96caa7299136c4fd4c8412ffd3d02e09_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

96caa7299136c4fd4c8412ffd3d02e09_JaffaCakes118
Size

221KB
MD5

96caa7299136c4fd4c8412ffd3d02e09
SHA1

9195b2429ff7d8c4a5e2b7f3da7b4157797a9926
SHA256

bc66fd40640da9a4666e09f241046c325533283ab5f31dab126dc52a5f128ad3
SHA512

3a1b5be46bed6ea608aefac6182d43a4b30143c649a332f3db7c6b8a1907d80f789a276792626bb34bdf2634756fab5d3f7c965d31e65685f376832077afd3d7
SSDEEP

3072:TPLIfSS6kL62CxjpNnXMQZTtCZ8joj7GsRisgvcXpM2hrxhVd1PQJO7sewsFugsY:bLcgNnXMg5GlgUXpVh99wsFu5SMq

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
96caa7299136c4fd4c8412ffd3d02e09_JaffaCakes118

Files

96caa7299136c4fd4c8412ffd3d02e09_JaffaCakes118
.exe windows:5 windows x86 arch:x86

e304a6766c671cb66cf0a1085257229e

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

P:\XatFgMrJm\QqBfkbnKnhg\rtTwqXqxydmH\arZrHhhl\azrNauNxlnSeLn.pdb

Imports

user32

RegisterClassW
IsCharAlphaNumericA
LoadCursorW
SetScrollRange
SetParent
GetSystemMenu
TranslateAcceleratorA
PostMessageA
LoadStringA
GetScrollPos
OpenInputDesktop
SetScrollPos
RedrawWindow
SwitchToThisWindow
InvertRect
RegisterWindowMessageW
SendMessageW
CreatePopupMenu
RegisterClassExW
CharLowerW
GetMenuCheckMarkDimensions
SetWindowLongW
ShowCaret
BringWindowToTop
MessageBoxExA
CharPrevW
GetUpdateRect
GetDC
OemToCharBuffA
InSendMessageEx
GetWindowLongW
MapVirtualKeyExW
SendDlgItemMessageA
GetKeyboardLayoutNameW

comctl32

ImageList_Destroy
ImageList_Draw
CreatePropertySheetPageW
ImageList_Write
ImageList_LoadImageW

gdi32

IntersectClipRect
EndPage
SetDIBColorTable
CreateRectRgnIndirect
GetROP2
GetBkMode
RealizePalette
GetFontData
StartPage
FillRgn
CreatePalette
ScaleWindowExtEx
GetCharWidth32W
GetTextMetricsW

msvcrt

strpbrk
wcscpy
_controlfp
__set_app_type
__p__fmode
__p__commode
_amsg_exit
putc
_initterm
_acmdln
exit
system
realloc
_ismbblead
_XcptFilter
strncpy
_exit
wcsncpy
iswdigit
_cexit
__setusermatherr
bsearch
__getmainargs
swprintf

comdlg32

PageSetupDlgW
CommDlgExtendedError

kernel32

WaitForMultipleObjects
GetComputerNameExW
CopyFileW
GetShortPathNameW
CreateFileMappingW
QueryDosDeviceW
GetModuleHandleA
GetTimeZoneInformation
DefineDosDeviceW
GlobalFindAtomW
CreateWaitableTimerW
CreateEventA
GetStdHandle
GetTimeFormatA
lstrlenA

Exports

Exports

AlphaBlend
GradientFill
TransparentBlt
?ExecuteImageEUYIDH@@YGKEPA_WG@Z

Sections

.text
Size: 178KB - Virtual size: 177KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.idat
Size: 512B - Virtual size: 400B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.dat_0
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.xdiag
Size: 512B - Virtual size: 28B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.dat_1
Size: 512B - Virtual size: 200B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.dat_2
Size: 1024B - Virtual size: 863B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ydiag
Size: 512B - Virtual size: 90B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 32KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e304a6766c671cb66cf0a1085257229e

Headers

File Characteristics

PDB Paths

Imports

user32

comctl32

gdi32

msvcrt

comdlg32

kernel32

Exports

Exports

Sections

.text Size: 178KB - Virtual size: 177KB

.idat Size: 512B - Virtual size: 400B

.data Size: 2KB - Virtual size: 2KB

.dat_0 Size: 2KB - Virtual size: 2KB

.xdiag Size: 512B - Virtual size: 28B

.dat_1 Size: 512B - Virtual size: 200B

.dat_2 Size: 1024B - Virtual size: 863B

.ydiag Size: 512B - Virtual size: 90B

.rsrc Size: 32KB - Virtual size: 32KB

.reloc Size: 1KB - Virtual size: 1KB

.text
Size: 178KB - Virtual size: 177KB

.idat
Size: 512B - Virtual size: 400B

.data
Size: 2KB - Virtual size: 2KB

.dat_0
Size: 2KB - Virtual size: 2KB

.xdiag
Size: 512B - Virtual size: 28B

.dat_1
Size: 512B - Virtual size: 200B

.dat_2
Size: 1024B - Virtual size: 863B

.ydiag
Size: 512B - Virtual size: 90B

.rsrc
Size: 32KB - Virtual size: 32KB

.reloc
Size: 1KB - Virtual size: 1KB