87085a317d3eefa0c80b12da00e2886e_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

87085a317d3eefa0c80b12da00e2886e_JaffaCakes118
Size

200KB
MD5

87085a317d3eefa0c80b12da00e2886e
SHA1

675652edd4e13144311809e266e97672764f3a6a
SHA256

40dc964e4a05adebf8e3154c3430dacaee1302fd33954e00649fdf1abca8cb14
SHA512

7273e7c193374e6bb2108c3cca8b28d0526dc8a20799e44412a4100956c0aecedf7ed2961d0fa2934bd47fe802d688184050a10659d30b3928fe92289625fdd8
SSDEEP

3072:1XuDvqPh9gSejl5MVfRL/iyWxVipQFbcqcwSc09RNSKo3GwT99+37168e:1+DGKjMfpgxVie22SDL/oW099+LA5

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
87085a317d3eefa0c80b12da00e2886e_JaffaCakes118

Files

87085a317d3eefa0c80b12da00e2886e_JaffaCakes118
.exe windows:5 windows x86 arch:x86

e3abba5202dfb60abebd2c492881c50e

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

Q:\zbZfsOpz\exDzbNy\MbTuxdtfCw.pdb

Imports

comdlg32

ReplaceTextW
GetSaveFileNameW
PageSetupDlgW
ChooseFontW

msvcrt

floor
isupper
_controlfp
vsprintf
strncmp
isalpha
__set_app_type
isspace
puts
wcschr
strncpy
free
islower
fclose
time
__p__fmode
gmtime
__p__commode
strtoul
strtol
towupper
localtime
_amsg_exit
wcscspn
strpbrk
getc
_initterm
_acmdln
strerror
exit
getenv
_ismbblead
_XcptFilter
_exit
_cexit
iswctype
fwrite
vswprintf
__setusermatherr
strrchr
wcscmp
rand
gets
ungetc
fputs
iswalpha
strspn
__getmainargs
mktime

gdi32

SetPixel
MoveToEx
CreateBrushIndirect
GetBkMode
GetCurrentObject
SetStretchBltMode
SelectPalette
CreateFontIndirectA
CreateHalftonePalette
TextOutW
CreateDIBitmap
CombineRgn
GetTextMetricsW
Rectangle
ScaleWindowExtEx
GetTextExtentPointA
RestoreDC
GetMapMode
SetDIBitsToDevice
StartDocW
ScaleViewportExtEx
GetNearestColor
StretchBlt
PolyBezier
CreateICW
Escape
GetStockObject
RealizePalette
OffsetViewportOrgEx
OffsetRgn
GetSystemPaletteUse
IntersectClipRect
LineTo
GetCharWidth32W
CreateDIBSection
RemoveFontResourceW
CreateBitmapIndirect
SetBitmapBits
GetViewportOrgEx
RectInRegion
CreatePenIndirect
SetDIBColorTable
GetTextAlign
RectVisible
GetPixel
FillRgn
CreateFontIndirectW
DeleteDC

