95be129c8b3fd60628dd41611a5289ce_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

95be129c8b3fd60628dd41611a5289ce_JaffaCakes118
Size

41KB
MD5

95be129c8b3fd60628dd41611a5289ce
SHA1

ed88c4315638b24f96b7f5b0420ff95d8787bf07
SHA256

829e4a2ab386f973ba0fb64a801ff51d120687d61e4c83d3802f6669de8caa3d
SHA512

9eacf1baa81c5644cfd19a25378b4ad97aca5b6e9264a9cb20da952fa8b874c49d354264706a994f6ef65b3224e6a1a29e56e393d0c7221dd1c8f246a4407706
SSDEEP

768:i26Ni7GG+JrO+y4UR9dlRlJqBzdpAs3vT+3vPcAqiC/1A0qEx2CG54u/J:i/5rkvRruNdC2TIPcjNG5/

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
95be129c8b3fd60628dd41611a5289ce_JaffaCakes118

Files

95be129c8b3fd60628dd41611a5289ce_JaffaCakes118
.exe windows:5 windows x86 arch:x86

d90b57fb80b9c413c961d4863aeb2209

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

T:\hymRalIO\udGxmgbmrKePfL\kRmKujsbwlSou\gxzyjrItjjcO.pdb

Imports

kernel32

lstrlenA
SetFileAttributesW
CompareFileTime
IsDBCSLeadByteEx
GetFileAttributesW
SetCurrentDirectoryW
QueryDosDeviceW
GetSystemTimeAsFileTime
SleepEx
GetHandleInformation
SetTimerQueueTimer
CreateFileMappingW
SetNamedPipeHandleState
FileTimeToSystemTime
GetModuleFileNameA
UnmapViewOfFile
GetComputerNameExA
IsBadStringPtrW
SetHandleCount
CreateNamedPipeA
SetCommTimeouts
SetLocalTime
ClearCommError
GetAtomNameA
GetSystemDirectoryW
CreateMailslotW
CreateEventW
SetThreadContext
TlsFree
FindResourceExA
lstrcpyW
LocalReAlloc
UnlockFile
GetSystemWindowsDirectoryW
VirtualFree
CreateNamedPipeW
SetCurrentDirectoryA
GetLastError
GetModuleHandleA
GlobalUnlock
MoveFileA
GetThreadTimes
SetThreadPriority
GetStdHandle
LoadLibraryW
SetUnhandledExceptionFilter
VirtualQuery
GetModuleFileNameW
Sleep
ResetEvent
CompareStringA
WaitForMultipleObjectsEx
SizeofResource
GlobalFindAtomW
SetThreadLocale
FindFirstFileA
WaitCommEvent

msvcrt

_controlfp
setvbuf
iswdigit
wcstok
strtol
wcstoul
wcscoll
wcscmp
swprintf
strncpy
__set_app_type
vswprintf
putc
__p__fmode
printf
mktime
fwrite
malloc
__p__commode
_amsg_exit
free
wcscpy
_initterm
_ismbblead
gmtime
strchr
mbtowc
wcsstr
fclose
wcschr
ungetc
rand
towlower
_XcptFilter
wcstol
fputc
setlocale
_exit
srand
fflush
_cexit
getenv
__setusermatherr
__getmainargs
fgetc
fread
sscanf

comdlg32

GetOpenFileNameW
CommDlgExtendedError
GetSaveFileNameA
PrintDlgExW
ChooseColorW
FindTextW

user32

RegisterHotKey
PeekMessageA
RegisterWindowMessageW
GetShellWindow
CharLowerW
ChildWindowFromPointEx
SetCaretPos
IsWindowEnabled
EqualRect
ClientToScreen
SendInput
LoadBitmapW
GetWindowTextLengthW
LoadImageW
GetNextDlgGroupItem
VkKeyScanA
ShowCaret
InvalidateRect
FillRect
BeginDeferWindowPos
LoadAcceleratorsW
AttachThreadInput
DefFrameProcA
LoadMenuW
GetUserObjectInformationA
GetClassLongA
FrameRect
DrawIconEx
TranslateMessage
DestroyMenu
RegisterWindowMessageA
DestroyCursor
CharUpperBuffA
GetForegroundWindow
FindWindowExW
GetWindowTextA
GetScrollPos
ShowScrollBar
SetPropW
GetSubMenu
LoadStringW
GetDC
CreateCaret
CharToOemBuffA
TabbedTextOutW
SetTimer
CreateCursor
TileWindows
ReplyMessage
DrawAnimatedRects
DefDlgProcW
EnableWindow
GetMenuItemRect
DrawStateW
FindWindowW
GetCursorPos
SetMenu
DrawStateA
SetDlgItemTextW
KillTimer
WaitMessage
SetLastErrorEx
GetSystemMenu
GetDoubleClickTime
SendDlgItemMessageW
IsCharAlphaA
GetClassInfoExA
IsWindowUnicode
SetActiveWindow
FindWindowExA
SetClassLongW
SetCursor
MapVirtualKeyA
RegisterClassExA
GetTopWindow
GetFocus
GetMessageW
wsprintfA
DefWindowProcW
DrawEdge
GrayStringW
CharUpperA
DrawFocusRect
CheckMenuRadioItem
ActivateKeyboardLayout
CheckRadioButton
IsCharAlphaNumericW
CascadeWindows
GetDlgItemTextA
OemToCharBuffA
CharUpperW
LoadCursorW
TrackPopupMenu
CreateWindowExA
ChildWindowFromPoint
GetUpdateRgn
SetWindowLongW
GetMenuStringA
DefDlgProcA
ShowWindowAsync
SetParent
GetClassLongW
SystemParametersInfoW
GetPropW
MessageBoxExW
SendMessageW
RegisterClassA
IsChild
LoadIconA
MonitorFromRect
DrawFrameControl
CreateDialogParamA
GetKeyNameTextW
SetRectEmpty
TrackPopupMenuEx
FindWindowA
IsDialogMessageW
CharLowerA
GetWindowDC
RemoveMenu
BringWindowToTop
DestroyIcon
GetWindowPlacement
GetSystemMetrics

Exports

Exports

?RegenerateMainValues@@YGKPBDDPAX:O

Sections

.text
Size: 22KB - Virtual size: 22KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.e_tab
Size: 512B - Virtual size: 125B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.redit
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.i_tab
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.site
Size: 1024B - Virtual size: 622B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.wdata
Size: 512B - Virtual size: 192B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d90b57fb80b9c413c961d4863aeb2209

Headers

File Characteristics

PDB Paths

Imports

kernel32

msvcrt

comdlg32

user32

Exports

Exports

Sections

.text Size: 22KB - Virtual size: 22KB

.e_tab Size: 512B - Virtual size: 125B

.redit Size: 1KB - Virtual size: 1KB

.data Size: 2KB - Virtual size: 1KB

.i_tab Size: 6KB - Virtual size: 5KB

.site Size: 1024B - Virtual size: 622B

.wdata Size: 512B - Virtual size: 192B

.rsrc Size: 6KB - Virtual size: 6KB

.text
Size: 22KB - Virtual size: 22KB

.e_tab
Size: 512B - Virtual size: 125B

.redit
Size: 1KB - Virtual size: 1KB

.data
Size: 2KB - Virtual size: 1KB

.i_tab
Size: 6KB - Virtual size: 5KB

.site
Size: 1024B - Virtual size: 622B

.wdata
Size: 512B - Virtual size: 192B

.rsrc
Size: 6KB - Virtual size: 6KB