8a24a91bda4001806fb6366c95fe84e3_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

8a24a91bda4001806fb6366c95fe84e3_JaffaCakes118
Size

60KB
MD5

8a24a91bda4001806fb6366c95fe84e3
SHA1

205a2ee540b706b26d4d1fda173cabde94071962
SHA256

09e99720a3e07599564c577d24c4f6fc3c3ce11b5dda6cf2d81f3247a2341650
SHA512

5d56f5ff4485b9ce7f7d0adf46797fdd19e190646b19e5e558b4a4597db0b451cc0a87925e9cd714d47a02f9c96326ccde167e4b6d8251785a09adcc457fa602
SSDEEP

1536:Pka4S63hAkVb9W25QcGkV77u4eu2Spn8V:Pka4d3hBVJjP3u4f2AI

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8a24a91bda4001806fb6366c95fe84e3_JaffaCakes118

Files

8a24a91bda4001806fb6366c95fe84e3_JaffaCakes118
.exe windows:5 windows x86 arch:x86

56a2b5f7477b144f1073c1ae38ed1ccc

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

I:\XyWuJsqvv\aXegxZuPkvU\atpAbqj.pdb

Imports

shlwapi

UrlGetLocationA
UrlIsOpaqueW

kernel32

LocalUnlock
GetComputerNameExA
MoveFileW
SetTimerQueueTimer
FindClose
lstrcmpiW
lstrcmpA
GetSystemDirectoryW
GetFileTime
GetComputerNameExW
lstrcatW
GetModuleFileNameA
GlobalFlags
FindFirstFileW
GetLocaleInfoA
SetHandleInformation
CreateDirectoryW
FindResourceW
QueryDosDeviceW
GlobalReAlloc
AddAtomA
CompareStringA
LocalLock
lstrcpyW
GetThreadContext
GetThreadPriority
CopyFileW
HeapSize
InitializeCriticalSection
GetThreadTimes
DefineDosDeviceW
GetFileSize
LoadLibraryExA
SetCurrentDirectoryW
GetTimeFormatA
GetUserDefaultLCID
CreateFileW

comdlg32

ChooseFontW
GetOpenFileNameA
CommDlgExtendedError
PrintDlgW
FindTextW

comctl32

ImageList_Remove
InitCommonControlsEx
ImageList_Destroy
CreatePropertySheetPageA
DestroyPropertySheetPage
CreateStatusWindowW
PropertySheetA

msvcrt

towlower
puts
wcstoul
clearerr
_controlfp
swscanf
remove
__set_app_type
getenv
__p__fmode
strcoll
vswprintf
strspn
__p__commode
wcscat
ftell
_amsg_exit
_initterm
printf
wcscmp
exit
getc
_ismbblead
rand
isprint
_XcptFilter
floor
fwrite
_exit
_cexit
wcsncmp
__setusermatherr
wcstok
system
iswxdigit
__getmainargs

user32

SetCaretPos
ClientToScreen
LoadImageW
DestroyMenu
GetPropW
DialogBoxParamA
LoadStringW
BringWindowToTop
LoadStringA
DrawAnimatedRects
LoadBitmapA
SetWindowTextW
RemovePropW
RegisterClassExW
GetWindow
SetMenu
EnableScrollBar
LoadIconW
InsertMenuItemW
MapDialogRect
PeekMessageA
IsWindowVisible
RegisterWindowMessageA
LockWindowUpdate
GetWindowTextLengthW
LoadCursorA
InsertMenuW
IntersectRect
ChildWindowFromPointEx
GetKeyboardLayoutList
GetDlgItem
FindWindowExA
GetMonitorInfoW
mouse_event
GetUpdateRgn
MessageBoxA
LoadAcceleratorsA
GetDialogBaseUnits
DefFrameProcA
UpdateWindow
CharUpperBuffA
PostThreadMessageW
GetWindowTextA
TrackPopupMenuEx
ModifyMenuW
CreateDialogParamA
DestroyIcon
ScrollWindow
GetClipCursor
IsWindowUnicode
EnumThreadWindows
GetWindowLongW
TranslateAcceleratorA
OpenInputDesktop
SystemParametersInfoA
IsCharAlphaA
DestroyCaret
OemToCharA
InsertMenuA
SetWindowPlacement
InvertRect
GetUpdateRect
wsprintfW
SetDlgItemTextA
ShowWindowAsync
SendNotifyMessageW
LoadCursorW
CreateCaret
AdjustWindowRect
UnionRect
RemoveMenu
GetKeyboardLayout
GrayStringW
IsDialogMessageA
SetDlgItemInt
InvalidateRect
GetForegroundWindow
GetDC
ChangeMenuW
ExitWindowsEx
DrawMenuBar
CharToOemBuffA
TileWindows

Exports

Exports

?HistoryLoggingOn@@YGKDKPAX:O

Sections

.text
Size: 23KB - Virtual size: 23KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdbg
Size: 512B - Virtual size: 89B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.iplan
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.eplan
Size: 512B - Virtual size: 91B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.run
Size: 1024B - Virtual size: 650B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.0dat
Size: 24KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 512B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ram
Size: - Virtual size: 39KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

56a2b5f7477b144f1073c1ae38ed1ccc

Headers

File Characteristics

PDB Paths

Imports

shlwapi

kernel32

comdlg32

comctl32

msvcrt

user32

Exports

Exports

Sections

.text Size: 23KB - Virtual size: 23KB

.rdbg Size: 512B - Virtual size: 89B

.iplan Size: 4KB - Virtual size: 4KB

.eplan Size: 512B - Virtual size: 91B

.run Size: 1024B - Virtual size: 650B

.0dat Size: 24KB - Virtual size: 23KB

.data Size: 3KB - Virtual size: 2KB

.tls Size: 512B - Virtual size: 512B

.ram Size: - Virtual size: 39KB

.rsrc Size: 2KB - Virtual size: 1KB

.text
Size: 23KB - Virtual size: 23KB

.rdbg
Size: 512B - Virtual size: 89B

.iplan
Size: 4KB - Virtual size: 4KB

.eplan
Size: 512B - Virtual size: 91B

.run
Size: 1024B - Virtual size: 650B

.0dat
Size: 24KB - Virtual size: 23KB

.data
Size: 3KB - Virtual size: 2KB

.tls
Size: 512B - Virtual size: 512B

.ram
Size: - Virtual size: 39KB

.rsrc
Size: 2KB - Virtual size: 1KB