user32

DrawAnimatedRects
EnumChildWindows
DrawTextA
GetClassLongA
CreateCaret
OffsetRect
SetDlgItemTextW
GetMessageW
RegisterClassExW
CharUpperBuffA
SetLastErrorEx
DrawFocusRect
TranslateAcceleratorW
CreateIconIndirect
BeginDeferWindowPos
LoadImageW
RemovePropW
GetKeyboardLayoutNameW
GetKeyboardType
CheckMenuRadioItem
GetDoubleClickTime
SetMenuItemBitmaps
ActivateKeyboardLayout
EnumWindows
MessageBoxExW
CharLowerW
RegisterClassExA
SetMenuDefaultItem
LoadImageA
LoadBitmapW
DeferWindowPos
IsDialogMessageA
GetFocus
GetTopWindow
KillTimer
GetClassInfoW
GetSysColorBrush
GetNextDlgTabItem
CreateDialogIndirectParamW
DrawStateA
CharNextA
SetWindowLongA
FindWindowExA
AppendMenuA
InflateRect
LoadStringW
LoadIconW
SetWindowRgn
IsDialogMessageW
SetCaretPos
HiliteMenuItem
GetDC
ReplyMessage
GetActiveWindow
mouse_event
DrawIcon
IsCharUpperA
SetWindowTextA
InvertRect
GetMenuItemRect
GetNextDlgGroupItem
GetKeyState
GetMenuItemInfoW
GetUpdateRect
UpdateWindow
RegisterWindowMessageW
FillRect
SendMessageTimeoutA
CharPrevA
CharLowerBuffW
wvsprintfA
GetClassLongW
AppendMenuW
TrackPopupMenuEx
SendMessageTimeoutW
SetRectEmpty
RegisterClassW
CheckRadioButton
TileWindows
DefFrameProcA
WaitForInputIdle
TranslateAcceleratorA
OpenDesktopW
MapDialogRect
GetWindowDC
ScrollWindowEx
PostQuitMessage
TranslateMessage
CloseDesktop
ChangeMenuW
GetDialogBaseUnits
GetClipCursor
GetParent
InsertMenuW
GetWindowRect
GetClientRect
DrawStateW
CreateIconFromResource
GetPropW
PostThreadMessageW
GetAltTabInfoW
EnableWindow
DispatchMessageA
DrawTextW
CopyRect
CharToOemBuffA
InternalGetWindowText
ChildWindowFromPointEx
GetClassInfoA
GetMenuStringA
MapWindowPoints
keybd_event
DialogBoxParamA
PeekMessageA
ShowWindowAsync
MoveWindow
MapVirtualKeyExW
SetScrollPos
BringWindowToTop

kernel32

CreateEventW
GetFullPathNameW
GetComputerNameW
EnumResourceLanguagesA
LCMapStringW
SetHandleCount
GetComputerNameA
TlsSetValue
GlobalHandle
CancelWaitableTimer
UnmapViewOfFile
OpenFileMappingW
LoadResource
HeapSize
FindResourceExA
SetFileTime
LocalAlloc
SetErrorMode
GetSystemWindowsDirectoryA
CreateThread
GlobalFlags
GlobalFindAtomW
GetShortPathNameW
GetModuleFileNameW
GetExitCodeThread
LoadLibraryA
CreateMailslotW
GetSystemDefaultUILanguage
DeviceIoControl
GetCommandLineA
GlobalFree
SetSystemTimeAdjustment
GlobalDeleteAtom
lstrcmpA
DeleteFileW
OpenFileMappingA
SetThreadPriority
GetAtomNameA
QueryDosDeviceW
AddAtomA
MoveFileA
lstrcatW
EnterCriticalSection
SetWaitableTimer
SetThreadAffinityMask
CloseHandle
SizeofResource
FindNextFileW
GetTickCount
InitializeCriticalSection
DefineDosDeviceW
LoadLibraryW
GlobalAddAtomA
GetModuleHandleA

comctl32

PropertySheetA
ImageList_Write
InitCommonControlsEx
ImageList_ReplaceIcon
CreatePropertySheetPageW
ImageList_LoadImageW

Exports

Exports

?CloseTime@@YGPAFJPADPAM]A
?BitCounterArrayIdeDunAs@@YGKGE@Z
?SetDirectoryW@@YGMDD]A

Sections

.text
Size: 20KB - Virtual size: 20KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 5KB - Virtual size: 189KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 172KB - Virtual size: 171KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e3abba5202dfb60abebd2c492881c50e

Headers

File Characteristics

PDB Paths

Imports

comdlg32

msvcrt

gdi32

user32

kernel32

comctl32

Exports

Exports

Sections

.text Size: 20KB - Virtual size: 20KB

.data Size: 5KB - Virtual size: 189KB

.rsrc Size: 172KB - Virtual size: 171KB

.reloc Size: 1KB - Virtual size: 1KB

.text
Size: 20KB - Virtual size: 20KB

.data
Size: 5KB - Virtual size: 189KB

.rsrc
Size: 172KB - Virtual size: 171KB

.reloc
Size: 1KB - Virtual size: 1KB