8d04d2588cf7fb5632a052522595bb25_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

8d04d2588cf7fb5632a052522595bb25_JaffaCakes118
Size

436KB
MD5

8d04d2588cf7fb5632a052522595bb25
SHA1

4f843b7fb677c67bdbced70efaab3ed6f1e0bc93
SHA256

14f3b79cde67e045e3c04101d42b394d1e00180a0bf0667361c1bdea9248210c
SHA512

22b212801bbdd6e4bf416455d3f33eae45db5979935b6be35936c53f636dcccca9d174c910b417f5e14e08eb6aa5880a5ffe26471d027eda4790f67a84bfc7c2
SSDEEP

12288:znEO/Up+yW0Fk9ok330/zXw8G4seppe1:wO/Up4zp07ZzJre1

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8d04d2588cf7fb5632a052522595bb25_JaffaCakes118

Files

8d04d2588cf7fb5632a052522595bb25_JaffaCakes118
.exe windows:5 windows x86 arch:x86

f780c0a0ecb8a0b1ac3ed410bd60bef0

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

L:\xoIqrfrAbzwj\fuctsrE\iQtEunl.pdb

Imports

shlwapi

UrlGetPartW

msvcrt

strncpy
free
swscanf
strpbrk
iswctype
putchar
_controlfp
swprintf
putc
strncmp
iswalpha
mbstowcs
__set_app_type
__p__fmode
__p__commode
isxdigit
_amsg_exit
iswprint
printf
strspn
_vsnwprintf
_initterm
_ismbblead
exit
strstr
towlower
fputs
fread
strchr
vswprintf
_XcptFilter
_exit
wcscoll
isdigit
vsprintf
_cexit
sprintf
wcstod
__setusermatherr
iswxdigit
mbtowc
getc
isprint
__getmainargs
fclose
strtol
islower
wcsrchr

user32

LoadIconW
TranslateMessage
CreateDialogParamA
HiliteMenuItem
SendDlgItemMessageA
EnableMenuItem
PostMessageW
GetClientRect
TrackPopupMenuEx
TileWindows
GetWindow
wsprintfW
CharUpperBuffA
SetWindowPos
ShowScrollBar
SetWindowRgn
ShowCaret
GetMessageExtraInfo
ShowWindow
ExitWindowsEx
keybd_event
MessageBoxExA
CreatePopupMenu
IsRectEmpty
SetWindowLongA
CreateDialogParamW
GetDC
FrameRect
GetAsyncKeyState
SendMessageTimeoutW
OpenInputDesktop
DefWindowProcW
TrackPopupMenu
AppendMenuA
ScreenToClient
CheckRadioButton
ValidateRect
DefDlgProcW
GetSysColor
BeginDeferWindowPos
SystemParametersInfoA
GetMenuItemRect
InvalidateRgn
SetScrollRange
AdjustWindowRectEx
DrawFrameControl
AllowSetForegroundWindow
LockWindowUpdate
DrawFocusRect
GetDlgItemTextW
CreateCursor
InvalidateRect
RegisterClassW
wvsprintfW
FindWindowExW
IsIconic
ActivateKeyboardLayout
GetCursorPos
GetIconInfo
GetUserObjectInformationA
LoadBitmapA
GetKeyboardLayoutList
DestroyIcon
SetClassLongW
IsCharUpperA
DrawStateA
GetPropW
GetClassInfoExA
GetMessageTime
SetCursor
SystemParametersInfoW
GetDialogBaseUnits
SetForegroundWindow
LoadBitmapW
PeekMessageA
CascadeWindows
IsCharAlphaA
GetClassInfoA
GetDlgItemTextA
GetMonitorInfoW
CharPrevA
InternalGetWindowText
ShowWindowAsync
GetWindowRect
EnumWindows
LoadAcceleratorsA
RemoveMenu
GetMenuItemCount
SetCursorPos
CharNextW
GetMenuItemID
PostThreadMessageW
CopyImage
UnloadKeyboardLayout
SendInput
GetParent
MessageBoxA
GetKeyboardType
InsertMenuW
DestroyCaret
IsDialogMessageW
CreateWindowExA
GetScrollPos
GetWindowLongW
DragObject
MonitorFromPoint
DrawAnimatedRects
MonitorFromRect
EqualRect
MapVirtualKeyA
DestroyCursor
GetTopWindow
DeferWindowPos
DrawTextA
LoadStringA
GetCaretPos
SetWindowTextW
LoadAcceleratorsW
ArrangeIconicWindows
LoadCursorA

