96cc28faabbd806340c4db2dbdaa7af2_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

96cc28faabbd806340c4db2dbdaa7af2_JaffaCakes118
Size

220KB
MD5

96cc28faabbd806340c4db2dbdaa7af2
SHA1

ec72bec30f6576ff1b427cbd90899d41088c60ac
SHA256

b0cfac35c13a764854140aa54a51003ee0725345e8d1309b59993ae65974254f
SHA512

dde193ffd9f2e5212122316206a6702c01be54231fdc5cb8346a81615140d6923347476bb708143fbc9ea03d5081f6e7910b7c43a7d83457a15c1f2aca2e5ea2
SSDEEP

3072:1b1EfHp6XHDmNH2ggTPK9JfSRWLRyQI7Vy0So3PsKgUjNe3ks7uuZZ3FGP9dDTLO:1b16J6XHEH9gMItyMgUy7R3FO5s

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
96cc28faabbd806340c4db2dbdaa7af2_JaffaCakes118

Files

96cc28faabbd806340c4db2dbdaa7af2_JaffaCakes118
.exe windows:5 windows x86 arch:x86

8987adb45e5f97b0dd6cfe0fa7b6e2b5

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

Y:\OISCjxxcboe\DByNtkVkltpav\utqQIljRwV\boVGKckYowc.pdb

Imports

msvcrt

_controlfp
wcsstr
isspace
getc
__set_app_type
wcscspn
putchar
printf
strerror
clock
putc
fclose
__p__fmode
__p__commode
sscanf
_amsg_exit
isxdigit
mbtowc
iswxdigit
_initterm
exit
wcstok
ungetc
strcoll
system
getenv
gets
isalpha
localtime
iswprint
strncmp
isupper
_ismbblead
_XcptFilter
_exit
fgetc
_cexit
__setusermatherr
strchr
swscanf
__getmainargs
wcsncpy
wcscpy
isalnum

comdlg32

GetOpenFileNameW
PrintDlgExW
GetSaveFileNameW
ChooseColorW
FindTextW
GetFileTitleW

comctl32

CreatePropertySheetPageA
InitCommonControlsEx
CreatePropertySheetPageW
ImageList_LoadImageW
ImageList_Draw
CreateToolbarEx

user32

GetCursorPos
EnableMenuItem
GetKeyboardType
MessageBoxW
GetIconInfo
DrawFocusRect
GetSysColor
GetWindowTextA
LockWindowUpdate
CharPrevA
CreateDialogParamW
ActivateKeyboardLayout
CreateCursor
SetTimer
LoadCursorA
LoadMenuA
PostMessageA
AdjustWindowRect
CharToOemBuffA
TranslateAcceleratorA
IsMenu
FindWindowW
GetDCEx
IsCharUpperA
SetLastErrorEx
ShowOwnedPopups
CharPrevW
SendMessageTimeoutW
GetWindowTextW
EnumChildWindows
SetFocus
SetWindowLongA
GetClientRect
SetUserObjectInformationW
TileWindows
OemToCharA
DefWindowProcW
InsertMenuItemW
SetForegroundWindow
SendMessageW
IsWindow
SetScrollRange
GetClassLongW
GetClassInfoW
IsZoomed
GetScrollPos
UnloadKeyboardLayout
GetKeyNameTextW
AttachThreadInput
MonitorFromPoint
LoadStringW
ReleaseDC
ShowWindowAsync
GetMenu
FindWindowExW
VkKeyScanW
MapDialogRect
MessageBoxExA
GetDesktopWindow
GetMessagePos
DrawStateA
EqualRect
CheckRadioButton
GetMenuCheckMarkDimensions
SetWindowRgn
GetLastActivePopup
SetWindowPlacement
LoadAcceleratorsW
LoadAcceleratorsA
AdjustWindowRectEx
SendDlgItemMessageW
SetMenuDefaultItem
SendMessageA
GetDlgItemTextA
EnableWindow
MapVirtualKeyExW
GetMonitorInfoW
GetDoubleClickTime
RegisterClassExW
RegisterWindowMessageW
OemToCharBuffA
ChangeMenuW
SetDlgItemInt
GetFocus
CharToOemA
FrameRect
SwitchToThisWindow
TrackPopupMenu
KillTimer
CreateWindowExW
OffsetRect
DefDlgProcW
CharNextW
OpenIcon
mouse_event
DefFrameProcA
WindowFromPoint
DestroyWindow
wvsprintfW
GetUpdateRgn
ModifyMenuW
LoadImageW
ClientToScreen
GetParent
DefFrameProcW
GetMenuItemRect
MessageBoxA
GetPropW
IsWindowVisible

