947d8fe4de9fdcd86bec4bc036948ab0_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

947d8fe4de9fdcd86bec4bc036948ab0_JaffaCakes118
Size

45KB
MD5

947d8fe4de9fdcd86bec4bc036948ab0
SHA1

d8144a9c28aad758df444846c3afad870eed75cb
SHA256

0a116ded2b06e55ce6c178e9e715f6f69758dc17ba9f4b3843137373839338f0
SHA512

4d2a4552346d9595a05301c718befcfbb7859edbcf1c3fa2de9031a62f94be8aba71d23485dd9d395ccea1945489d9a9ba05fdc0900277437b3afb8d7f0d2f9d
SSDEEP

768:gc2NjFn1ujZXvmticJinmDOxCRfcwt5DqcjyrJ6qwrLYxdhLfAU/WSZ9yv/:gc21ZMvmtic2PTq5D1jy1wr8AzSZ9I/

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
947d8fe4de9fdcd86bec4bc036948ab0_JaffaCakes118

Files

947d8fe4de9fdcd86bec4bc036948ab0_JaffaCakes118
.exe windows:5 windows x86 arch:x86

70945932ccfca6ccd73908025b49de5d

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

C:\FThNqgsx\pwsalrappvFwqw\sahlWAlzaLy.pdb

Imports

comdlg32

PrintDlgW
FindTextW
GetOpenFileNameA
GetSaveFileNameW
GetSaveFileNameA
GetFileTitleW

user32

GetMenu
DefWindowProcW
DrawIconEx
SetWindowLongW
RemoveMenu
SetDlgItemTextA
SetFocus
GetNextDlgGroupItem
InternalGetWindowText
ShowOwnedPopups
DrawStateW
DispatchMessageW
SetCursor
GetKeyNameTextW
DestroyCursor
GetDlgCtrlID
ReplyMessage
GetWindow
keybd_event
EndDialog
FindWindowExW
IsZoomed
GetMessageExtraInfo
GetCaretPos
SetMenu
RegisterClassExA
GetUpdateRgn
IsChild
SendMessageTimeoutW
CheckRadioButton
CreateIconFromResource
WaitMessage
GetMonitorInfoW
BeginPaint
SendNotifyMessageW
DrawTextA
SetRectEmpty
EnumChildWindows
GetShellWindow
DialogBoxParamW
CopyRect
IntersectRect
ShowCaret
GetScrollInfo
GetMenuItemInfoW
EqualRect
DialogBoxIndirectParamW
ShowWindow
GetDlgItem
DrawStateA
CloseDesktop
EnumThreadWindows
SendDlgItemMessageW
GetSystemMenu
CreateCaret
wvsprintfA
wvsprintfW
wsprintfA
LoadMenuA
GetWindowLongA
GetClassLongA
ExitWindowsEx
SetDlgItemTextW
WindowFromPoint
SetWindowTextW
CharUpperBuffA
RegisterClassExW
DestroyAcceleratorTable
InSendMessage
SendDlgItemMessageA
GetMenuStringW
GetWindowPlacement
CharToOemW
GetKeyboardType
DestroyWindow
SetWindowPos
HiliteMenuItem
DrawTextExW
GetKeyboardLayoutList
EndPaint
GetKeyboardLayout
FillRect
CallWindowProcA
LoadCursorA
CharUpperBuffW
SetPropW
SendMessageA
KillTimer
MonitorFromPoint
LockWindowUpdate
VkKeyScanW
SystemParametersInfoW
InSendMessageEx
SetClassLongW
DefDlgProcW
GetActiveWindow
DefFrameProcA
MoveWindow
OpenDesktopW
GetWindowTextW
LoadCursorW
ToUnicodeEx
CharUpperW
CreateMenu
CreateDialogIndirectParamW
IsDialogMessageA
SendInput
LoadImageW
ModifyMenuW
DeferWindowPos
GetDlgItemTextA
TileWindows
GetWindowLongW
IsCharAlphaNumericW
EnableMenuItem
GetDCEx
IsWindowEnabled
CharUpperA
ShowScrollBar
DestroyIcon

shlwapi

PathIsUNCA

kernel32

CompareStringW
HeapUnlock
PulseEvent
GetVersion
FindFirstFileW
OpenFileMappingW
GetDateFormatA
SetFileApisToOEM
GetStartupInfoA
Sleep
LCMapStringA
ReleaseSemaphore
FindFirstChangeNotificationW
GlobalAlloc
SetNamedPipeHandleState
GetCommModemStatus
AddAtomA
CancelWaitableTimer
CreateDirectoryW
GetStringTypeExW
HeapReAlloc
CreateSemaphoreW
GlobalGetAtomNameA
TerminateThread
SearchPathA
DefineDosDeviceW
MapViewOfFile
SetUnhandledExceptionFilter
VirtualQuery
VerSetConditionMask
SetLastError
AddAtomW
GetModuleFileNameW
FileTimeToLocalFileTime
GetWindowsDirectoryA
lstrcpyA
CreateDirectoryA
CreateFileW
GetStdHandle
MoveFileW
RaiseException
GetVersionExA
LeaveCriticalSection
UnlockFile
GlobalReAlloc
CompareStringA
SetLocalTime
FoldStringW
SetFileTime
FreeResource
GlobalCompact
LocalLock
SetThreadContext
ConnectNamedPipe
GetVersionExW

msvcrt

wcslen
_controlfp
strstr
iswspace
wcspbrk
malloc
__set_app_type
__p__fmode
fwrite
printf
strtol
iswxdigit
atoi
memset
setvbuf
__p__commode
wcsrchr
isspace
fread
realloc
clock
putc
gmtime
_amsg_exit
fflush
strspn
_initterm
_ismbblead
sscanf
wcstoul
clearerr
fgetc
_XcptFilter
_exit
wcschr
_cexit
strchr
fputc
free
iswprint
wcscat
__setusermatherr
isupper
fputs
strncmp
mktime
fclose
wcstod
remove
__getmainargs

Exports

Exports

?ForwardControlItem@@YGK_KK:O

Sections

.itext
Size: 21KB - Virtual size: 21KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.ips1
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ips2
Size: 512B - Virtual size: 88B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.read
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.ips3
Size: 512B - Virtual size: 192B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ips4
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 13KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

70945932ccfca6ccd73908025b49de5d

Headers

File Characteristics

PDB Paths

Imports

comdlg32

user32

shlwapi

kernel32

msvcrt

Exports

Exports

Sections

.itext Size: 21KB - Virtual size: 21KB

.ips1 Size: 6KB - Virtual size: 5KB

.ips2 Size: 512B - Virtual size: 88B

.read Size: 512B - Virtual size: 4KB

.ips3 Size: 512B - Virtual size: 192B

.data Size: 3KB - Virtual size: 2KB

.ips4 Size: 6KB - Virtual size: 5KB

.rsrc Size: 13KB - Virtual size: 12KB

.reloc Size: 2KB - Virtual size: 1KB

.itext
Size: 21KB - Virtual size: 21KB

.ips1
Size: 6KB - Virtual size: 5KB

.ips2
Size: 512B - Virtual size: 88B

.read
Size: 512B - Virtual size: 4KB

.ips3
Size: 512B - Virtual size: 192B

.data
Size: 3KB - Virtual size: 2KB

.ips4
Size: 6KB - Virtual size: 5KB

.rsrc
Size: 13KB - Virtual size: 12KB

.reloc
Size: 2KB - Virtual size: 1KB