8b96fcad1a7d0587934f686490199977_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

8b96fcad1a7d0587934f686490199977_JaffaCakes118
Size

288KB
MD5

8b96fcad1a7d0587934f686490199977
SHA1

d20640dc1419a864636b0297136ddf1e1e92cbcb
SHA256

123c607757e6bddb0b7d19e45a4280b081ab318548a6b1785b2653f80fce89df
SHA512

f9be9811d25d757cf181041191f7cecef53d993f306d8cd2cf97863b15953859f6336417c249470a7144c985ea9aaa6a162faec4f88f2b7304280cc7b3b3527e
SSDEEP

6144:NO0aI/cnqgpm5EIINWxHbO0yWa+jdnv/XgpNT3t:NOC/cnqg/IAWxyhWaENnm

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8b96fcad1a7d0587934f686490199977_JaffaCakes118

Files

8b96fcad1a7d0587934f686490199977_JaffaCakes118
.exe windows:5 windows x86 arch:x86

cd6c2c9c1eed97f4706c47d8836f079a

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

V:\wporikepMytXnn\TBrfKKiuRPWZ\qluzRgdBcuI.pdb

Imports

comdlg32

PrintDlgW
ReplaceTextW
ChooseColorW
PrintDlgExW
GetSaveFileNameW
GetOpenFileNameA

kernel32

CopyFileW
GetThreadLocale
WaitForMultipleObjectsEx
DisconnectNamedPipe
GetCurrentThread
IsDBCSLeadByte
ClearCommError
GetSystemDirectoryW
GlobalMemoryStatus
GetFileType
FindNextFileW
OpenEventA
CreateEventA
PulseEvent
TerminateThread
SetPriorityClass
GetSystemWindowsDirectoryW
GetSystemDefaultLangID
CopyFileA
GetCommConfig
SetWaitableTimer
RemoveDirectoryA
WideCharToMultiByte
SetFileTime
MoveFileA
GetTimeFormatA
LocalLock
GetThreadContext
ReadFile
ResumeThread
SearchPathW
GetOverlappedResult
SetFileAttributesW
GetSystemTime
GetOEMCP
CompareFileTime
lstrcmpA
LoadLibraryA
RegisterWaitForSingleObject
SetUnhandledExceptionFilter
DeleteCriticalSection
lstrcpynW
SetErrorMode
GetFileAttributesExA
GetFileAttributesA
RaiseException
GetProcAddress
FormatMessageW
GlobalUnlock
GetFileAttributesExW
HeapReAlloc

user32

ScrollWindow
ClientToScreen
DeferWindowPos
GetDC
IsDialogMessageA
IsWindow
BeginPaint
DrawTextW
LoadImageW
ScreenToClient
SetDlgItemTextW
GetDlgItemTextW
DestroyWindow
GetIconInfo
IsWindowUnicode
SetMenuDefaultItem
GetNextDlgGroupItem
InvalidateRgn
CharUpperBuffA
CharNextExA
InSendMessage
LoadStringW
PtInRect
SetMenu
MapVirtualKeyExW
MonitorFromPoint
GetKeyState
GetWindowTextA
SendMessageW
IsCharAlphaNumericW
ChildWindowFromPoint
wsprintfA
LoadBitmapW
IntersectRect
GetDlgCtrlID
ShowOwnedPopups
ChangeMenuW
TileWindows
DialogBoxIndirectParamW
InflateRect
CharPrevA
ReleaseDC
MoveWindow
MessageBoxW
EnumThreadWindows
RemovePropW
GetSystemMetrics
GetMessagePos
MessageBoxA
AdjustWindowRectEx
GetLastActivePopup
CharUpperA
SetWindowPos
HideCaret
MessageBoxExA
CallWindowProcW
DefFrameProcW
CreatePopupMenu
GetMenuItemInfoW
ModifyMenuW
DrawFocusRect
CheckMenuItem
GetFocus
SetScrollRange
RemoveMenu
wvsprintfW
GetDlgItemTextA
GetWindow
CharToOemW
MonitorFromRect
AttachThreadInput
IsMenu
RedrawWindow
DestroyAcceleratorTable
CreateCaret
LoadAcceleratorsA
GetMessageTime
LoadBitmapA
CreateWindowExA
AllowSetForegroundWindow
InSendMessageEx
ShowCaret
SwapMouseButton
LoadCursorA
GetMenuStringW
LoadMenuW
TrackPopupMenuEx
AppendMenuW
GetShellWindow
IsWindowVisible
UpdateWindow
DefWindowProcW
ToUnicodeEx
GetMenuCheckMarkDimensions
GetSysColorBrush
SetDlgItemInt
CreateDialogIndirectParamW
GetWindowTextLengthW
ShowCursor
LoadMenuA
GetDoubleClickTime
MapDialogRect
SendMessageTimeoutA
CharNextA
GetSubMenu
DispatchMessageA
CascadeWindows
CreateMenu
SetActiveWindow
ShowWindowAsync
CharLowerW

