8974e39f7141caa07b5d7ee354f1e445_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

8974e39f7141caa07b5d7ee354f1e445_JaffaCakes118
Size

171KB
MD5

8974e39f7141caa07b5d7ee354f1e445
SHA1

4f656fe61328a40515a767974027b7b979a6e3e7
SHA256

07368d6186d64879b7964d37479a0ab7c5976aece05a282d4aa0c39170f90103
SHA512

70feac8ffb2fb2b22ba0488aae37b4708da1c837708e16d39366a0b61bbbaedb0d5fc7132eca5c936b383db5454541fb1d3dfb266619ac726d20780754c59098
SSDEEP

3072:3u+uV5EVpzM8iu25q2lep6dSe+Yb5l4fLcPHcjE5HIVrf8q8ahhKXI:gwzzVtSq2IWVFXg+HnHkr0qlqXI

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8974e39f7141caa07b5d7ee354f1e445_JaffaCakes118

Files

8974e39f7141caa07b5d7ee354f1e445_JaffaCakes118
.exe windows:5 windows x86 arch:x86

7b28b8e4471666c9967783bf0d4024c0

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

G:\mhyzTkn\ybzrLqei\psigLMXw\nmtIQjtscTy.pdb

Imports

user32

GetMenu
RegisterHotKey
BeginDeferWindowPos
OffsetRect
SetActiveWindow
GetUpdateRect
GetFocus
GetKeyNameTextW
GetWindowPlacement
SetWindowPlacement
SetRect
GetCursorPos
SetCursor
IsDialogMessageW
HiliteMenuItem
GetDlgItemTextA
DrawIconEx
IsZoomed
OemToCharA
LockWindowUpdate
DrawStateA
EnableScrollBar
SetScrollRange
WindowFromPoint
GetKeyboardLayoutNameW
CheckMenuRadioItem
SystemParametersInfoA
MonitorFromRect
GetScrollPos
SendDlgItemMessageW
keybd_event
GetWindowTextW
SendNotifyMessageW
CallWindowProcW
GetTopWindow
UpdateWindow
InsertMenuW
CharUpperBuffA
CharPrevA
GetIconInfo
IsIconic
LookupIconIdFromDirectory
DrawFocusRect
GetWindowRect
SetDlgItemTextA
DrawTextExW
CreateWindowExA
InSendMessageEx
OpenIcon
CheckMenuItem
PostMessageA
GetSubMenu
IsWindowVisible
GetClassInfoExA
SetWindowLongA
IsCharAlphaW
SetWindowPos
GetMessageExtraInfo
SetCursorPos
GetSystemMetrics
GetUserObjectInformationW
GetDialogBaseUnits
ReleaseDC
DrawStateW
CascadeWindows
GetSystemMenu
DestroyMenu
DefWindowProcW
GetMenuStringW
GetDlgItem
IsCharAlphaA
GetDlgItemTextW
CharNextExA
GetMonitorInfoW
PostThreadMessageA
DestroyIcon
ActivateKeyboardLayout
GetClientRect
SetUserObjectInformationW
SetMenuDefaultItem
GetClassInfoA
DispatchMessageW
GetSysColor
ShowWindow
GetKeyboardType
RegisterClassExW
GetMessagePos
MapWindowPoints
DestroyCursor
GetLastActivePopup
LoadStringA
CharPrevW
InvertRect
SendMessageW
EndPaint
MessageBoxExA
SendMessageA
DefDlgProcW
ReplyMessage
SetScrollInfo
TranslateAcceleratorW
OemToCharBuffA
SystemParametersInfoW
GetNextDlgTabItem
IsWindowUnicode
wvsprintfW
GetDCEx
GetClipCursor
GetWindowLongW
OpenDesktopW
GetMenuItemRect
wsprintfW
UnloadKeyboardLayout
DragObject
EnumThreadWindows
SetTimer
WaitForInputIdle
GetMenuState
GetMessageTime
ChangeMenuW
GetScrollRange
DrawIcon

