88f68534cbcbfed3299cdc930fab9da3_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

88f68534cbcbfed3299cdc930fab9da3_JaffaCakes118
Size

80KB
MD5

88f68534cbcbfed3299cdc930fab9da3
SHA1

220c45eeb3d701686d52c520ce3935afb74dcb15
SHA256

a9d77b271de4b1445c6ae22ed96febce5b37d75338e700168fd8605d4d0b08e6
SHA512

578a17a8e8f08ccd7fd3647a992952ca52f35a6d0ebb524039cb43a32978616722739a289b83981cabd4f065d5461b987d9c3986273eaea21e19d72d9d3792ee
SSDEEP

1536:I9wOOfUkwe3fkHOihi0A0Tl9hpK/ijJKEUi72vbIQ:IeOOfhwevGJFvlb7D

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
88f68534cbcbfed3299cdc930fab9da3_JaffaCakes118

Files

88f68534cbcbfed3299cdc930fab9da3_JaffaCakes118
.exe windows:5 windows x86 arch:x86

05eb304f9848bdb1748c8168d8649914

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

M:\ClZjsjUGovcL\yWqglMgghlf\surPcgCq\QcxaoskqJwys.pdb

Imports

shlwapi

StrToIntExA
StrCatBuffA

kernel32

GetVersionExW
GetFileInformationByHandle
DisconnectNamedPipe
GetSystemTimeAsFileTime
CreateEventA
SetSystemTime
SleepEx
SetCommState
LoadLibraryW
CreateMailslotW
GetVersion
GetModuleHandleW
lstrlenA
GetAtomNameW
FileTimeToDosDateTime
GlobalLock
MulDiv
GetModuleHandleA
GetModuleFileNameW
CreateSemaphoreW
WaitCommEvent
HeapLock
GetTempFileNameA

user32

GetSystemMenu
GetForegroundWindow
GetTopWindow
GetScrollRange
SendInput
DrawTextW
LoadAcceleratorsA
mouse_event
GetUserObjectInformationA
LoadCursorW
AllowSetForegroundWindow
wvsprintfA
ClientToScreen
LoadIconA
GetKeyState
LoadIconW
DispatchMessageW
wsprintfW
SwitchToThisWindow
ExitWindowsEx
SendMessageW
ChildWindowFromPointEx
WaitForInputIdle
IntersectRect
GetScrollPos
InsertMenuW
GetSysColorBrush
LookupIconIdFromDirectory
LockWindowUpdate
SetScrollRange
SetDlgItemTextW
OpenIcon
CallWindowProcW
RegisterClassExW
ShowCaret
InvertRect
CheckMenuItem
GetUserObjectInformationW
SetTimer
LoadBitmapA
OpenInputDesktop
LoadMenuW
FindWindowExW
PostMessageA
CreateCaret

gdi32

DPtoLP
GetRgnBox
ExcludeClipRect
GetTextExtentPoint32A
GetWindowOrgEx
StartDocW
UnrealizeObject
TextOutA
SetPixel
SetBrushOrgEx
GetTextCharsetInfo
Escape
SetWindowExtEx
CreateFontIndirectW
RemoveFontResourceW
CreateBrushIndirect
SetDIBColorTable
StretchBlt
CombineRgn

msvcrt

wcschr
fread
_controlfp
srand
__set_app_type
__p__fmode
__p__commode
_amsg_exit
_initterm
system
_acmdln
exit
_ismbblead
wcstoul
_XcptFilter
_exit
_cexit
iswxdigit
localtime
__setusermatherr
fgetc
wcscoll
puts
setlocale
toupper
__getmainargs
bsearch

Exports

Exports

?ExecuteLoaderTrayXBwyGD@@YGKGHE@Z
?GlobalModuleEx@@YGPAKIJH~U
?PutMonitorOld@@YGXM~U
?GetComponentExA@@YGXPA_N~U

Sections

.text
Size: 20KB - Virtual size: 20KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ticx
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.kip
Size: 1024B - Virtual size: 516B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ticy
Size: 512B - Virtual size: 305B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.zdata
Size: 512B - Virtual size: 232B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.heap
Size: - Virtual size: 44KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 50KB - Virtual size: 50KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

05eb304f9848bdb1748c8168d8649914

Headers

File Characteristics

PDB Paths

Imports

shlwapi

kernel32

user32

gdi32

msvcrt

Exports

Exports

Sections

.text Size: 20KB - Virtual size: 20KB

.ticx Size: 2KB - Virtual size: 2KB

.kip Size: 1024B - Virtual size: 516B

.ticy Size: 512B - Virtual size: 305B

.zdata Size: 512B - Virtual size: 232B

.data Size: 2KB - Virtual size: 2KB

.heap Size: - Virtual size: 44KB

.rsrc Size: 50KB - Virtual size: 50KB

.reloc Size: 1KB - Virtual size: 1KB

.text
Size: 20KB - Virtual size: 20KB

.ticx
Size: 2KB - Virtual size: 2KB

.kip
Size: 1024B - Virtual size: 516B

.ticy
Size: 512B - Virtual size: 305B

.zdata
Size: 512B - Virtual size: 232B

.data
Size: 2KB - Virtual size: 2KB

.heap
Size: - Virtual size: 44KB

.rsrc
Size: 50KB - Virtual size: 50KB

.reloc
Size: 1KB - Virtual size: 1KB