msvcrt

gets
_controlfp
strtol
iswalpha
fgets
isupper
__set_app_type
clearerr
iswdigit
sprintf
isalpha
wcstombs
iswctype
__p__fmode
system
strncmp
fputc
bsearch
__p__commode
_amsg_exit
strcspn
_initterm
_acmdln
exit
strcoll
atoi
wcstoul
isprint
wcscmp
_ismbblead
strtoul
_XcptFilter
setlocale
_exit
fwrite
isalnum
wcstok
qsort
_cexit
wcscoll
ftell
__setusermatherr
strrchr
__getmainargs
mbtowc

gdi32

StartDocW
SetLayout
ScaleViewportExtEx
GetTextExtentPoint32A
GetStockObject
GetNearestColor
ExtTextOutA
SaveDC
SetDIBits
SetWindowOrgEx
CreateFontW
GetTextExtentPoint32W
CreateSolidBrush
SetDIBColorTable
GetTextColor
ResizePalette
RoundRect
GetPixel
BeginPath
GetNearestPaletteIndex
GetSystemPaletteEntries
RectVisible
GetBkMode
GetWindowOrgEx
PathToRegion
CreateHatchBrush
GetTextCharsetInfo
Polygon
SelectObject
RemoveFontResourceW
GetPaletteEntries
LineTo
EnumFontFamiliesW
SetStretchBltMode
SetMapMode
CreateBitmapIndirect
EndDoc
CombineRgn
PtInRegion
GetViewportOrgEx
CreateCompatibleDC
SetRectRgn
CreateBitmap
SetBitmapBits
GetSystemPaletteUse
StretchDIBits
GetObjectA

Exports

Exports

?FindClassA@@YGXK@Z
?FormatComponentW@@YGXPAII@Z
?InsertSectionExA@@YGKHPANPAGI@Z
?GenerateClassEx@@YGNPAEKPAK@Z
?GlobalDirectoryOld@@YGPA_NPADIPAI@Z
?LoadFullNameEx@@YGPAKPAGEJ@Z
?CloseConfigNew@@YGFGGH@Z
?ValidateExpressionOriginal@@YGKGPAI@Z
?ValidateArgumentW@@YGPANJG@Z
?CallAppNameExW@@YGIPAGPAFE@Z
?CloseChar@@YGFPAINND@Z
?IncrementValueExW@@YGIEIN@Z
?IsValidKeyboardEx@@YGKJF@Z
?EnumSystemEx@@YGMFPAMKK@Z
?IncrementProcessW@@YGKIK_N@Z
?KillSystemEx@@YGHPAKHJ@Z
?GetClassW@@YGGEPADPAD@Z
?CloseWidthExA@@YGXPANPAKPAM@Z
?InstallTaskExA@@YGXIPAEH@Z
?IsValidDate@@YGPAGJKPAJ@Z
?RtlKeyboardOriginal@@YGXPAI@Z
?IsScreenExW@@YGKIJN@Z
?CloseDirectoryNew@@YGXIH@Z
?KillComponentOld@@YGFEG@Z
?DeleteFunctionOriginal@@YGHPADJM@Z
?PutMemory@@YGIG@Z
?DeleteFullName@@YGKJ@Z
?InstallTextExW@@YGPAXFM@Z
?IsValidHeaderOriginal@@YGPAHFHH@Z
?GenerateTimerW@@YGIPA_NNJ@Z
?SendAppNameEx@@YGHNJF@Z
?RemoveKeyNameExA@@YGPADMHPAK@Z
?GenerateHeight@@YGXPAHMG@Z
?AddScreenExA@@YGFI@Z
?OnMemoryEx@@YGEM@Z

Sections

.text
Size: 65KB - Virtual size: 64KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.dt_i
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.dt_e
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 73KB - Virtual size: 72KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 126KB - Virtual size: 125KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

cd6c2c9c1eed97f4706c47d8836f079a

Headers

File Characteristics

PDB Paths

Imports

comdlg32

kernel32

user32

msvcrt

gdi32

Exports

Exports

Sections

.text Size: 65KB - Virtual size: 64KB

.dt_i Size: 6KB - Virtual size: 6KB

.dt_e Size: 1KB - Virtual size: 1KB

.data Size: 13KB - Virtual size: 13KB

.rdata Size: 73KB - Virtual size: 72KB

.rsrc Size: 126KB - Virtual size: 125KB

.reloc Size: 2KB - Virtual size: 1KB

.text
Size: 65KB - Virtual size: 64KB

.dt_i
Size: 6KB - Virtual size: 6KB

.dt_e
Size: 1KB - Virtual size: 1KB

.data
Size: 13KB - Virtual size: 13KB

.rdata
Size: 73KB - Virtual size: 72KB

.rsrc
Size: 126KB - Virtual size: 125KB

.reloc
Size: 2KB - Virtual size: 1KB