96f064e79b1eb3a6b0aefed335a05d53_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

96f064e79b1eb3a6b0aefed335a05d53_JaffaCakes118
Size

218KB
MD5

96f064e79b1eb3a6b0aefed335a05d53
SHA1

666c654a2da11b16952c5acf57d000aca3edb6a6
SHA256

1444d016aef1d83705a986693d0c3b8d8b175b0497c94f82c2ed9129d6fabf3a
SHA512

a0ea2e2397a25d9bd924d215ed2d42dab74e80d60d47589acfaa01370ed9415a7d9fcbb7766e0c4a941101bd0dc98ca4bdfb4506fafd2d3bd33376f245e6c45b
SSDEEP

6144:kWDSJgeJHWVbx4OJtsRcM5+h0/9a5B5tLB:lgJgbmO/fMOK8l

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
96f064e79b1eb3a6b0aefed335a05d53_JaffaCakes118

Files

96f064e79b1eb3a6b0aefed335a05d53_JaffaCakes118
.exe windows:5 windows x86 arch:x86

42b7b3498c69ff469f0db8bee429b1c5

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

V:\qlsgvuGioe\owmndltkcdkn\ilgGdvciSsVy\uwnHvizwX\vdwijRoeZLnRVG.pdb

Imports

gdi32

GetBitmapBits
Polygon
SetViewportExtEx
SaveDC
StartPage
CreatePenIndirect
GetROP2
GetCharWidth32W
EnumFontsW
RemoveFontResourceW
PathToRegion
GetDIBColorTable
SelectPalette
DPtoLP
Polyline
EndPage
CreateCompatibleDC
GetTextFaceW
RoundRect
SetTextAlign
MoveToEx
PtVisible
WidenPath
GetFontData
ResizePalette
SetMapMode
GetClipBox
GetTextCharsetInfo
SetViewportOrgEx
GetLayout
CreateBrushIndirect
SetBitmapBits
SetWindowOrgEx
GetCurrentObject
GetViewportOrgEx
EnumFontFamiliesW
CreatePolygonRgn
GetDIBits
BitBlt
PolyBezier
PatBlt
GetTextExtentPointA
TextOutA
CreatePen
DeleteDC
EnumFontFamiliesExW
GetTextExtentExPointW

msvcrt

isprint
_controlfp
wcsstr
__set_app_type
__p__fmode
wcstod
wcstol
floor
wcscoll
__p__commode
_amsg_exit
getc
_initterm
wcscat
strerror
_acmdln
time
iswxdigit
exit
iswdigit
printf
wcsncpy
_ismbblead
tolower
strcoll
_XcptFilter
strcspn
wcsrchr
mbstowcs
clock
sprintf
fprintf
_exit
free
_cexit
vsprintf
__setusermatherr
wcsncmp
__getmainargs
ungetc
gets
fflush
strncpy
fgets
fgetc
vswprintf

comdlg32

GetFileTitleW
CommDlgExtendedError
PrintDlgW
FindTextW

kernel32

GetSystemTimeAsFileTime
LocalUnlock
GetFileType
SetCommMask
SleepEx
CreateDirectoryW
SizeofResource
GetCurrentProcessId
SetHandleCount
CompareStringW
SetCurrentDirectoryW
CopyFileA
FindNextFileA
FlushFileBuffers
GetSystemDirectoryA
FindFirstChangeNotificationW
GetBinaryTypeW
CreateFileW
DisconnectNamedPipe
GetCommConfig
SetNamedPipeHandleState
GetStringTypeExW
WaitForMultipleObjects
RemoveDirectoryW
DeleteFileA
lstrcmpiA
lstrlenA
TlsFree
GetThreadLocale
SuspendThread
SetMailslotInfo
SetEndOfFile
OpenSemaphoreW
CopyFileW
EnterCriticalSection
ExitThread
GetStartupInfoA
CreateFileA
GetShortPathNameW
WriteFile
GlobalHandle
GlobalUnlock
VirtualQuery
HeapSize
ReadConsoleInputA
GetBinaryTypeA
GetCurrentThread
TryEnterCriticalSection
WideCharToMultiByte
CreateWaitableTimerW
FindNextChangeNotification
SetupComm

