8d9cf72a34aab7c1c92602a908c0e5db_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

8d9cf72a34aab7c1c92602a908c0e5db_JaffaCakes118
Size

213KB
MD5

8d9cf72a34aab7c1c92602a908c0e5db
SHA1

b19ecfaa41a1ac6d2d1a4f9199083c53a445a4a5
SHA256

68834d931d5f8fd906196a88fd44f8c3bb24dc86babf69648b4b0a81e28188f6
SHA512

ea2eb53e25fa64849c42ba946b2b9fda9cb8398a8ade841eb31440a1c30c3a57bf61d90ca94ecf9c6eacc5e6aa1604b75fa8c95dec56838906b1cc4017a3861e
SSDEEP

6144:zUuhB0dbhK3cVVbniHhOuV9oRWUfICUq9doj:ThByhTbIOujXIfoj

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8d9cf72a34aab7c1c92602a908c0e5db_JaffaCakes118

Files

8d9cf72a34aab7c1c92602a908c0e5db_JaffaCakes118
.exe windows:5 windows x86 arch:x86

329e88cdf734002cbe7b16389ac5f223

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

N:\zxwvPIiOftMF\eiylnnEpYc\KxlhtUHaot\eEuuFqkA\Lkmdymdh.pdb

Imports

user32

LoadAcceleratorsW
ToUnicodeEx
GetScrollInfo
LoadImageW
GetWindowDC
ShowWindowAsync
IsZoomed
CharUpperW
ScrollWindow
IsDialogMessageA
GetShellWindow
SetDlgItemTextA
LoadIconA
GetSubMenu
TranslateAcceleratorA
GetClassInfoExW
MessageBoxExW
DestroyCaret
FillRect
DefFrameProcW
OemToCharA
RegisterClassA
WaitForInputIdle
ArrangeIconicWindows
FindWindowExA
ChangeMenuW
GetDlgCtrlID
GetClassInfoW
SetScrollRange
SetWindowTextW
ModifyMenuW
SetParent
InvalidateRgn
GetCaretPos
MapVirtualKeyW
wvsprintfA
SendDlgItemMessageW
GetMenuStringA
SendInput
IsCharLowerA
AdjustWindowRectEx
SetDlgItemInt
OpenDesktopW
IntersectRect
SetCursor
MessageBoxA
SwitchToThisWindow
DefWindowProcW
LockWindowUpdate
InSendMessage
InflateRect
CharUpperBuffA
CharPrevA
SystemParametersInfoA
FindWindowA
EnumThreadWindows
SetPropW
wsprintfW
EndDialog
EqualRect
DestroyAcceleratorTable
EnumChildWindows
MonitorFromRect
EnableWindow
GetMenuCheckMarkDimensions
GetForegroundWindow
MessageBoxExA
ShowCaret
SetWindowPlacement
SetScrollPos
InSendMessageEx
LoadMenuW
CharToOemBuffA
GrayStringW
FrameRect
MapVirtualKeyA
CharToOemA
BeginDeferWindowPos
TrackPopupMenu
GetParent
CreateDialogParamA
MapVirtualKeyExW
GetKeyNameTextW
LoadImageA
InvalidateRect
DeferWindowPos
SetLastErrorEx
DrawMenuBar
ActivateKeyboardLayout

msvcrt

getenv
wcscmp
vsprintf
bsearch
_controlfp
isupper
fclose
localtime
__set_app_type
free
strtol
wcsncmp
printf
__p__fmode
qsort
__p__commode
ungetc
gets
_amsg_exit
_initterm
iswxdigit
towlower
_acmdln
strstr
exit
mbstowcs
_ismbblead
iswalpha
_XcptFilter
_exit
strncpy
swprintf
fprintf
ftell
isspace
fputs
strchr
_cexit
__setusermatherr
__getmainargs

gdi32

LineTo
CreateRectRgn
Rectangle
SetWindowExtEx
RoundRect
DeleteObject
AddFontResourceW
WidenPath
CreatePalette
FillRgn
LPtoDP
EndDoc
GetTextExtentPointA
CreateDiscardableBitmap
OffsetRgn
GetSystemPaletteUse
TextOutW
GetBitmapBits
SetROP2
SelectClipRgn
GetTextExtentPointW
TextOutA
StartPage
SetLayout
GetTextCharsetInfo
GetBkMode
ScaleViewportExtEx
GetObjectA
RealizePalette
SetDIBColorTable
EndPath
TranslateCharsetInfo
LineDDA
SetBkMode
CreatePolygonRgn
Polyline
PatBlt

kernel32

CreateRemoteThread
FileTimeToDosDateTime
GetCPInfo
LocalAlloc
SetSystemTime
RaiseException
FindFirstFileW
CreateDirectoryW
GlobalGetAtomNameW
EscapeCommFunction
CreateWaitableTimerW
LoadLibraryW
BuildCommDCBAndTimeoutsW
CreateFileMappingW
SearchPathA
DisconnectNamedPipe
GlobalReAlloc
FindResourceExW
GetOverlappedResult
LoadLibraryA
MoveFileW
SizeofResource
HeapFree
GetCommState
GetAtomNameA
UnlockFile
SetCurrentDirectoryA
FindFirstChangeNotificationW
SetSystemTimeAdjustment
SetFileAttributesW
GetTempPathA
GetTickCount
CreateNamedPipeA
EnumSystemLocalesA
GlobalMemoryStatusEx
ResetEvent
SetCommBreak
DeleteFileW
GetTimeZoneInformation
GetCommModemStatus
GetLocalTime
CopyFileA

Exports

Exports

?WaitForMultipleObjectsIUIUDSiuld@@YGKEPA_WG@Z
?WaitForMultipleObjectsJUDiuDLIJU@@YGKEPA_WG@Z
?WaitForMultipleObjectsUYDyudkjh@@YGKEPA_WG@Z
?WaitForSingleObjectYDEyuhgDU6d@@YGKEPA_WG@Z

Sections

.text
Size: 88KB - Virtual size: 87KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 18KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 2KB - Virtual size: 52KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 105KB - Virtual size: 104KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

329e88cdf734002cbe7b16389ac5f223

Headers

File Characteristics

PDB Paths

Imports

user32

msvcrt

gdi32

kernel32

Exports

Exports

Sections

.text Size: 88KB - Virtual size: 87KB

.data Size: 18KB - Virtual size: 17KB

.rdata Size: 2KB - Virtual size: 52KB

.rsrc Size: 105KB - Virtual size: 104KB

.reloc Size: 2KB - Virtual size: 1KB

.text
Size: 88KB - Virtual size: 87KB

.data
Size: 18KB - Virtual size: 17KB

.rdata
Size: 2KB - Virtual size: 52KB

.rsrc
Size: 105KB - Virtual size: 104KB

.reloc
Size: 2KB - Virtual size: 1KB