comdlg32

ReplaceTextW
PrintDlgW
CommDlgExtendedError
PageSetupDlgW
GetSaveFileNameW
GetFileTitleW

msvcrt

floor
wcslen
fprintf
wcscspn
_controlfp
__set_app_type
strcpy
ftell
system
fflush
fwrite
vsprintf
__p__fmode
__p__commode
isprint
wcstombs
putchar
toupper
_amsg_exit
wcsrchr
perror
strerror
_initterm
wcscpy
wcsncmp
_ismbblead
putc
strtok
rand
isdigit
_XcptFilter
iswdigit
_exit
_cexit
getenv
__setusermatherr
towlower
wcstod
qsort
wcschr
puts
wcscmp
iswprint
srand
strncmp
__getmainargs
setlocale

shlwapi

UrlGetPartA

kernel32

FindResourceW
GetCommTimeouts
FreeLibrary
ClearCommBreak
ClearCommError
HeapSize
FindClose
VirtualProtect
GetFileSize
FormatMessageW
CompareStringW
GlobalFindAtomW
GetModuleFileNameA
SetCommState
WriteFile
GetCurrentThread
IsBadWritePtr
lstrcmpiA
FileTimeToDosDateTime
GetACP
SetEvent
lstrcpynW
GetStartupInfoW
CopyFileA
CreateRemoteThread
GetFileTime
LocalUnlock
GetVersionExA
LocalSize
RaiseException
GetCommandLineW
HeapUnlock
ResetEvent
EscapeCommFunction
lstrcmpA
GetCommModemStatus
GetModuleHandleA
DeviceIoControl
HeapWalk
GlobalReAlloc
CreateDirectoryW
GlobalMemoryStatusEx
lstrcpynA
GlobalMemoryStatus
GetSystemWindowsDirectoryA
SetCurrentDirectoryW
GetCommandLineA
LocalLock
CancelIo
RemoveDirectoryW
FindFirstFileA
SetUnhandledExceptionFilter
IsDBCSLeadByte
CancelWaitableTimer
GetFullPathNameW
HeapLock
Sleep

Exports

Exports

?RedirectOutputMsg@@YGKPBDDKPAX:O

Sections

.text
Size: 22KB - Virtual size: 21KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.cexp
Size: 512B - Virtual size: 95B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.regs
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.citab
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 2KB - Virtual size: 256KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.$dbug
Size: 512B - Virtual size: 97B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.lime
Size: 1024B - Virtual size: 519B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tdat
Size: 512B - Virtual size: 192B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 136KB - Virtual size: 135KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

7b28b8e4471666c9967783bf0d4024c0

Headers

File Characteristics

PDB Paths

Imports

user32

comdlg32

msvcrt

shlwapi

kernel32

Exports

Exports

Sections

.text Size: 22KB - Virtual size: 21KB

.cexp Size: 512B - Virtual size: 95B

.regs Size: 1KB - Virtual size: 1KB

.citab Size: 6KB - Virtual size: 5KB

.data Size: 2KB - Virtual size: 256KB

.$dbug Size: 512B - Virtual size: 97B

.lime Size: 1024B - Virtual size: 519B

.tdat Size: 512B - Virtual size: 192B

.rsrc Size: 136KB - Virtual size: 135KB

.text
Size: 22KB - Virtual size: 21KB

.cexp
Size: 512B - Virtual size: 95B

.regs
Size: 1KB - Virtual size: 1KB

.citab
Size: 6KB - Virtual size: 5KB

.data
Size: 2KB - Virtual size: 256KB

.$dbug
Size: 512B - Virtual size: 97B

.lime
Size: 1024B - Virtual size: 519B

.tdat
Size: 512B - Virtual size: 192B

.rsrc
Size: 136KB - Virtual size: 135KB