89d4181616c3a45b1b2fa685e9e31701_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

89d4181616c3a45b1b2fa685e9e31701_JaffaCakes118
Size

64KB
MD5

89d4181616c3a45b1b2fa685e9e31701
SHA1

5996bef6d07d01fafe669df0b5dd47490962094a
SHA256

4133051c104a07ae2f30a38383c63e68d56610ffd6bd952341f3b56229b79362
SHA512

4023fd9c397f3669b4e2ffb60e51ce205317a187b9de20d7accb63949311f33fb3f95cbdfe0e737945cffdc728583883cf8e4d5f3f0e101481acd051968e934a
SSDEEP

1536:CytHti5itc4UDnUxz6KJYsDT452YU2MMDvJdCtzJ:vzcZUxmKJYsqbbdds

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
89d4181616c3a45b1b2fa685e9e31701_JaffaCakes118

Files

89d4181616c3a45b1b2fa685e9e31701_JaffaCakes118
.exe windows:5 windows x86 arch:x86

45e0db63beb5dc2269a996224fe47741

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

Z:\shgjOkaJhk\ctcnwxbnujz\jsyWbsmddVxkM\Wpoasdywuxf.pdb

Imports

comctl32

ImageList_ReplaceIcon
ImageList_GetImageCount
CreateStatusWindowW

kernel32

ClearCommError
GetCommProperties
GetCommTimeouts
LockResource
GetModuleHandleA
SetFileApisToOEM
GetDateFormatW
GetPriorityClass
GetSystemWindowsDirectoryA
FindResourceExA
GetShortPathNameA
GetCurrentDirectoryW
lstrcatW
GlobalLock
CreateFileMappingA
SetFilePointer
DuplicateHandle
GetSystemDirectoryA
GetNumberFormatA
SetThreadExecutionState
SuspendThread

shlwapi

StrNCatW

comdlg32

CommDlgExtendedError
GetSaveFileNameW
ChooseColorW
ReplaceTextW

gdi32

PtVisible
CreateBrushIndirect
CreatePalette
CreateDIBSection
GetTextExtentExPointW
CreateSolidBrush
Rectangle
GetWindowOrgEx
CreateHalftonePalette
StretchBlt
SetTextAlign
TextOutW
BitBlt
GetDIBits
SelectClipRgn
GetViewportOrgEx
CreateDIBitmap
Escape

msvcrt

_controlfp
floor
iswprint
wcsncpy
toupper
fseek
__set_app_type
time
free
__p__fmode
swprintf
__p__commode
_amsg_exit
_initterm
strtoul
_acmdln
exit
clock
_ismbblead
_XcptFilter
wcscspn
isupper
_exit
_cexit
__setusermatherr
__getmainargs
isdigit

user32

InvertRect
IsDialogMessageW
GetClassInfoW
MapVirtualKeyA
LoadStringA
SetForegroundWindow
ShowWindow
AppendMenuA
GetClassLongW
ShowScrollBar
GetClassInfoExW
wvsprintfA
GetWindowTextA
DrawTextW
CheckDlgButton
RegisterWindowMessageA
LoadImageW
WaitMessage
ClipCursor
LoadStringW
OpenInputDesktop
GetMenuState
MapDialogRect
DispatchMessageA
DestroyCursor
HideCaret
IsCharAlphaNumericA
DestroyAcceleratorTable
SystemParametersInfoA
SetCursor
CharUpperW
DrawFocusRect
GetDlgItemTextA
MessageBoxW
MoveWindow
AdjustWindowRect
GetSubMenu
DefDlgProcW
GetClassInfoA
SetWindowLongA
CopyImage
RegisterHotKey
LoadCursorW
OemToCharA

Exports

Exports

?GlobalListOld@@YGPAEPAMPAE*Z
?PutMessageOriginal@@YGPAXDM*Z
?GetClassEx@@YGPAJHF*Z
?ModifyWindowOld@@YG_NE_N*Z
?InstallState@@YGNG*Z
?GenerateConfigA@@YGJHFM*Z
?CloseDirectoryOriginal@@YGKE*Z
?DeleteHeader@@YGPAXN*Z
?FreePenOld@@YGPAXPAJPAE*Z
?CancelHeaderEx@@YGKEHPAHK*Z

Sections

.text
Size: 36KB - Virtual size: 35KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.itext
Size: 512B - Virtual size: 500B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idir
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.edir
Size: 512B - Virtual size: 441B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.vdir
Size: 512B - Virtual size: 140B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdir
Size: 512B - Virtual size: 140B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.sdir
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tls
Size: 512B - Virtual size: 512B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

45e0db63beb5dc2269a996224fe47741

Headers

File Characteristics

PDB Paths

Imports

comctl32

kernel32

shlwapi

comdlg32

gdi32

msvcrt

user32

Exports

Exports

Sections

.text Size: 36KB - Virtual size: 35KB

.itext Size: 512B - Virtual size: 500B

.idir Size: 3KB - Virtual size: 2KB

.edir Size: 512B - Virtual size: 441B

.vdir Size: 512B - Virtual size: 140B

.pdir Size: 512B - Virtual size: 140B

.data Size: 2KB - Virtual size: 24KB

.sdir Size: 13KB - Virtual size: 13KB

.tls Size: 512B - Virtual size: 512B

.rsrc Size: 4KB - Virtual size: 4KB

.reloc Size: 1KB - Virtual size: 1KB

.text
Size: 36KB - Virtual size: 35KB

.itext
Size: 512B - Virtual size: 500B

.idir
Size: 3KB - Virtual size: 2KB

.edir
Size: 512B - Virtual size: 441B

.vdir
Size: 512B - Virtual size: 140B

.pdir
Size: 512B - Virtual size: 140B

.data
Size: 2KB - Virtual size: 24KB

.sdir
Size: 13KB - Virtual size: 13KB

.tls
Size: 512B - Virtual size: 512B

.rsrc
Size: 4KB - Virtual size: 4KB

.reloc
Size: 1KB - Virtual size: 1KB