8cbb6a23a4866968bb333f862e23b49a_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

8cbb6a23a4866968bb333f862e23b49a_JaffaCakes118
Size

207KB
MD5

8cbb6a23a4866968bb333f862e23b49a
SHA1

b9110c3340e84c56e146085adf5d25ee2de7987a
SHA256

3675db37a5c08fdd062e3b5aae428ca2346375c05ca2ab252ef8403d2ce655e9
SHA512

4c02d90f8bc906ca15eb0391f997abbf6fbae4cad62593c6c87521f0e8b8d89f97a1ca5241983f03d9f9a8b1bb63d66cc05ee2c17343a1c773e37817b944d845
SSDEEP

3072:OvEg/W7QaQocA8Z1Wc3NN/yycFDD36QC5DcV3vmvQCLAuoRfEYDqgjN892WDCVqG:OvZIQaQo8Zna7G4hvmvQbuol6AN89lG

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8cbb6a23a4866968bb333f862e23b49a_JaffaCakes118

Files

8cbb6a23a4866968bb333f862e23b49a_JaffaCakes118
.exe windows:5 windows x86 arch:x86

74ebc95e807c3537b188631b244a71c9

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

V:\QlazhcedtfyH\zqfoeKwgvm\kxwpTcKEjaaot.pdb

Imports

user32

DialogBoxParamW
GetClassInfoExW
GetMessageExtraInfo
DrawTextW
SystemParametersInfoW
RegisterClassW
SendMessageTimeoutW
IsChild
LookupIconIdFromDirectory
GetClientRect
GetKeyboardLayoutList
LoadIconA
CallWindowProcW
EnableMenuItem
SetCaretPos
OffsetRect
ShowScrollBar
MapVirtualKeyW
OpenDesktopW
OemToCharBuffA
GetWindowLongA
CharToOemW
GetMessageA
ShowWindow
CreatePopupMenu
CopyAcceleratorTableW
TabbedTextOutW
PostQuitMessage
SendNotifyMessageW
BeginDeferWindowPos
AllowSetForegroundWindow
GetMonitorInfoW
SetRect
LoadStringA
PeekMessageA
SendInput
SetScrollPos
MessageBoxExA
InvalidateRect
GetWindowTextLengthW
GetMenuStringW
wvsprintfA
DrawEdge
SendMessageTimeoutA
ArrangeIconicWindows
InsertMenuA
MoveWindow
HideCaret
LoadMenuA
IsDialogMessageA
DrawTextExW
InflateRect
GetMenuItemRect
AttachThreadInput
IsWindowVisible
GetAltTabInfoA
IsWindow
DestroyWindow
DrawIcon
RegisterWindowMessageA
DialogBoxIndirectParamW
GetKeyNameTextW
IsCharAlphaNumericW
ClipCursor
IsDlgButtonChecked
KillTimer
IsIconic
CharPrevW
SetCursor
ScrollWindow
RegisterHotKey
GetClassLongA
TileWindows
IsMenu
CascadeWindows
ToUnicodeEx
PostMessageW
IsCharUpperA
CharNextExA
GetWindowPlacement
SetWindowTextW
SetSysColors
RedrawWindow
GetMenuItemCount
FindWindowA
GetScrollRange
GetClassLongW
SetMenuItemInfoW
CopyImage
LoadIconW
DragObject
CreateCaret
MessageBoxA
SetMenu
GetScrollInfo
LoadAcceleratorsW
DrawAnimatedRects
CharNextW
CharUpperA
ShowOwnedPopups
CharUpperBuffW
MapWindowPoints
TranslateAcceleratorW
ChildWindowFromPoint
IsWindowEnabled
InvertRect
SetWindowTextA
CreateWindowExA
CharToOemA
WindowFromPoint
SetDlgItemTextW
SetMenuItemBitmaps
FrameRect
SetWindowPlacement
FillRect
SetLastErrorEx
SendMessageW
EndPaint
CheckDlgButton
CloseDesktop
ShowCaret
EnableScrollBar

kernel32

FindNextFileA
SearchPathW
GetModuleFileNameA
lstrcpyA
IsBadReadPtr
CreateEventW
GetAtomNameA
GetFileTime
LoadLibraryA
ExitThread
CompareStringW
GetSystemDefaultLangID
ConvertDefaultLocale
lstrcmpiA
FileTimeToSystemTime
FlushViewOfFile
SetHandleCount
DeleteFileA
HeapFree
FormatMessageA
LeaveCriticalSection
GetVersionExW
WaitForSingleObject
EnterCriticalSection
RemoveDirectoryA
CopyFileW
CreateNamedPipeW
GlobalCompact
CreateSemaphoreW
SetCommTimeouts
GetOEMCP
IsDBCSLeadByte
OpenEventW
GetFileAttributesExW
FindResourceA
LocalSize
SetLocalTime
SizeofResource
SetFileApisToOEM
lstrcpynW
GetProcessHeap
SetCommState
GetCommProperties
HeapAlloc
GetLocaleInfoW
DeleteCriticalSection
MulDiv
TransactNamedPipe
GetBinaryTypeW
GetSystemTimeAdjustment
OpenFileMappingW
LoadLibraryExW
FindClose
ResetEvent
GlobalLock
GetWindowsDirectoryA
InitializeCriticalSection
GetThreadContext
GetDateFormatA

msvcrt

wcsrchr
fgetc
_controlfp
isspace
__set_app_type
wcscpy
__p__fmode
wcsncmp
memset
strrchr
getenv
__p__commode
puts
srand
swprintf
atol
_amsg_exit
fseek
swscanf
mktime
towupper
wcstombs
perror
strcoll
ungetc
strcpy
_initterm
strstr
setvbuf
printf
wcstoul
_ismbblead
remove
strtoul
wcslen
realloc
_XcptFilter
iswdigit
iswprint
time
_exit
iswxdigit
isdigit
wcsstr
_cexit
strchr
__setusermatherr
__getmainargs

shlwapi

StrToIntA

Exports

Exports

?InsertRawPointDyXBc@@YGKHGE[D

Sections

.text
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 21KB - Virtual size: 213KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 174KB - Virtual size: 174KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

74ebc95e807c3537b188631b244a71c9

Headers

File Characteristics

PDB Paths

Imports

user32

kernel32

msvcrt

shlwapi

Exports

Exports

Sections

.text Size: 8KB - Virtual size: 8KB

.data Size: 21KB - Virtual size: 213KB

.rsrc Size: 174KB - Virtual size: 174KB

.reloc Size: 2KB - Virtual size: 1KB

.text
Size: 8KB - Virtual size: 8KB

.data
Size: 21KB - Virtual size: 213KB

.rsrc
Size: 174KB - Virtual size: 174KB

.reloc
Size: 2KB - Virtual size: 1KB