8ef9264b43d07f72d79d53eef8454d7e_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

8ef9264b43d07f72d79d53eef8454d7e_JaffaCakes118
Size

226KB
MD5

8ef9264b43d07f72d79d53eef8454d7e
SHA1

9268737cf80349986acf73cb1c32d72d1fd13bfb
SHA256

a4f4d2b2c330eeef5aaf623c2975f2ebfa2fa76ee0c2f00dfaf2c0c9a44dca23
SHA512

de79d8e2fb12d21086638a4f6b6f54341aa8d161ddeb1a6da57f0e57cb73cb5f69339902a1ec6771ee10b67ce2bbf8562c3542e3971fe75c326d515667cc0ac8
SSDEEP

6144:71wjpRhXUs5PuiaThk7OWPdHW1tGdG1evH6g:71Ip3D2Za5dH1Na

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8ef9264b43d07f72d79d53eef8454d7e_JaffaCakes118

Files

8ef9264b43d07f72d79d53eef8454d7e_JaffaCakes118
.exe windows:5 windows x86 arch:x86

3a78108867355af932ac5062c3a2470a

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

G:\EQLfDhbvq\jnjfnvRB\zwrnzkbt.pdb

Imports

comctl32

ImageList_Remove
ImageList_Read
InitCommonControlsEx
ImageList_Destroy
DestroyPropertySheetPage
CreateStatusWindowW

user32

GetDlgItemTextW
SetActiveWindow
PostThreadMessageA
CharNextW
LockWindowUpdate
GetIconInfo
CreateIconFromResource
GetDesktopWindow
FindWindowExW
DispatchMessageA
GetMessagePos
RegisterHotKey
ChildWindowFromPoint
DestroyIcon
SetMenuItemBitmaps
EndDialog
DefFrameProcW
GetMenuStringW
SetForegroundWindow
SetCursorPos
DialogBoxParamA
OemToCharBuffA
SetTimer
EqualRect
ChildWindowFromPointEx
GetMenu
PtInRect
SetCaretPos
DefDlgProcA
LoadCursorA
DrawMenuBar
GetKeyState
TabbedTextOutW
InvalidateRgn
WaitForInputIdle
EnumChildWindows
CharPrevA
SendDlgItemMessageA
DestroyCursor
LoadImageA
GetLastActivePopup
wvsprintfW
GetDoubleClickTime
GetClassInfoW
GetSysColor
IntersectRect
CopyAcceleratorTableW
SetWindowLongA
PostThreadMessageW
SendNotifyMessageW
MapVirtualKeyExW
GetActiveWindow
CharToOemA
IsMenu
FindWindowW
GetTopWindow
SetWindowPlacement
GetWindowRect
FrameRect
GetWindowTextW
CreateCursor
AppendMenuW
GetWindowTextA
GetClipCursor
ShowCursor
DefWindowProcA
SetWindowLongW
SetSysColors
ScrollWindow
IsZoomed
PostMessageA
MapDialogRect
ReleaseDC
SetPropW
GetDCEx
SwitchToThisWindow
LoadBitmapW
CloseDesktop
DrawAnimatedRects
GetMenuCheckMarkDimensions
GetClassNameW
DrawTextA
SetScrollPos
DrawIconEx
DestroyMenu
TrackPopupMenu
GetMessageA
KillTimer
WaitMessage
GetForegroundWindow
DrawIcon
IsRectEmpty
SetWindowPos
LoadIconW
GetParent
IsWindowUnicode
ScrollWindowEx
ClientToScreen
ShowOwnedPopups
SetClassLongW
GetSysColorBrush
OpenIcon
IsDialogMessageW
InsertMenuItemW
GetWindowTextLengthW
GetUserObjectInformationW
RemovePropW
SetWindowTextW

kernel32

GetFileTime
MapViewOfFile
GlobalMemoryStatus
OpenFileMappingW
RemoveDirectoryA
HeapFree
GetFullPathNameW
SetThreadExecutionState
lstrcmpW
GetCommandLineA
LockResource
ReleaseMutex
SetPriorityClass
FlushViewOfFile
CreateDirectoryA
MoveFileW
lstrlenW
GetPriorityClass
CancelIo
GetTempFileNameA
ClearCommError
UnmapViewOfFile
GetAtomNameW
FindNextChangeNotification
GetNumberFormatW
SetSystemTime
HeapLock
GetFileSize
lstrcmpA
RegisterWaitForSingleObject
WideCharToMultiByte
AreFileApisANSI
TransactNamedPipe
LocalReAlloc
GetACP
GetLastError
GetUserDefaultUILanguage
IsBadWritePtr
CreateEventA
MultiByteToWideChar
GetExitCodeProcess
GlobalGetAtomNameA
SetFileTime
CreateMutexW
LoadLibraryA
GetCurrentProcess
MoveFileExA
CreatePipe
TerminateThread
GetSystemDefaultUILanguage
GetCommTimeouts
GetModuleFileNameW

