExtentPoint32W
SetBkColor
SetROP2
GetStockObject

kernel32

GetOEMCP
GlobalAddAtomW
GetCommModemStatus
SleepEx
CreateFileA
CompareStringW
FindNextChangeNotification
GetCurrentThreadId
ResumeThread
DeleteFileW
UnhandledExceptionFilter
RemoveDirectoryA
GlobalSize
CreateSemaphoreW
IsValidLocale
SetEndOfFile
InitializeCriticalSection
GetCurrentThread
lstrcmpiA
VerSetConditionMask

user32

GetWindowTextA
LockWindowUpdate
CheckDlgButton
LoadAcceleratorsA
CharUpperBuffW
MapDialogRect
ExitWindowsEx
IsCharAlphaW
SetScrollInfo
CharNextA
AttachThreadInput
SetActiveWindow
BeginDeferWindowPos
GetClassInfoA
SetWindowPos
PeekMessageA
wvsprintfW
GetSubMenu
GetKeyboardType
GetUserObjectInformationA
GetFocus
AdjustWindowRect
GetClassLongW
DefWindowProcA
LoadBitmapA
CopyAcceleratorTableW
HiliteMenuItem
CreateWindowExA
ShowCaret
AllowSetForegroundWindow
GetWindowDC
MonitorFromRect
MapVirtualKeyW
SetRectEmpty
DrawEdge
IsDialogMessageW
SetMenu
TranslateAcceleratorA
GetMenuState
CreatePopupMenu
IsWindowVisible
ShowScrollBar
GetMessagePos
SwitchToThisWindow

msvcrt

_controlfp
__set_app_type
__p__fmode
toupper
wcstoul
strtok
__p__commode
_amsg_exit
time
isdigit
qsort
fwrite
isalnum
_initterm
_acmdln
exit
_ismbblead
_XcptFilter
fread
_exit
_cexit
__setusermatherr
mbtowc
__getmainargs
srand

shlwapi

StrNCatA

comdlg32

FindTextW
PrintDlgExW

Exports

Exports

?PutObjectW@@YGPAE_NI_NF*Z
?PutPoint@@YGPADPAJKH*Z
?GetMediaType@@YGPAXIK*Z
?DecrementAnchorExA@@YGFHPAK*Z
?GenerateFullNameA@@YGPAFDPAHPAKF*Z
?EnumDataNew@@YGPAEPADDPAKPAE*Z
?InstallFolderPathNew@@YGJIKDPAG*Z
?ModifyWindowOriginal@@YGDJPAK*Z
?CallAppNameOriginal@@YGFM*Z
?LoadSizeOld@@YGHIH*Z
?RtlProfileNew@@YGEJ*Z
?CallHeaderW@@YGPAD_NPAMPADK*Z
?HideFolderPathA@@YGXFN_N*Z
?RemovePoint@@YGXEM*Z
?CloseMemoryEx@@YGJJMPAK*Z
?DecrementTimeA@@YGPAIJ*Z
?CancelHeightA@@YGPA_NPAIPAG*Z
?RemoveNameA@@YGKMPAKEG*Z
?DecrementProjectOld@@YGDFPAN*Z
?ModifyVersionA@@YGPAXPAFPAG*Z

Sections

.text
Size: 171KB - Virtual size: 171KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.itext
Size: 512B - Virtual size: 464B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idir
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.edir
Size: 1024B - Virtual size: 839B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.vdir
Size: 512B - Virtual size: 140B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 2KB - Virtual size: 70KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdir
Size: 512B - Virtual size: 140B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.sdir
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a1c7b263480195264b280aef644525f6

Headers

File Characteristics

PDB Paths

Imports

gdi32

kernel32

user32

msvcrt

shlwapi

comdlg32

Exports

Exports

Sections

.text Size: 171KB - Virtual size: 171KB

.itext Size: 512B - Virtual size: 464B

.idir Size: 2KB - Virtual size: 2KB

.edir Size: 1024B - Virtual size: 839B

.vdir Size: 512B - Virtual size: 140B

.data Size: 2KB - Virtual size: 70KB

.pdir Size: 512B - Virtual size: 140B

.sdir Size: 13KB - Virtual size: 13KB

.rsrc Size: 6KB - Virtual size: 6KB

.reloc Size: 2KB - Virtual size: 1KB

.text
Size: 171KB - Virtual size: 171KB

.itext
Size: 512B - Virtual size: 464B

.idir
Size: 2KB - Virtual size: 2KB

.edir
Size: 1024B - Virtual size: 839B

.vdir
Size: 512B - Virtual size: 140B

.data
Size: 2KB - Virtual size: 70KB

.pdir
Size: 512B - Virtual size: 140B

.sdir
Size: 13KB - Virtual size: 13KB

.rsrc
Size: 6KB - Virtual size: 6KB

.reloc
Size: 2KB - Virtual size: 1KB