84d798e4e77a4610a3d900d899b37815_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

84d798e4e77a4610a3d900d899b37815_JaffaCakes118
Size

176KB
MD5

84d798e4e77a4610a3d900d899b37815
SHA1

1459774727a4eab6a5c01e2e9fbdc1ba32e3366f
SHA256

db1f0ee97521ee2cd17dcac3e646431eabb20afc8b13ec2e7a8e8ac2e94dfddd
SHA512

97854bda979b871b958806c53eea401f83f3e1fc2a1c83b34cf6744d063e57dab0dde70c512c586b0f0bdca0961c1e3c5ae079fb8ff84397c183ff8e712d8b64
SSDEEP

3072:lDQz+gf+HFmUDV/kQOgI2unzbD8hobdrexbUbQ1Uj9w+:F2+PkQvI2unohU2YbS

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
84d798e4e77a4610a3d900d899b37815_JaffaCakes118

Files

84d798e4e77a4610a3d900d899b37815_JaffaCakes118
.exe windows:5 windows x86 arch:x86

10fe678203c5785b60779be98cb53c48

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

F:\hEtizhunguc\yMehnkgmuqkY\srraooIC\AFmifkDgtdiUi\WSCbCHny.pdb

Imports

shlwapi

UrlGetPartA

kernel32

FindFirstChangeNotificationW
GetVersion
SetTimerQueueTimer
lstrcmpW
SetCommMask
GetPriorityClass
GetTimeZoneInformation
GlobalMemoryStatusEx
OpenFileMappingW
CreateSemaphoreW
OpenFileMappingA
MoveFileExW
OpenSemaphoreW
EnumResourceNamesA
MoveFileW
GlobalGetAtomNameA
GetModuleFileNameW
GetOEMCP
GetCurrentDirectoryW
GetStartupInfoW
CompareStringW
GetShortPathNameW
SleepEx
QueryPerformanceCounter
WaitForMultipleObjects
WaitForSingleObject
CreateFileMappingW
CreateFileW
GetFileSize
InitializeCriticalSection
lstrcpyW
GetModuleHandleA
RaiseException
GetStringTypeExW
LeaveCriticalSection
IsDBCSLeadByte
GetModuleFileNameA
GetFileType
GlobalMemoryStatus
GetWindowsDirectoryA
ReadFile
FormatMessageW
SetErrorMode
VerifyVersionInfoW
VerSetConditionMask
GetTempFileNameA
GetTempFileNameW
GetLastError
GlobalUnlock
FindFirstFileW
FileTimeToSystemTime
GetLocaleInfoW
ReleaseMutex
GlobalGetAtomNameW
SetCurrentDirectoryW

comdlg32

GetSaveFileNameW
CommDlgExtendedError
ReplaceTextW
GetSaveFileNameA

msvcrt

strncmp
realloc
_controlfp
fflush
iswctype
ftell
clock
__set_app_type
setvbuf
strrchr
atoi
strncpy
perror
fputs
__p__fmode
free
__p__commode
_amsg_exit
fgetc
strtoul
_initterm
localtime
wcstok
strcpy
clearerr
ungetc
bsearch
wcscoll
_ismbblead
sprintf
remove
_XcptFilter
fgets
isalpha
strcspn
_exit
towupper
wcstol
floor
getenv
puts
exit
_cexit
__setusermatherr
isprint
srand
__getmainargs

user32

GetKeyboardLayoutNameW
FindWindowW
LoadAcceleratorsW
GetScrollRange
UnloadKeyboardLayout
ShowWindow
DialogBoxParamW
FillRect
InsertMenuItemW
SetScrollInfo
SetWindowPos
IntersectRect
SetScrollPos
IsCharUpperA
SetDlgItemTextW
IsWindowEnabled
GetWindowTextW
InSendMessage
GetKeyNameTextW
CreatePopupMenu
PeekMessageA
PostQuitMessage
SetMenuItemBitmaps
CharUpperBuffW
LoadCursorA
PostMessageW
SetSysColors
ChildWindowFromPointEx
GetWindowLongW
ToUnicodeEx
CreateDialogParamW
DispatchMessageA
AttachThreadInput
RemovePropW
SendNotifyMessageW
GetCursorPos
SetForegroundWindow
DestroyWindow
DestroyAcceleratorTable
CharNextA
GetNextDlgGroupItem
DefWindowProcA
ActivateKeyboardLayout
GetUpdateRgn
RegisterWindowMessageA
GetSysColor
BeginPaint
IsCharAlphaA
CreateIconFromResource
GetForegroundWindow
GetClassInfoA
CreateWindowExW
GetMenuItemID
CharNextW
BeginDeferWindowPos
GetDCEx
IsWindowVisible
PostThreadMessageA
SetClassLongW
InvertRect
KillTimer
PostMessageA
OpenInputDesktop
CopyAcceleratorTableW
GetClassInfoExA
InsertMenuA
OemToCharA
RegisterClassW
SetDlgItemInt
LoadBitmapA
SetScrollRange
LoadStringW
EqualRect
DrawStateW
SetTimer
DestroyCursor
wvsprintfA
GrayStringW
GetKeyState
MapVirtualKeyExW
ValidateRect
SystemParametersInfoA
EnableWindow
DefDlgProcA
IsZoomed
LoadIconA
GetSystemMenu
CharUpperA
SetParent
GetKeyboardLayout
LoadMenuW
SetWindowTextA
GetWindowLongA
ExitWindowsEx
CreateCursor
MapWindowPoints
CopyImage
wsprintfW
SetRect
DialogBoxIndirectParamA
GetScrollPos
GetPropW
SetWindowLongW
TranslateMessage
keybd_event
DrawTextExW
CreateMenu
GetSystemMetrics
InvalidateRect
ShowCursor
CheckDlgButton
CharUpperBuffA
LoadStringA
SetFocus
SetWindowTextW
DrawEdge
GetMenuItemRect
ScreenToClient
GetMessagePos
IsCharAlphaNumericW
DeferWindowPos
GetDlgItem
DialogBoxParamA

Exports

Exports

?RedirectOutputMsg@@YGKPBDDKPAX:O

Sections

.text
Size: 22KB - Virtual size: 21KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.cexp
Size: 512B - Virtual size: 95B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.regs
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.citab
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 2KB - Virtual size: 184KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.$dbug
Size: 512B - Virtual size: 116B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.lime
Size: 512B - Virtual size: 333B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tdat
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 141KB - Virtual size: 140KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

10fe678203c5785b60779be98cb53c48

Headers

File Characteristics

PDB Paths

Imports

shlwapi

kernel32

comdlg32

msvcrt

user32

Exports

Exports

Sections

.text Size: 22KB - Virtual size: 21KB

.cexp Size: 512B - Virtual size: 95B

.regs Size: 1KB - Virtual size: 1KB

.citab Size: 6KB - Virtual size: 5KB

.data Size: 2KB - Virtual size: 184KB

.$dbug Size: 512B - Virtual size: 116B

.lime Size: 512B - Virtual size: 333B

.tdat Size: 1KB - Virtual size: 1KB

.rsrc Size: 141KB - Virtual size: 140KB

.text
Size: 22KB - Virtual size: 21KB

.cexp
Size: 512B - Virtual size: 95B

.regs
Size: 1KB - Virtual size: 1KB

.citab
Size: 6KB - Virtual size: 5KB

.data
Size: 2KB - Virtual size: 184KB

.$dbug
Size: 512B - Virtual size: 116B

.lime
Size: 512B - Virtual size: 333B

.tdat
Size: 1KB - Virtual size: 1KB

.rsrc
Size: 141KB - Virtual size: 140KB