user32

CheckMenuRadioItem
ToUnicodeEx
LoadIconW
CharLowerA
IsChild
InvalidateRect
MessageBoxExA
GetDlgItemInt
SendNotifyMessageW
SetWindowRgn
GetMenuItemInfoW
SetCaretPos
LoadAcceleratorsA
GetClassInfoExW
DrawTextW
LoadMenuA
SetWindowPos
DrawAnimatedRects
GetMenuItemID
GetScrollInfo
PostMessageA
FindWindowA
EnumThreadWindows
InSendMessageEx
GetDCEx
IsCharLowerA
GetFocus
LoadAcceleratorsW
InsertMenuW
IsDlgButtonChecked
DestroyMenu
OpenIcon
CharLowerW
SetPropW
TranslateAcceleratorW
EndTask
CopyImage
SetWindowTextW
PtInRect
CharNextW
ReplyMessage
LoadCursorW
CharNextExA
CharNextA
DestroyCaret
GetMenuState
PostQuitMessage
UnionRect
SetUserObjectInformationW
SetRectEmpty
ChangeMenuW
SetScrollPos
RegisterWindowMessageA
TrackPopupMenu
CharToOemBuffA
GetScrollPos
OpenInputDesktop
ScreenToClient
GetDialogBaseUnits
TrackPopupMenuEx
AdjustWindowRect
CheckDlgButton
DrawTextA
InsertMenuItemW
ShowCursor
CallWindowProcW
DrawFocusRect
EnableScrollBar
IsDialogMessageA
SetWindowPlacement
FindWindowExW
UpdateWindow
GetMonitorInfoW
PostMessageW
ChildWindowFromPoint
GetCaretPos
BeginPaint
WaitMessage
SetRect
SetMenuItemBitmaps
ReleaseDC
EnableWindow
TranslateAcceleratorA
wsprintfA
GetUpdateRgn
GetSysColorBrush
CharUpperBuffW
MessageBoxA
IsRectEmpty
GetWindowTextLengthW
MapVirtualKeyW
SetForegroundWindow
CharToOemW
SendInput
InternalGetWindowText
SendMessageTimeoutA
RemovePropW
LoadImageA
MapDialogRect
DeleteMenu
GetDC
MonitorFromRect
SetWindowTextA
AppendMenuA
SetScrollRange
CharUpperA
LoadImageW
LoadBitmapA
LoadStringA
GetLastActivePopup
GetKeyState

Exports

Exports

?LoadAnchor@@YGPAHPAH&U
?GetWindowA@@YGPAJPAJPAJDI&U
?CrtMonitorA@@YGHHPAE&U
?CallDateTimeExW@@YGDHPAE&U
?IncrementMemoryW@@YGMF&U
?ValidateDialogOriginal@@YGPADFK&U
?KillProvider@@YGXG&U
?AddValueNew@@YGJPAMIHH&U
?FreeWindowEx@@YGPAXGDGK&U
?ModifyMessageW@@YGEENK&U
?RemoveSystemExA@@YGPAJKKDD&U
?ComponentOld@@YGJPAIFPAE&U
?InvalidateClassOld@@YGEMPAFEK&U
?CloseEventExA@@YGFPAMPAMPAJ&U
?InsertMutantOld@@YGDMPA_NPAG&U
?GlobalHeaderExW@@YGHPAF&U
?InvalidateAppNameNew@@YGFGN&U
?DecrementTimeA@@YGGPAJPAH&U
?GetFolderW@@YGPAEH&U
?PointerExA@@YGXPAKEE&U
?AddSemaphoreExW@@YGXHIE&U
?IsValidTaskW@@YGPAEPA_N&U
?StateOld@@YGFJG&U
?InvalidatePathOld@@YGXFFJH&U
?InsertWidthExA@@YGFPAEPAIK&U
?IsFileW@@YGPAXPAFD&U
?IsValidMutantExW@@YGX_NJPAM&U
?InstallRectOriginal@@YGDJK&U
?InvalidateProviderEx@@YGEE&U
?GenerateMutantA@@YGDHEPAMI&U
?PutMediaTypeExA@@YGPAFPAI&U
?GenerateDialog@@YGGPAF&U
?SetWindowOriginal@@YGIJJMK&U
?InstallFolderPathOriginal@@YGFPAHH&U

Sections

.text
Size: 82KB - Virtual size: 82KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.imdat
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.edata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.vars3
Size: 512B - Virtual size: 32B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 6KB - Virtual size: 60KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 109KB - Virtual size: 108KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

42b7b3498c69ff469f0db8bee429b1c5

Headers

File Characteristics

PDB Paths

Imports

gdi32

msvcrt

comdlg32

kernel32

user32

Exports

Exports

Sections

.text Size: 82KB - Virtual size: 82KB

.imdat Size: 1KB - Virtual size: 1KB

.edata Size: 1KB - Virtual size: 1KB

.vars3 Size: 512B - Virtual size: 32B

.data Size: 13KB - Virtual size: 13KB

.rdata Size: 6KB - Virtual size: 60KB

.rsrc Size: 109KB - Virtual size: 108KB

.reloc Size: 2KB - Virtual size: 1KB

.text
Size: 82KB - Virtual size: 82KB

.imdat
Size: 1KB - Virtual size: 1KB

.edata
Size: 1KB - Virtual size: 1KB

.vars3
Size: 512B - Virtual size: 32B

.data
Size: 13KB - Virtual size: 13KB

.rdata
Size: 6KB - Virtual size: 60KB

.rsrc
Size: 109KB - Virtual size: 108KB

.reloc
Size: 2KB - Virtual size: 1KB