8a9d2d636c3eb83778a71d2912eaab6e_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

8a9d2d636c3eb83778a71d2912eaab6e_JaffaCakes118
Size

141KB
MD5

8a9d2d636c3eb83778a71d2912eaab6e
SHA1

2df18d58f2ee33b15ee38eae2120110db9235377
SHA256

d4594268a88e3240b8a3798b395f95af67d53eae1f58828df6e105dd655864c5
SHA512

35176a61fafd73d9440769d26274cc42c94ce7d319a90f011ef9d073bbb16d815d98d36afb26ffd74cedf788bb1ba9083f318a13d1af424514f707b069e375f2
SSDEEP

1536:4qTPSrAkdxOz/UY1pDC3iFA/cZ2IKpIPHvaSq/yiU/GOao8sCnEMvDY7hfhUxdcm:XT6k+2X3DASA/9IZPaPsaEMryqWxF7O

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8a9d2d636c3eb83778a71d2912eaab6e_JaffaCakes118

Files

8a9d2d636c3eb83778a71d2912eaab6e_JaffaCakes118
.exe windows:5 windows x86 arch:x86

f4df6d9929f74a1d4c70fc02881bcca3

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

P:\IfvhYqzesev\IdRleAKrrBzgj\SuxJmlhxd\fUeBzllPrkbe.pdb

Imports

user32

GetClassLongA
SetScrollRange
SetWindowPos
IsCharUpperA
CharPrevA
LoadStringA
FillRect
SetRect
DrawStateW
MonitorFromRect
DrawEdge
GetMenuCheckMarkDimensions
GetMenuItemID
FindWindowExW
TranslateMessage
DefFrameProcA
SendMessageW
ShowCaret
DragObject
CharNextA
PostMessageW
GetLastActivePopup
DrawStateA
SetWindowLongA
GetShellWindow
GetSystemMetrics
CharPrevW
ChangeMenuW
FindWindowW
IsIconic
IsDlgButtonChecked
IsCharAlphaA
CreateIconFromResource
GetWindowLongW
GetMenuItemCount
GetUpdateRect
LoadMenuA
VkKeyScanW
SendMessageTimeoutA
CharUpperBuffW
GetWindowTextA
CheckDlgButton
GetScrollRange
DeleteMenu
SetDlgItemTextW
SetWindowPlacement
LoadBitmapA
RegisterClassW
LoadCursorW
MapVirtualKeyW
ValidateRect
AppendMenuA
CloseDesktop
MessageBoxExA
GetClassInfoW
DrawFocusRect
GetMenuItemRect
LoadAcceleratorsA
GetWindow
CallWindowProcA
InflateRect
GetMenuStringA
GetForegroundWindow
IsZoomed
GetDCEx
SendMessageA
MapVirtualKeyExW
GetDlgCtrlID
CharNextExA
IsWindowEnabled
GetNextDlgTabItem
GetWindowTextLengthW
LookupIconIdFromDirectory
GetClassNameW
MapWindowPoints
ToUnicodeEx
SetDlgItemTextA
SendMessageTimeoutW
CreateCursor
DialogBoxIndirectParamA
EnumWindows
RegisterClassExA
MessageBoxA
GetSysColorBrush
GetWindowRect
SetSysColors
EnableMenuItem
FrameRect
CharToOemA
TileWindows
CheckMenuRadioItem
GetMenuItemInfoW
GetClassInfoExW
DestroyCursor
RemovePropW
SetWindowRgn
DrawFrameControl
GetFocus
FindWindowExA
wvsprintfA
GetScrollInfo
OemToCharA
DeferWindowPos
MessageBoxExW
GetKeyState
RegisterWindowMessageA
EndDialog
wsprintfW
SetLastErrorEx
GetScrollPos
WaitMessage
ClientToScreen
DrawAnimatedRects
SendNotifyMessageW
GetClipCursor
GetMenuState
GetCursorPos
IsWindowVisible
GetMessagePos