gdi32

CreateHatchBrush
SetMapMode
GetPaletteEntries
SetPaletteEntries
EnumFontFamiliesExW
GetTextExtentPointW
SelectPalette
SetWindowOrgEx
GetDIBits
UnrealizeObject
MoveToEx
OffsetViewportOrgEx
CreatePalette
SetROP2
CreatePatternBrush
CreateDIBitmap
WidenPath
RectInRegion
GetTextAlign
CreateBrushIndirect
ScaleWindowExtEx
DPtoLP
Polygon
OffsetRgn
SetBrushOrgEx
Polyline
CreateBitmap
Rectangle
CreateFontA
CreateFontIndirectA
SetLayout
RestoreDC
SetTextAlign
ScaleViewportExtEx
EndDoc
GetNearestPaletteIndex
SetBitmapDimensionEx
GetStockObject
Escape
SetViewportExtEx
GetTextExtentPoint32A
Ellipse
BeginPath
CreateFontW

psapi

GetProcessImageFileNameA

kernel32

GetCommandLineW
GetCommTimeouts
CreateMailslotW
SetSystemTime
LoadResource
GetProcessHeap
CreateFileA
TlsGetValue
FreeResource
FlushViewOfFile
CreateDirectoryW
GetTempFileNameW
VerSetConditionMask
CreateNamedPipeA
MultiByteToWideChar
GetFileAttributesExA
LocalSize
GetLocaleInfoA
DeleteFileA
GlobalMemoryStatusEx
ClearCommBreak
DeleteFileW
CreateRemoteThread
OpenFile
FindClose
WaitForMultipleObjectsEx
CallNamedPipeW
RaiseException
UnlockFile
GetThreadPriority
GetWindowsDirectoryW
AreFileApisANSI
GetStartupInfoA
IsBadReadPtr
RegisterWaitForSingleObject
GetUserDefaultLangID
HeapAlloc
TransactNamedPipe
LockResource
ExitThread
DeviceIoControl
VerifyVersionInfoW
GetLongPathNameW
GetComputerNameW
EnumResourceNamesA
FindResourceW
SetFileAttributesA
SetTimerQueueTimer
TerminateThread
ResumeThread
LoadLibraryA
lstrcatW
HeapFree
GetCommState
LeaveCriticalSection

Exports

Exports

?CancelValueExW@@YGPAHPAIPAEFPAH]A
?InsertTimerExA@@YGPADPAKPAKJ]A
?InsertNameExW@@YGKPAJ]A
?FormatHeaderEx@@YGMGPAE]A
?KillClassOriginal@@YGIDPAJPAGI]A
?CopyScreenOriginal@@YGPADPAM]A
?OnMonitorW@@YGEHIPAI]A
?CancelFolderPathExA@@YGDE]A
?DecrementTaskW@@YGPAGJPAIMI]A
?KillArgumentExA@@YGPAXD]A
?EnumWindowInfoOld@@YGXK]A
?AddObjectExA@@YGGIHN]A
?GenerateWindowInfoOld@@YGMPA_NGE_N]A
?IsNotListOld@@YGIEIH]A
?HideArgumentExA@@YGDPA_NIPAFK]A
?SetTimerExA@@YGGPA_NMJI]A
?IsTimeExA@@YGJPAGIPAGJ]A
?PutPathOriginal@@YGMPAKD]A
?ValidateRectOld@@YGFG]A
?InstallSizeW@@YGPADFF]A
?RemoveTextExA@@YGPAXHPAE]A
?CrtPointEx@@YGFE]A
?CallHeaderA@@YGJPAEIEPAJ]A
?AddOption@@YGXJKKH]A
?GetWidthOld@@YGXFHFM]A
?DeleteModuleOld@@YGXFH_N]A
?ShowTaskOld@@YGJ_NNPAD]A
?InstallProjectExW@@YG_NEPAKD]A
?RtlProfile@@YGFKIEPAK]A
?CallThreadExW@@YGPAXIPAK]A
?CancelCharOld@@YGMJE]A
?SendFunctionExW@@YGPAIDFPAKE]A
?RtlKeyboardNew@@YGPAIM_ND]A
?IsConfigNew@@YGFE]A
?FreeScreen@@YGKGE]A
?CallPointEx@@YG_NPAFJH]A

Sections

.text
Size: 193KB - Virtual size: 192KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 24KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

8987adb45e5f97b0dd6cfe0fa7b6e2b5

Headers

File Characteristics

PDB Paths

Imports

msvcrt

comdlg32

comctl32

user32

gdi32

psapi

kernel32

Exports

Exports

Sections

.text Size: 193KB - Virtual size: 192KB

.data Size: 24KB - Virtual size: 23KB

.rsrc Size: 512B - Virtual size: 16B

.reloc Size: 2KB - Virtual size: 1KB

.text
Size: 193KB - Virtual size: 192KB

.data
Size: 24KB - Virtual size: 23KB

.rsrc
Size: 512B - Virtual size: 16B

.reloc
Size: 2KB - Virtual size: 1KB