comdlg32

PrintDlgW
ReplaceTextW
GetFileTitleW
CommDlgExtendedError
ChooseFontW
FindTextW

kernel32

lstrcmpiW
HeapAlloc
CreateEventW
SetEndOfFile
FoldStringW
GlobalAddAtomW
CompareStringW
GetTimeFormatA
GlobalGetAtomNameA
GetProcAddress
SetErrorMode
CreateFileW
CallNamedPipeW
GlobalDeleteAtom
SetThreadPriority
LCMapStringW
lstrcatW
GetModuleFileNameA
CreateNamedPipeW
SetHandleInformation
LCMapStringA
CloseHandle
GetFileAttributesW
GetCurrentThreadId
SetLastError
OpenFileMappingA
EnterCriticalSection
WaitForSingleObject
VirtualProtect
DeleteFileA
LeaveCriticalSection
SuspendThread
EnumResourceNamesW
SetHandleCount
IsValidLanguageGroup
GetModuleHandleA
FindFirstFileW
EnumSystemLocalesA
CreateMailslotW
PulseEvent
SetThreadAffinityMask
ResetEvent
GetStartupInfoW
ReleaseSemaphore
DeleteCriticalSection
GlobalMemoryStatus
GetTickCount
MoveFileExW
GetCommProperties
SleepEx
GlobalLock
MulDiv
FindResourceW

comctl32

CreateStatusWindowW
ImageList_Remove
CreateToolbarEx
ImageList_Draw
ImageList_Create
ImageList_LoadImageW

Exports

Exports

?CreatDlgItemList@@YGKPBDDPAX:O

Sections

.text
Size: 22KB - Virtual size: 22KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.cexp
Size: 512B - Virtual size: 93B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.regs
Size: 1KB - Virtual size: 535KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.citab
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.$dbug
Size: 512B - Virtual size: 88B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.lime
Size: 512B - Virtual size: 383B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tdat
Size: 512B - Virtual size: 192B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 401KB - Virtual size: 401KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f780c0a0ecb8a0b1ac3ed410bd60bef0

Headers

File Characteristics

PDB Paths

Imports

shlwapi

msvcrt

user32

comdlg32

kernel32

comctl32

Exports

Exports

Sections

.text Size: 22KB - Virtual size: 22KB

.cexp Size: 512B - Virtual size: 93B

.regs Size: 1KB - Virtual size: 535KB

.data Size: 2KB - Virtual size: 1KB

.citab Size: 6KB - Virtual size: 5KB

.$dbug Size: 512B - Virtual size: 88B

.lime Size: 512B - Virtual size: 383B

.tdat Size: 512B - Virtual size: 192B

.rsrc Size: 401KB - Virtual size: 401KB

.text
Size: 22KB - Virtual size: 22KB

.cexp
Size: 512B - Virtual size: 93B

.regs
Size: 1KB - Virtual size: 535KB

.data
Size: 2KB - Virtual size: 1KB

.citab
Size: 6KB - Virtual size: 5KB

.$dbug
Size: 512B - Virtual size: 88B

.lime
Size: 512B - Virtual size: 383B

.tdat
Size: 512B - Virtual size: 192B

.rsrc
Size: 401KB - Virtual size: 401KB