comctl32

ImageList_AddMasked
ImageList_Write
PropertySheetW
PropertySheetA
ImageList_GetImageCount
ImageList_Remove

msvcrt

wcstoul
floor
vswprintf
swscanf
strncpy
wcstod
_controlfp
strtok
fseek
malloc
strtol
__set_app_type
__p__fmode
__p__commode
_amsg_exit
rand
puts
realloc
wcscmp
free
putchar
atoi
srand
_initterm
_ismbblead
ftell
mktime
wcsncpy
wcstombs
_XcptFilter
fputc
getc
_exit
strtoul
gmtime
iswprint
_cexit
__setusermatherr
__getmainargs
iswspace
isprint
clearerr
wcschr
atol
qsort
gets
getenv

shlwapi

UrlGetPartA

kernel32

FindNextChangeNotification
GetCommState
IsDBCSLeadByte
MoveFileW
GetVersion
SetHandleCount
ClearCommError
CreateFileMappingW
GetUserDefaultLangID
GetHandleInformation
ReadFile
GetLastError
SetErrorMode
LoadLibraryExW
FreeResource
HeapFree
DeleteFileA
ClearCommBreak
GetCompressedFileSizeW
OpenFileMappingA
GlobalMemoryStatusEx
HeapUnlock
LocalReAlloc
CreateThread
GlobalGetAtomNameA
GetFileAttributesExW
GetSystemDirectoryW
GlobalReAlloc
LocalLock
FindClose
SetThreadLocale
OpenFileMappingW
SetSystemTime
GetSystemTimeAsFileTime
GetDateFormatA
lstrcpynW
QueryPerformanceCounter
GetFileTime
GlobalGetAtomNameW
CompareStringW
GetModuleFileNameA
IsValidLocale
RegisterWaitForSingleObject
WaitForMultipleObjectsEx
CreateDirectoryW
GetModuleHandleA
CopyFileW
IsBadReadPtr
GetOverlappedResult
GetLocalTime
GetVersionExA
GetSystemWindowsDirectoryA
ConnectNamedPipe
SearchPathW
DefineDosDeviceW
GetFileAttributesA

Exports

Exports

?RedirectOutputMsg@@YGKPBDDKPAX:O

Sections

.text
Size: 22KB - Virtual size: 22KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.cexp
Size: 512B - Virtual size: 95B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.regs
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.citab
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 2KB - Virtual size: 124KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.$dbug
Size: 512B - Virtual size: 108B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.lime
Size: 1024B - Virtual size: 680B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tdat
Size: 1024B - Virtual size: 704B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 105KB - Virtual size: 105KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f4df6d9929f74a1d4c70fc02881bcca3

Headers

File Characteristics

PDB Paths

Imports

user32

comctl32

msvcrt

shlwapi

kernel32

Exports

Exports

Sections

.text Size: 22KB - Virtual size: 22KB

.cexp Size: 512B - Virtual size: 95B

.regs Size: 1KB - Virtual size: 1KB

.citab Size: 6KB - Virtual size: 5KB

.data Size: 2KB - Virtual size: 124KB

.$dbug Size: 512B - Virtual size: 108B

.lime Size: 1024B - Virtual size: 680B

.tdat Size: 1024B - Virtual size: 704B

.rsrc Size: 105KB - Virtual size: 105KB

.text
Size: 22KB - Virtual size: 22KB

.cexp
Size: 512B - Virtual size: 95B

.regs
Size: 1KB - Virtual size: 1KB

.citab
Size: 6KB - Virtual size: 5KB

.data
Size: 2KB - Virtual size: 124KB

.$dbug
Size: 512B - Virtual size: 108B

.lime
Size: 1024B - Virtual size: 680B

.tdat
Size: 1024B - Virtual size: 704B

.rsrc
Size: 105KB - Virtual size: 105KB