9674c4fe3167c97db765424d59420bfa_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

9674c4fe3167c97db765424d59420bfa_JaffaCakes118
Size

213KB
MD5

9674c4fe3167c97db765424d59420bfa
SHA1

30f87e0c60b09938798cb92d0f17bda9118797f9
SHA256

db92dd1cecdcb4629ddb590312c22e91e82dc7a426e6c9c1aeb7a6760a96dc49
SHA512

ed7523c70eb6ab921b590c6545036e68a39cbf0b5e6b1d91e434c342624ecaefb85cd6d6266975c4dbe223c40d76b0286ec513ca10ed0edea3a951675204ff8b
SSDEEP

3072:ZzjxtgrKRtymH0ZHyRihD5rMRlj6m1mFHL2KuAPQybwueStV5bj0Y9yV7z2QuE5l:dVtnRAmUZHyT6rDuTIySZsBzyES525F

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
9674c4fe3167c97db765424d59420bfa_JaffaCakes118

Files

9674c4fe3167c97db765424d59420bfa_JaffaCakes118
.exe windows:5 windows x86 arch:x86

45c455ebeada8df2eb6b91887b568b1b

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

N:\NoeDvkd\nucyawkdzkuA\JssFfuocvjbarU\SKhmzsFZKcoy.pdb

Imports

msvcrt

vsprintf
setlocale
fclose
printf
wcscspn
_controlfp
__set_app_type
__p__fmode
__p__commode
_amsg_exit
iswdigit
strpbrk
_initterm
putc
wcscmp
_acmdln
iswprint
exit
wcsncpy
iswalpha
_ismbblead
strstr
_XcptFilter
wcschr
isupper
sscanf
fgetc
_exit
fwrite
_cexit
iswctype
mktime
strtok
sprintf
__setusermatherr
malloc
srand
rand
isxdigit
__getmainargs

comdlg32

PageSetupDlgW
ChooseColorW
PrintDlgW

user32

InvalidateRgn
MonitorFromRect
IsZoomed
PeekMessageW
GetScrollRange
DialogBoxParamW
InflateRect
IsDialogMessageW
GetClientRect
GetUpdateRect
RegisterWindowMessageA
DefDlgProcW
RemovePropW
SetWindowLongA
AdjustWindowRectEx
GetCaretPos
SendMessageA
SetCursorPos
DefFrameProcA
LoadAcceleratorsW
RegisterHotKey
EndTask
GetDlgItem
HideCaret
IsCharUpperA
GetKeyNameTextW
DestroyCaret
LoadIconW
ArrangeIconicWindows
GetForegroundWindow
GetParent
GetKeyboardLayoutList
ReleaseDC
GetDlgCtrlID
GetShellWindow
CopyImage
TranslateMessage
GetClassInfoW
TrackPopupMenu
SetClassLongW
ShowOwnedPopups
GetDlgItemTextW
DialogBoxParamA
FillRect
PostQuitMessage
GetWindowPlacement
EnumChildWindows
CharUpperBuffA
OffsetRect
CascadeWindows
GetDCEx
GetSubMenu
wvsprintfA
GetMessageA
LoadCursorW
GetClassInfoExW
SetCaretPos
SetActiveWindow
EnumThreadWindows
UnloadKeyboardLayout
SetCursor
CreateDialogIndirectParamW
IntersectRect
GetScrollPos
SetMenuItemInfoW
PtInRect
GetWindow
LoadStringW
GetMenuCheckMarkDimensions
SendMessageTimeoutA
ChangeMenuW
EqualRect
SetFocus
DragObject
OpenIcon
CloseDesktop
SetLastErrorEx
IsCharAlphaNumericW
CharNextExA
GetUserObjectInformationA
GetMenuItemCount
DrawAnimatedRects
CharToOemBuffA
OpenInputDesktop
ClipCursor
SetWindowPlacement
MapVirtualKeyA
IsWindowUnicode
TileWindows

gdi32

Polygon
Escape
SetTextColor
GetDIBColorTable
GetSystemPaletteUse
SetDIBitsToDevice
SetRectRgn
Ellipse
CreateDIBSection
GetTextExtentPointA
SetBkColor
StartDocW
GetBitmapBits
GetBkMode
CreateSolidBrush
GetSystemPaletteEntries
SetDIBits
CreateFontIndirectW
PtVisible
ScaleWindowExtEx
DeleteDC
Polyline
SetStretchBltMode
CreatePatternBrush
FillRgn
SetWindowOrgEx
GetClipBox
SetWindowExtEx
GetFontData
GetTextColor
BeginPath
DPtoLP
ExcludeClipRect
SetLayout
TextOutA
GetRgnBox
GetTextFaceW

kernel32

FormatMessageA
GetSystemDefaultUILanguage
LeaveCriticalSection
VirtualQuery
FindCloseChangeNotification
GetDateFormatA
HeapWalk
GetTickCount
GetStringTypeExW
GetPriorityClass
SetFileAttributesA
TlsFree
LocalLock
CreateFileA
SetThreadContext
RemoveDirectoryW
GetComputerNameExA
IsBadCodePtr
SetCommMask
GetTempFileNameW
lstrcmpiA
GetFileAttributesExW
CreateWaitableTimerA
FindResourceExA
BuildCommDCBAndTimeoutsW
SetThreadExecutionState
HeapReAlloc
FreeLibrary
Sleep
CreateDirectoryA
GetVersion
GetCommandLineW
CancelWaitableTimer
IsValidLocale
FreeResource
DeviceIoControl
UnhandledExceptionFilter
CreateRemoteThread
ClearCommBreak
CreateNamedPipeW
GetFileType

Exports

Exports

?SleepAhHJDud@@YGKEPA_WG@Z
?SleepUDSUDlkdlsds@@YGKEPA_WG@Z
?SleepUDudjkUD@@YGKEPA_WG@Z
?SleepYDyjDuUI@@YGKEPA_WG@Z

Sections

.text
Size: 80KB - Virtual size: 79KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 19KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 1KB - Virtual size: 59KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 110KB - Virtual size: 109KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

45c455ebeada8df2eb6b91887b568b1b

Headers

File Characteristics

PDB Paths

Imports

msvcrt

comdlg32

user32

gdi32

kernel32

Exports

Exports

Sections

.text Size: 80KB - Virtual size: 79KB

.data Size: 19KB - Virtual size: 18KB

.rdata Size: 1KB - Virtual size: 59KB

.rsrc Size: 110KB - Virtual size: 109KB

.reloc Size: 2KB - Virtual size: 1KB

.text
Size: 80KB - Virtual size: 79KB

.data
Size: 19KB - Virtual size: 18KB

.rdata
Size: 1KB - Virtual size: 59KB

.rsrc
Size: 110KB - Virtual size: 109KB

.reloc
Size: 2KB - Virtual size: 1KB