85c630ea94f575a0e7b9a4484ac3d925_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

85c630ea94f575a0e7b9a4484ac3d925_JaffaCakes118
Size

163KB
MD5

85c630ea94f575a0e7b9a4484ac3d925
SHA1

a23e03c7cc835c5b7019beb1d4b9a40aaf4ef692
SHA256

2f7341429f425b999e4aa2a950b226c82af7d76665adf97bcbe8c397a43eab65
SHA512

4ffbc22c5a58bb8e93013981fc297820b38bf4310df4bf5db0600a779eecca7885dd95bcffe1b56019e179cc53498530a71b38e600632c251ec91b193e0a46f3
SSDEEP

3072:NWXsF3kq6bJ2daQLN4hJ5THgtmAetVZpwiNbriktCUgGXyLfH7bafNWfZiY8f0Jf:HFU9hWqngdezwAMGXUP6fNWhE0l

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
85c630ea94f575a0e7b9a4484ac3d925_JaffaCakes118

Files

85c630ea94f575a0e7b9a4484ac3d925_JaffaCakes118
.exe windows:5 windows x86 arch:x86

669d3f46ef5e04aec5a5534fa533a78d

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

W:\OJtixxoPkg\oIlaayovgmTkV\cBggBmc\vciDDQTAAdzlkf\tgyTjvha.pdb

Imports

comctl32

CreatePropertySheetPageA
ImageList_Write
ImageList_Destroy
PropertySheetA
ImageList_Draw
CreateToolbarEx

user32

PostMessageA
GetDC
DragObject
GetKeyboardLayoutNameW
BeginPaint
SetUserObjectInformationW
SetWindowLongA
ShowScrollBar
SetScrollInfo
GetWindowRect
wvsprintfW
OpenInputDesktop
LoadMenuA
InflateRect
PostQuitMessage
ShowWindow
FindWindowA
TranslateAcceleratorW
GetUpdateRgn
LoadIconW
DrawFocusRect
SetMenu
PostMessageW
IsCharAlphaW
GetDoubleClickTime
GetMessageA
GetDlgItemTextW
LoadMenuW
DrawFrameControl
GetScrollInfo
DestroyWindow
wsprintfW
GetWindow
SystemParametersInfoA
GetDlgCtrlID
OpenIcon
CharLowerBuffW
PostThreadMessageA
LoadAcceleratorsA
SetLastErrorEx
GetClipCursor
LoadCursorW
RegisterWindowMessageA
GetNextDlgGroupItem
GetMenuStringW
MonitorFromRect
SetMenuItemBitmaps
GetUserObjectInformationW
ShowCursor
SendInput
DrawMenuBar
SystemParametersInfoW
DefFrameProcW
GetWindowTextW
SetActiveWindow
DrawTextA
SetDlgItemInt
BringWindowToTop
GetMenuItemInfoW
ShowCaret
RegisterClassExW
CheckDlgButton
CharLowerA
SetWindowLongW
ShowWindowAsync
SetRectEmpty
CharNextExA
CreateIconFromResource
ModifyMenuW
CharUpperBuffW
ToUnicodeEx
PeekMessageA
GetSysColorBrush
ArrangeIconicWindows
InSendMessageEx
GetClassInfoW
DestroyCaret
DefDlgProcW
CharNextW
TabbedTextOutW
DrawAnimatedRects
GetMenuItemID
GetSysColor
ClientToScreen
LoadAcceleratorsW
CallWindowProcW
DestroyCursor
LoadBitmapW
PostThreadMessageW
EnableScrollBar
TranslateMessage
EnableMenuItem
CopyRect
SendMessageW
mouse_event
ExitWindowsEx
ChangeMenuW
CreateAcceleratorTableW
SendMessageTimeoutW
DialogBoxIndirectParamA
LockWindowUpdate
GetClassInfoA
GetClassLongW
MoveWindow
IsWindow
GrayStringW
GetLastActivePopup
VkKeyScanW
FindWindowW
MapVirtualKeyExW
LoadBitmapA
MapWindowPoints
CreateWindowExW
LoadImageW
GetClassInfoExA
wsprintfA
GetMenuStringA
keybd_event

kernel32

CreateNamedPipeA
GetComputerNameExA
LocalUnlock
DisconnectNamedPipe
GlobalSize
GetFileAttributesExA
CreateWaitableTimerW
LoadLibraryA
VirtualAlloc
GetVersionExA
GetSystemDirectoryA
CopyFileW
lstrlenW
GetStdHandle
SystemTimeToFileTime
LockResource
FindCloseChangeNotification
LoadLibraryExW
MapViewOfFile
lstrcmpiW
CreateWaitableTimerA
FindClose
lstrcpynW
CreateSemaphoreW
ReleaseSemaphore
WinExec
SetCommState
LocalAlloc
GlobalFree
FileTimeToLocalFileTime
SetUnhandledExceptionFilter
SetFilePointer
FormatMessageW
AddAtomW
GetTempFileNameW
SetWaitableTimer
GetModuleFileNameA
SizeofResource
CompareStringA
GetComputerNameW
LocalFree
VirtualProtect
FlushFileBuffers
EscapeCommFunction
lstrcmpA
lstrcpyA
IsValidLanguageGroup
GetAtomNameA
CreateFileW
GetShortPathNameA
WaitForSingleObject
WaitForMultipleObjects

msvcrt

wcscoll
getenv
strpbrk
system
setvbuf
wcstoul
vsprintf
printf
swscanf
fgets
exit
_controlfp
mbstowcs
__set_app_type
swprintf
floor
tolower
__p__fmode
__p__commode
_amsg_exit
_initterm
_ismbblead
gmtime
wcstombs
isdigit
fwrite
wcstol
mktime
atoi
ungetc
isspace
clearerr
islower
_XcptFilter
getc
_exit
_cexit
__setusermatherr
__getmainargs
fread
fgetc
strspn
toupper
gets
strchr
fflush
strcpy

comdlg32

ChooseFontW
FindTextW
ChooseColorW
GetFileTitleW
PageSetupDlgW
PrintDlgW

Exports

Exports

?GetShiftAltInfo@@YGK_KHE:O

Sections

.text
Size: 20KB - Virtual size: 19KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.init
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.erts
Size: 512B - Virtual size: 86B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.wall
Size: 1024B - Virtual size: 258KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.info
Size: 512B - Virtual size: 192B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.udata
Size: 139KB - Virtual size: 138KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

669d3f46ef5e04aec5a5534fa533a78d

Headers

File Characteristics

PDB Paths

Imports

comctl32

user32

kernel32

msvcrt

comdlg32

Exports

Exports

Sections

.text Size: 20KB - Virtual size: 19KB

.init Size: 6KB - Virtual size: 5KB

.erts Size: 512B - Virtual size: 86B

.wall Size: 1024B - Virtual size: 258KB

.info Size: 512B - Virtual size: 192B

.data Size: 3KB - Virtual size: 2KB

.udata Size: 139KB - Virtual size: 138KB

.reloc Size: 1KB - Virtual size: 1KB

.text
Size: 20KB - Virtual size: 19KB

.init
Size: 6KB - Virtual size: 5KB

.erts
Size: 512B - Virtual size: 86B

.wall
Size: 1024B - Virtual size: 258KB

.info
Size: 512B - Virtual size: 192B

.data
Size: 3KB - Virtual size: 2KB

.udata
Size: 139KB - Virtual size: 138KB

.reloc
Size: 1KB - Virtual size: 1KB