940b698aa1751343e114c6ffec99b0a8_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

940b698aa1751343e114c6ffec99b0a8_JaffaCakes118
Size

224KB
MD5

940b698aa1751343e114c6ffec99b0a8
SHA1

075bcbfb5c3785c3df80579f10c4155b15cbc6ac
SHA256

cf591e23481739f227e153305c9fa80817bf2fc6afcfd7fbc3d17bc7b8ed7fac
SHA512

12477e74f3b4b020e7d147ebe6dbe3e21a1dc33b7545647047b3294b8dd17ebbafe7a007dfce10046a20079708def0f0a982334ee03e7a558da5ee939801f75a
SSDEEP

6144:ojJCmeJ14Hoc4wIJKHm60hK321m/hd2iRygY:oVCmeL4IlD6532U/X2pg

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
940b698aa1751343e114c6ffec99b0a8_JaffaCakes118

Files

940b698aa1751343e114c6ffec99b0a8_JaffaCakes118
.exe windows:5 windows x86 arch:x86

c5f3c73845845dc310e11c9f56c1c23b

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

J:\zxgMtgo\zytbrtmtSZx\vwmBeHvbt\ooXwxdj.pdb

Imports

user32

DeleteMenu
IsMenu
OemToCharA
GetClassLongW
BringWindowToTop
GetMenuItemRect
CharUpperA
SetWindowTextW
ModifyMenuW
LoadMenuA
SetLastErrorEx
InternalGetWindowText
GetMessageTime
FindWindowExA
SetForegroundWindow
InSendMessage
SendMessageTimeoutA
RegisterWindowMessageW
ExitWindowsEx
WaitMessage
AdjustWindowRectEx
DragObject
DispatchMessageW
CallWindowProcA
CharNextA
IsCharLowerA
CreateCursor
GetMessageExtraInfo
RegisterHotKey
EndPaint
SetFocus
IsWindowUnicode
GetScrollRange
GetMenuItemInfoW
EnumChildWindows
OpenInputDesktop
OffsetRect
EndTask
ReleaseDC
InvertRect
MoveWindow
PostQuitMessage
GetForegroundWindow
MessageBoxExW
GetDoubleClickTime
GetScrollInfo
TranslateMessage
ShowCaret
MapVirtualKeyA
BeginPaint
GetSystemMenu
GetFocus
IsDialogMessageW
IsDialogMessageA
EnableScrollBar
WaitForInputIdle
ChildWindowFromPointEx
TrackPopupMenu
LockWindowUpdate
LoadCursorW
UnionRect
LoadIconW
GetWindow
DialogBoxParamA
CallWindowProcW
ChildWindowFromPoint
IsCharUpperA
CheckDlgButton
GetWindowRect
GetMenuState
ToUnicodeEx
DrawMenuBar
CharToOemA
EqualRect
ClientToScreen
SwitchToThisWindow
GetUserObjectInformationW
RegisterClassExA
RegisterClassExW
IsWindow
ValidateRect
HiliteMenuItem
SendInput
RegisterClassW
EnumThreadWindows
TranslateAcceleratorW
HideCaret
UnregisterClassA

kernel32

GetCurrentThread
SetLocalTime
GetSystemDefaultUILanguage
SetEvent
GetUserDefaultLCID
LocalReAlloc
CompareStringA
CreateFileA
GetDateFormatA
CreateFileMappingA
GetVersionExW
GetFileType
HeapWalk
WaitForSingleObjectEx
CreateThread
QueryPerformanceCounter
CloseHandle
AddAtomW
GetTempFileNameW
GetAtomNameW
BuildCommDCBAndTimeoutsA
lstrcatW
DeleteAtom
CreateRemoteThread
LoadLibraryA
SetSystemTimeAdjustment
lstrcpyA
SetFilePointer
FindFirstChangeNotificationW
WaitForSingleObject
FindNextFileW
TlsGetValue
GetCommModemStatus
lstrcatA
CreateFileMappingW
MulDiv
GlobalLock
GetCommProperties
VerSetConditionMask
SetNamedPipeHandleState
GetComputerNameA

comdlg32

ChooseFontW
GetFileTitleW
GetSaveFileNameA

msvcrt

_controlfp
isprint
toupper
atol
__set_app_type
wcsncpy
__p__fmode
towupper
iswalpha
strcpy
wcscat
perror
wcscpy
isalnum
__p__commode
swprintf
_amsg_exit
wcsncmp
malloc
_initterm
wcstombs
_acmdln
exit
strspn
_ismbblead
putchar
time
_XcptFilter
wcscspn
putc
wcspbrk
_exit
_cexit
setvbuf
clearerr
__setusermatherr
iswctype
fflush
__getmainargs

gdi32

FillRgn
CreateFontIndirectA
GetTextExtentPoint32W
CreateFontA
RectInRegion
SelectPalette
StartPage
EndPage
LPtoDP
CreatePenIndirect
StretchBlt
GetObjectW
GetTextColor
GetObjectA
TextOutA
SetViewportOrgEx
CreateDiscardableBitmap
MoveToEx
CreateICW
TranslateCharsetInfo
PathToRegion
CreatePalette
SetBkColor
LineTo
Escape
SetTextColor
BeginPath
WidenPath
GetDIBits
GetSystemPaletteUse
ExtTextOutA
SetBitmapBits
EnumFontFamiliesW
DPtoLP
SetBkMode
SelectClipRgn
FlattenPath
SelectObject

Exports

Exports

?ResetEventHDJhjhFff@@YGKEPA_WG@Z
?ResetEventHDhjdDYUuYdf@@YGKEPA_WG@Z

Sections

.text
Size: 180KB - Virtual size: 179KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 28KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.dbg_
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

c5f3c73845845dc310e11c9f56c1c23b

Headers

File Characteristics

PDB Paths

Imports

user32

kernel32

comdlg32

msvcrt

gdi32

Exports

Exports

Sections

.text Size: 180KB - Virtual size: 179KB

.data Size: 28KB - Virtual size: 28KB

.dbg_ Size: 12KB - Virtual size: 11KB

.rsrc Size: 512B - Virtual size: 16B

.reloc Size: 2KB - Virtual size: 2KB

.text
Size: 180KB - Virtual size: 179KB

.data
Size: 28KB - Virtual size: 28KB

.dbg_
Size: 12KB - Virtual size: 11KB

.rsrc
Size: 512B - Virtual size: 16B

.reloc
Size: 2KB - Virtual size: 2KB