94dd065030105f045d4903bfb26c1945_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

94dd065030105f045d4903bfb26c1945_JaffaCakes118
Size

166KB
MD5

94dd065030105f045d4903bfb26c1945
SHA1

80a483a355c35edcb87d81e1851ca68783836d36
SHA256

060e1ae2e2b4e14351b9255593cdc5a892113514001a3482c51b7a0c2b8d5f42
SHA512

76088e69228dae4179b124aec3e45e266d9c9237ca205ac1aed622f012f70ebcc8095cbdd0e8028bcd88a41d08cb22de2944cf62ddebb90f3759920e5a8906cd
SSDEEP

3072:ooOwyGnVltuSWe7dJi+Dm5txjVUPm8C0RNmTi5ru9Z88WFdLmw:1fyGnduS9xJiHHYPqym25r+WFdLmw

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
94dd065030105f045d4903bfb26c1945_JaffaCakes118

Files

94dd065030105f045d4903bfb26c1945_JaffaCakes118
.exe windows:5 windows x86 arch:x86

f3940f11e02340e82021269db38ecd58

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

M:\dwxiKDdN\pyQknrlalrwwma\xsoveLpgixwbzv\mIrfEhNfqkvfjk\WRveEbXmyENFCw.pdb

Imports

shlwapi

ord29
StrToIntExA

user32

RegisterWindowMessageW
DestroyCaret
IsWindowVisible
GetUpdateRect
GetScrollRange
EndPaint
SetRectEmpty
EnumWindows
CharUpperBuffA
CreateDialogParamW
RemoveMenu
GetMessageA
GetKeyboardType
UnionRect
SendMessageTimeoutW
GetKeyState
SetWindowPos
MapWindowPoints
DrawAnimatedRects
GetWindowLongA
LoadBitmapA
ShowCursor
keybd_event
SetWindowRgn
GetTopWindow
BeginDeferWindowPos
SetScrollRange
OpenIcon
GetMenuState
GetClientRect
SetCursor
DrawMenuBar
LoadImageA
IsCharAlphaNumericW
GetClassInfoExW
DialogBoxIndirectParamA
OemToCharA
DrawIconEx
RegisterClassA
IsWindowUnicode
MonitorFromPoint
SetMenuItemBitmaps
DestroyWindow
GetSysColor

kernel32

GetTempFileNameA
CreateDirectoryA
SetCurrentDirectoryW
GlobalGetAtomNameA
LoadLibraryA
FreeLibrary
AddAtomW
GetTickCount
GetModuleHandleA
ConnectNamedPipe
InitializeCriticalSection
LoadLibraryW
FindFirstChangeNotificationW
SetFileTime
GetComputerNameExW
GetThreadLocale
GetSystemDirectoryA
CancelWaitableTimer
LocalFree
GlobalUnlock
VerifyVersionInfoW
FindResourceExA
lstrcmpiA

msvcrt

mktime
putc
_controlfp
wcscat
iswspace
__set_app_type
strtol
iswalpha
__p__fmode
fgets
strchr
__p__commode
strstr
_amsg_exit
strspn
_initterm
_acmdln
exit
_ismbblead
_XcptFilter
strncmp
swprintf
_exit
_cexit
__setusermatherr
__getmainargs
wcscspn

gdi32

CreateRoundRectRgn
CreateRectRgnIndirect
GetBkMode
CreateDIBSection
GetTextAlign
DPtoLP
GetPixel
RestoreDC
GetTextExtentPoint32A
LineDDA
Polyline
GetCharWidth32W
ExtTextOutA
StartDocW
SetROP2
CreatePenIndirect
StretchDIBits
GetTextMetricsW

Exports

Exports

?GetTimeEx@@YGIGDPA_NPAG~U
?DumpDigitalDataCBhJEB@@YGKGHE@Z
?CloseExpressionNew@@YGNE~U
?SetListExA@@YGHPAFM~U
?IncrementMemoryW@@YGNNJPAE~U

Sections

.text
Size: 21KB - Virtual size: 20KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.init
Size: 512B - Virtual size: 508B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tedat
Size: 512B - Virtual size: 454B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tidat
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 724B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.alloc
Size: - Virtual size: 128KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 135KB - Virtual size: 135KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f3940f11e02340e82021269db38ecd58

Headers

File Characteristics

PDB Paths

Imports

shlwapi

user32

kernel32

msvcrt

gdi32

Exports

Exports

Sections

.text Size: 21KB - Virtual size: 20KB

.init Size: 512B - Virtual size: 508B

.tedat Size: 512B - Virtual size: 454B

.tidat Size: 2KB - Virtual size: 2KB

.rdata Size: 1024B - Virtual size: 724B

.data Size: 2KB - Virtual size: 2KB

.alloc Size: - Virtual size: 128KB

.rsrc Size: 135KB - Virtual size: 135KB

.reloc Size: 2KB - Virtual size: 1KB

.text
Size: 21KB - Virtual size: 20KB

.init
Size: 512B - Virtual size: 508B

.tedat
Size: 512B - Virtual size: 454B

.tidat
Size: 2KB - Virtual size: 2KB

.rdata
Size: 1024B - Virtual size: 724B

.data
Size: 2KB - Virtual size: 2KB

.alloc
Size: - Virtual size: 128KB

.rsrc
Size: 135KB - Virtual size: 135KB

.reloc
Size: 2KB - Virtual size: 1KB