8a5c8c0b4dc878635b67713768f49c74_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

8a5c8c0b4dc878635b67713768f49c74_JaffaCakes118
Size

50KB
MD5

8a5c8c0b4dc878635b67713768f49c74
SHA1

1f24745d9d6c5d88f46e52bc6df9985b00198c58
SHA256

4f66401936ef2f68a7b0825c7777b65b3aebe1342567bc276130525bc9851ef4
SHA512

543e2800e08f44d04606ebaf7941f22521df89b66d49fc25e0db5f9a27f50e948be56607ab9b5613e2b1328aef9d3b0dfead8673169f7125db4f69149e7e9064
SSDEEP

768:lwO/DiPrDKvUVmdtN2RBovhmTIdEhAsKGc/Btmv4GtHAfR3tDxIhd7E:fOzDK3Zhm8ShoHvCtgJ35ihJ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8a5c8c0b4dc878635b67713768f49c74_JaffaCakes118

Files

8a5c8c0b4dc878635b67713768f49c74_JaffaCakes118
.exe windows:5 windows x86 arch:x86

8ce3b691b294581a2ef51fd135a363dd

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

W:\gslPmtoifyxjW\sTPaVsMvNNuy\lcnhbimy.pdb

Imports

user32

GetKeyboardLayout
SetWindowLongW
SendInput
ReleaseDC
MapVirtualKeyW
TileWindows
CreateDialogParamA
GetCursorPos
RegisterWindowMessageA
IsWindowVisible
DefDlgProcA
DragObject
GetMenuItemInfoW
CheckMenuItem
CreatePopupMenu
IsWindow
IsCharLowerA
GetScrollRange
LoadIconA
SetDlgItemTextA
GetNextDlgTabItem
ChangeMenuW
LoadCursorA
PostThreadMessageW
IsRectEmpty
SetParent
LoadMenuW
SetUserObjectInformationW
SystemParametersInfoW
TranslateAcceleratorW
GetWindowTextW
LoadBitmapA
GetClipCursor
SetCaretPos
GetClassInfoA
GetKeyNameTextW
EnableWindow
wsprintfA
IsCharUpperA
RemovePropW
GetClientRect
wsprintfW
GetDlgCtrlID
DrawTextW
BeginDeferWindowPos
GetIconInfo
CloseDesktop
SetScrollRange
EqualRect
CharUpperA
GetTopWindow
CharUpperBuffA
LoadStringA
AdjustWindowRectEx
GetMenuState
SetWindowPlacement
DestroyIcon
DrawFocusRect
mouse_event
SetTimer
DialogBoxIndirectParamW
ValidateRect
InvalidateRect
IsCharAlphaA
LoadImageW
DispatchMessageW
GetDlgItem
AllowSetForegroundWindow
GetMenuStringA
TranslateAcceleratorA
GetSubMenu
ScrollWindow
MapVirtualKeyA
IsIconic
DrawTextExW
AttachThreadInput
InvalidateRgn
GetWindowTextLengthW
PeekMessageA
CreateDialogParamW
IsWindowEnabled
GetKeyState
OffsetRect
IntersectRect
MapDialogRect
GetMenuItemCount
ClientToScreen
GetKeyboardType
GetClassInfoExW
GetWindowLongW
DestroyCursor
GetUpdateRgn
HiliteMenuItem
IsMenu
GetSysColorBrush
DrawStateA
SetSysColors
CheckRadioButton
CreateIconIndirect
HideCaret
TrackPopupMenuEx
GetUserObjectInformationW
PostMessageW
LoadAcceleratorsA
ReplyMessage
CheckMenuRadioItem
WindowFromPoint
GetFocus
SendMessageTimeoutW
RegisterClassW
SendMessageTimeoutA
DrawAnimatedRects
CharNextW
SetScrollInfo
ChildWindowFromPointEx
EnumThreadWindows
RegisterClassA
ShowCaret
ShowWindowAsync
SetMenuDefaultItem
OemToCharA
FindWindowW
UnloadKeyboardLayout
MessageBoxA

msvcrt

isalnum
time
_controlfp
__set_app_type
__p__fmode
fwrite
srand
strcoll
strtok
__p__commode
iswxdigit
isalpha
fflush
wcscoll
rand
floor
wcscspn
_amsg_exit
isprint
towlower
fseek
realloc
islower
_initterm
_ismbblead
gets
_XcptFilter
_exit
remove
vsprintf
_cexit
putc
strpbrk
__setusermatherr
iswctype
wcstok
clearerr
wcscpy
strchr
iswprint
perror
printf
towupper
puts
_vsnwprintf
__getmainargs
wcstod
wcspbrk

kernel32

CreateDirectoryW
lstrlenW
GetStartupInfoW
CreateFileMappingA
MapViewOfFile
TlsGetValue
ExitThread
GetModuleFileNameA
lstrcatA
IsBadStringPtrW
GlobalDeleteAtom
FindClose
GlobalGetAtomNameA
UnlockFile
GetStdHandle
GetCommState
GetHandleInformation
CreateNamedPipeW
FindFirstFileW
ResetEvent
CreateEventA
SetEvent
CreateRemoteThread
SearchPathW
FindFirstFileA
GetTempFileNameW
ClearCommBreak
SetLastError
WaitCommEvent
GetModuleFileNameW
CreateThread
LoadLibraryA
FileTimeToDosDateTime
OpenFileMappingA
GetFileInformationByHandle
FileTimeToLocalFileTime
SetFileAttributesW
GetCommandLineA
CompareStringW
HeapSize
GlobalCompact
SetFileApisToOEM
DeleteFileW
SetThreadPriority
ReleaseMutex
GetFileSize
GetModuleHandleA
CreateMutexA
GlobalSize
DeleteFileA
GetSystemWindowsDirectoryA
TlsFree
SetThreadLocale
LocalLock
GetVersionExA
FreeResource
MulDiv
AreFileApisANSI
GetTickCount

shlwapi

UrlGetPartW

Exports

Exports

?CreatDlgItemList@@YGKPBDDPAX:O

Sections

.text
Size: 23KB - Virtual size: 22KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.exp
Size: 512B - Virtual size: 121B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.edit
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ixport
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.sims
Size: 512B - Virtual size: 271B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.ndat
Size: 512B - Virtual size: 192B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 15KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

8ce3b691b294581a2ef51fd135a363dd

Headers

File Characteristics

PDB Paths

Imports

user32

msvcrt

kernel32

shlwapi

Exports

Exports

Sections

.text Size: 23KB - Virtual size: 22KB

.exp Size: 512B - Virtual size: 121B

.edit Size: 1KB - Virtual size: 1KB

.data Size: 2KB - Virtual size: 2KB

.ixport Size: 6KB - Virtual size: 5KB

.sims Size: 512B - Virtual size: 271B

.ndat Size: 512B - Virtual size: 192B

.rsrc Size: 15KB - Virtual size: 14KB

.text
Size: 23KB - Virtual size: 22KB

.exp
Size: 512B - Virtual size: 121B

.edit
Size: 1KB - Virtual size: 1KB

.data
Size: 2KB - Virtual size: 2KB

.ixport
Size: 6KB - Virtual size: 5KB

.sims
Size: 512B - Virtual size: 271B

.ndat
Size: 512B - Virtual size: 192B

.rsrc
Size: 15KB - Virtual size: 14KB