gdi32

RoundRect
SelectClipRgn
CreateDIBSection
RestoreDC
GetClipBox
CreateICW
LPtoDP
CreateRoundRectRgn
TextOutA
ExtTextOutW
GetCharWidth32W
SetPixel
SetViewportExtEx
SetWindowOrgEx
SetPaletteEntries
CreateRectRgn
SetStretchBltMode
CreateBitmap
SaveDC
GetSystemPaletteUse
GetDIBits
GetTextMetricsW
CreateCompatibleBitmap
CreateHatchBrush
SelectPalette
EnumFontsW
DPtoLP
RemoveFontResourceW
GetTextColor
EndPage
GetBkMode
SetBrushOrgEx
CreateCompatibleDC
GetObjectA
CreateDIBitmap
DeleteDC
PtVisible
CreatePen
SetLayout
OffsetViewportOrgEx
EnumFontFamiliesExW
SetViewportOrgEx
CreateFontIndirectA
GetTextCharsetInfo

msvcrt

wcscmp
strerror
wcsrchr
_controlfp
iswdigit
__set_app_type
strpbrk
__p__fmode
ftell
wcstod
fprintf
__p__commode
srand
getenv
towlower
isprint
sprintf
_amsg_exit
qsort
_initterm
strspn
wcsncpy
_acmdln
putc
fputc
exit
_ismbblead
wcstol
fclose
towupper
_XcptFilter
strchr
atoi
wcspbrk
_exit
strncmp
realloc
floor
_cexit
isupper
strcoll
__setusermatherr
sscanf
__getmainargs
perror

Exports

Exports

?AddTimerExA@@YGPAKPAF&U
?AddFullNameA@@YGPAHPAKPAHMPAN&U
?SendSemaphoreOld@@YG_NPAJJ&U
?ShowNameExA@@YGNNPAK&U
?InstallClassW@@YGKG&U
?IsValidOptionNew@@YGXHK&U
?ValidateKeyNameExA@@YGPAFNPAE&U
?HideWindowNew@@YGPAXPAKHI&U
?InstallExpressionW@@YGPAHIFF&U
?AddHeaderOriginal@@YGPAJPAHMI&U
?OnListItemExA@@YGDPAJNG&U
?IsValidClassW@@YGPAXKMD&U
?CloseDeviceExW@@YGEEG&U
?FreeKeyboard@@YGGPAKPAKJ&U
?FreeMediaTypeExW@@YGDG_NPAJE&U
?SendMessage@@YGJMPANNJ&U
?CopyWidthExA@@YGGIDN&U
?FormatRectExW@@YGPAKJE&U
?DecrementWindowInfoW@@YGKI&U
?CrtWindowInfoExW@@YGMPANPANDM&U
?InstallProcessExA@@YGPAEPAI_NNPAH&U
?FindClassOriginal@@YGFFKPAHD&U
?ModifyKeyNameNew@@YGXJPA_NPAM&U
?OnMediaTypeA@@YGKKGPAD&U
?FormatPointA@@YGPAGPAG&U
?SetProcessEx@@YGDDMI&U
?SetScreenW@@YGPAXMPAJI&U
?KillPathEx@@YGNHEPAFPAJ&U
?CallMediaTypeEx@@YGPA_NM_N&U
?InstallFilePathOriginal@@YGKPAEJKPAM&U
?InstallVersionOriginal@@YGEPAE&U
?SendTimeExA@@YGPAMHG&U
?GetMemoryA@@YGXMH_N&U
?IncrementTimeA@@YGPAFD&U
?CopyPathExW@@YGI_N&U
?HidePenA@@YGMPAEPAFG&U
?RemoveHeightOriginal@@YGKI&U
?RtlHeaderEx@@YGHHKI&U

Sections

.text
Size: 101KB - Virtual size: 100KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.imp
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.exp
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.byte1
Size: 512B - Virtual size: 32B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.code
Size: 512B - Virtual size: 32B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.byte0
Size: 512B - Virtual size: 44B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 6KB - Virtual size: 41KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 97KB - Virtual size: 97KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

3a78108867355af932ac5062c3a2470a

Headers

File Characteristics

PDB Paths

Imports

comctl32

user32

kernel32

gdi32

msvcrt

Exports

Exports

Sections

.text Size: 101KB - Virtual size: 100KB

.imp Size: 1KB - Virtual size: 1KB

.exp Size: 1KB - Virtual size: 1KB

.byte1 Size: 512B - Virtual size: 32B

.code Size: 512B - Virtual size: 32B

.byte0 Size: 512B - Virtual size: 44B

.data Size: 13KB - Virtual size: 13KB

.rdata Size: 6KB - Virtual size: 41KB

.rsrc Size: 97KB - Virtual size: 97KB

.reloc Size: 2KB - Virtual size: 1KB

.text
Size: 101KB - Virtual size: 100KB

.imp
Size: 1KB - Virtual size: 1KB

.exp
Size: 1KB - Virtual size: 1KB

.byte1
Size: 512B - Virtual size: 32B

.code
Size: 512B - Virtual size: 32B

.byte0
Size: 512B - Virtual size: 44B

.data
Size: 13KB - Virtual size: 13KB

.rdata
Size: 6KB - Virtual size: 41KB

.rsrc
Size: 97KB - Virtual size: 97KB

.reloc
Size: 2KB - Virtual size: 1KB