8aa881bd034b7f65e8b68b4497038e07_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

8aa881bd034b7f65e8b68b4497038e07_JaffaCakes118
Size

174KB
MD5

8aa881bd034b7f65e8b68b4497038e07
SHA1

07828f741d95aa162a36b2d742f27bd7d6a95a3b
SHA256

655c6342be76b89f05f4f683ebac3bcb7d3889da0e4f3108f1204e280756628c
SHA512

1a8ce563f0271a0246fca0f5ddf35c76752ed52b754bf1109b6fb973a04f866e51f604e2d29c6de305d3bc789adb21b0e82cba086c29dc0705676d7446019749
SSDEEP

3072:Ai8mmhrOYQbaqLN4hJ5TVgtmAetVZLwiNbri7tCUgGXyIfH7bJf3WfZiY8GsDA5l:VBmhCY/oq1gdeRwDMGXjPpf3WhE853V

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8aa881bd034b7f65e8b68b4497038e07_JaffaCakes118

Files

8aa881bd034b7f65e8b68b4497038e07_JaffaCakes118
.exe windows:5 windows x86 arch:x86

7f9469d5e6ff736c2ae4fa740238d3f7

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

K:\BgTxzorqieWvwM\wpsfJfpli\ezslqvqbd.pdb

Imports

comctl32

ImageList_GetIconSize
PropertySheetA
ImageList_Read
ImageList_AddMasked
ImageList_Write
ImageList_Draw

msvcrt

ftell
atol
_controlfp
mbstowcs
wcschr
isalnum
__set_app_type
ungetc
fread
__p__fmode
fputc
__p__commode
wcstombs
free
wcstod
setvbuf
gets
iswctype
strtol
sprintf
malloc
clearerr
_amsg_exit
swscanf
tolower
getenv
wcslen
_initterm
strncmp
srand
iswprint
sscanf
_ismbblead
qsort
printf
_XcptFilter
realloc
_exit
swprintf
memset
putchar
wcscpy
_cexit
floor
wcscmp
puts
__setusermatherr
__getmainargs
mbtowc

kernel32

GlobalGetAtomNameA
CreateFileMappingW
GetFileAttributesW
IsBadReadPtr
CompareStringW
FindFirstFileW
RegisterWaitForSingleObject
FreeResource
IsValidLanguageGroup
SetLastError
GetThreadTimes
GetVersion
SetCommMask
GetOverlappedResult
ClearCommBreak
GlobalReAlloc
lstrcpynW
UnhandledExceptionFilter
OpenSemaphoreW
GetVersionExA
SetFilePointer
GetLocaleInfoW
SetSystemTimeAdjustment
SearchPathA
HeapFree
IsValidLocale
FindClose
CopyFileA
GetModuleHandleA
CancelIo
QueryPerformanceCounter
LocalReAlloc
HeapSize
TryEnterCriticalSection
ConnectNamedPipe
SizeofResource
lstrcpyA
WaitForSingleObjectEx
GetShortPathNameA
WaitForMultipleObjectsEx
GetThreadPriority
GlobalGetAtomNameW
ConvertDefaultLocale
GetFileTime
SetEndOfFile
MoveFileW
IsDBCSLeadByte
HeapLock
GetFileAttributesA
ResetEvent
AddAtomW
SearchPathW
OpenFileMappingA
GetThreadContext
SetSystemTime

user32

GetMenuItemRect
GetMenuCheckMarkDimensions
GetDlgItemTextW
GetShellWindow
FillRect
CallWindowProcA
SetRect
TranslateMessage
PostMessageW
InflateRect
ClientToScreen
RegisterClassA
ValidateRect
SetWindowPlacement
IntersectRect
CharNextA
LoadStringW
ExitWindowsEx
GetNextDlgGroupItem
GetDlgCtrlID
EqualRect
VkKeyScanW
GetForegroundWindow
LoadAcceleratorsA
SetCursorPos
GetDC
CharToOemA
SendMessageW
GetMenuItemCount
MapWindowPoints
mouse_event
SetDlgItemInt
GetSystemMetrics
LoadBitmapA
ChangeMenuW
CharNextExA
CheckMenuRadioItem
ModifyMenuW
IsCharLowerA
AdjustWindowRect
SetForegroundWindow
MapVirtualKeyW
GetScrollRange
IsCharUpperA
wvsprintfA
EndDialog
RemovePropW
SetWindowPos
OpenInputDesktop
DrawEdge
GetSysColorBrush
GetWindowRect
ShowOwnedPopups
GetCursorPos
DialogBoxIndirectParamA
GetMenuItemID
GetClassLongW
GetMessagePos
DeferWindowPos
DrawStateW
CreateIconFromResource
CharUpperBuffW
RegisterClassExA
EnableScrollBar
DestroyCaret
LoadCursorA
DrawFocusRect
GetClassLongA
SetScrollRange
GetClipCursor
ToUnicodeEx
WaitMessage
SetWindowRgn
GetPropW
IsDlgButtonChecked
AppendMenuW
TileWindows
FindWindowExW
MessageBoxExW
GetLastActivePopup
UpdateWindow
SendDlgItemMessageA
ShowCaret
CreateWindowExA
FindWindowW
BringWindowToTop
GetClassInfoExW
MessageBoxW
GetDoubleClickTime
LoadMenuA
DefWindowProcW
LoadCursorW
GetMenuStringW
CloseDesktop
RegisterClassExW
GetClassInfoW
CheckDlgButton
MessageBoxA
SendMessageA
LoadStringA
LoadAcceleratorsW
SetDlgItemTextW
CreateCursor
DefFrameProcA
SetSysColors
GetWindow
GetUserObjectInformationW
IsWindowEnabled
EnableWindow
GetClassNameW
IsIconic
DrawFrameControl
SetClassLongW
CheckRadioButton
EnableMenuItem
DefDlgProcW
DrawAnimatedRects
wvsprintfW
GetScrollPos

shlwapi

PathIsUNCA

Exports

Exports

?ForwardControlItem@@YGK_KK:O

Sections

.text
Size: 22KB - Virtual size: 21KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.ips1
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ips2
Size: 512B - Virtual size: 88B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.read
Size: 512B - Virtual size: 255KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.ips3
Size: 512B - Virtual size: 192B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ips4
Size: 40KB - Virtual size: 40KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 99KB - Virtual size: 99KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

7f9469d5e6ff736c2ae4fa740238d3f7

Headers

File Characteristics

PDB Paths

Imports

comctl32

msvcrt

kernel32

user32

shlwapi

Exports

Exports

Sections

.text Size: 22KB - Virtual size: 21KB

.ips1 Size: 6KB - Virtual size: 5KB

.ips2 Size: 512B - Virtual size: 88B

.read Size: 512B - Virtual size: 255KB

.ips3 Size: 512B - Virtual size: 192B

.data Size: 3KB - Virtual size: 2KB

.ips4 Size: 40KB - Virtual size: 40KB

.rsrc Size: 99KB - Virtual size: 99KB

.reloc Size: 2KB - Virtual size: 1KB

.text
Size: 22KB - Virtual size: 21KB

.ips1
Size: 6KB - Virtual size: 5KB

.ips2
Size: 512B - Virtual size: 88B

.read
Size: 512B - Virtual size: 255KB

.ips3
Size: 512B - Virtual size: 192B

.data
Size: 3KB - Virtual size: 2KB

.ips4
Size: 40KB - Virtual size: 40KB

.rsrc
Size: 99KB - Virtual size: 99KB

.reloc
Size: 2KB - Virtual size: 1KB