a1d2bf7c7a8c03240a05c329b5060213_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

a1d2bf7c7a8c03240a05c329b5060213_JaffaCakes118
Size

214KB
MD5

a1d2bf7c7a8c03240a05c329b5060213
SHA1

c0a9c5bc7bce114165b7424917406912d33d1ea6
SHA256

6a6ffe2a1f774b456ec88ba31154f0891ba43a3287b2351852944537ff0cb423
SHA512

0ce8c5682cf63dba393d8483cb4f25041ddc361e17a063c18bc803b35166b4ae9a13ff6051773017e20acd758ca3450aa473377b2ae58d6fa29eb65a512add08
SSDEEP

6144:FRmrZRan33GZL3agYBwIrPja7e51jP+W3ZLLp027:jnnGTYBwkraQ3pd02

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a1d2bf7c7a8c03240a05c329b5060213_JaffaCakes118

Files

a1d2bf7c7a8c03240a05c329b5060213_JaffaCakes118
.exe windows:5 windows x86 arch:x86

ede9d452ac4c53a2c60a889a0fc827d1

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

D:\tcfkdKjvz\yDZtsxojga\XPsSJmzshvbgNY\xtbwkxq\mcqDfkhp.pdb

Imports

gdi32

GetClipBox
ExcludeClipRect
LPtoDP
CreateDIBSection
UnrealizeObject
GetLayout
CreatePatternBrush
RectVisible
GetDIBColorTable
PolyBezier
CreateBrushIndirect
ExtTextOutA
EnumFontsW
GetViewportOrgEx
EnumFontFamiliesW
DPtoLP
SaveDC
GetTextMetricsW
CreateCompatibleBitmap
GetNearestColor
SetMapMode
AddFontResourceW
GetObjectA
PtInRegion
GetTextExtentExPointW
TranslateCharsetInfo
GetTextCharsetInfo
RoundRect
CreateEllipticRgnIndirect
PathToRegion
CreatePalette
GetTextColor
GetTextExtentPointA
GetROP2
CreateHatchBrush
PatBlt
SetTextAlign

msvcrt

_controlfp
__set_app_type
strpbrk
strchr
wcsncpy
wcslen
wcsncmp
__p__fmode
strstr
clearerr
__p__commode
tolower
strcoll
fclose
putc
_amsg_exit
sscanf
_initterm
wcscpy
_acmdln
atoi
exit
getc
strcpy
_ismbblead
mbtowc
system
malloc
_XcptFilter
bsearch
_exit
perror
strspn
fgets
_cexit
__setusermatherr
iswalpha
isupper
__getmainargs
wcsrchr

user32

DrawStateA
LoadMenuW
DrawTextExW
GetDlgItemTextA
CharToOemBuffA
ClipCursor
GetNextDlgTabItem
InvalidateRgn
CreateDialogIndirectParamW
IntersectRect
GetKeyboardType
IsCharLowerA
MonitorFromPoint
MoveWindow
GetClipCursor
GetFocus
GetKeyboardLayoutNameW
ArrangeIconicWindows
EnableWindow
CascadeWindows
InflateRect
SetParent
PostQuitMessage
ActivateKeyboardLayout
SwapMouseButton
DeferWindowPos
GetDialogBaseUnits
SetWindowPos
BringWindowToTop
CharPrevW
AdjustWindowRectEx
UnloadKeyboardLayout
SetForegroundWindow
SendNotifyMessageW
OemToCharBuffA
DestroyCaret
CloseDesktop
CreateMenu
CheckMenuRadioItem
GetWindowTextW
ValidateRect
DispatchMessageW
LockWindowUpdate
IsChild
LoadStringW
GetWindowRect
ChildWindowFromPoint
GetUpdateRect
SendDlgItemMessageW
RegisterWindowMessageW
SetDlgItemInt
UnionRect
IsDialogMessageA
CreateWindowExW
DrawTextW
GetWindowTextA
SendMessageA
GetClassInfoExW
IsCharUpperA
CheckRadioButton
SendMessageTimeoutA
GetMenuItemID
DrawIconEx
DialogBoxParamA
CreateCaret
GetMenuStringW
RegisterClassExW
LoadBitmapA
MessageBoxExA
SetScrollRange
GetMenuCheckMarkDimensions
DeleteMenu
MessageBoxA
GetNextDlgGroupItem
SetActiveWindow
MapVirtualKeyW
wvsprintfW
SetCursor
GetWindowTextLengthW
LoadCursorW
FindWindowW
SetTimer
UpdateWindow
WaitMessage
TranslateAcceleratorA
InsertMenuW
SetLastErrorEx
CallWindowProcW
DefWindowProcA
GetMessagePos

kernel32

GlobalReAlloc
BuildCommDCBAndTimeoutsW
lstrcatA
LoadResource
GetNumberFormatA
IsValidLocale
ExitThread
SetErrorMode
GetCommState
SleepEx
GlobalAddAtomW
lstrcpyA
QueryDosDeviceW
GetSystemWindowsDirectoryW
TerminateThread
GlobalDeleteAtom
HeapUnlock
MoveFileExA
GetComputerNameExA
GetComputerNameExW
VirtualProtect
GetDateFormatA
GetStdHandle
TransactNamedPipe
GetFileInformationByHandle
FindCloseChangeNotification
lstrcmpW
ConnectNamedPipe
GetTickCount
GetStartupInfoA
LoadLibraryExW
AddAtomA
CompareFileTime
FileTimeToSystemTime
LoadLibraryA
GetTimeFormatA
MultiByteToWideChar
GetSystemDirectoryW
SetFileTime
GetLocaleInfoW
FreeResource

Exports

Exports

?SleepAhHJDud@@YGKEPA_WG@Z
?SleepUDSUDlkdlsds@@YGKEPA_WG@Z
?SleepUDudjkUD@@YGKEPA_WG@Z
?SleepYDyjDuUI@@YGKEPA_WG@Z

Sections

.text
Size: 81KB - Virtual size: 81KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 19KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 1KB - Virtual size: 57KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 109KB - Virtual size: 108KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ede9d452ac4c53a2c60a889a0fc827d1

Headers

File Characteristics

PDB Paths

Imports

gdi32

msvcrt

user32

kernel32

Exports

Exports

Sections

.text Size: 81KB - Virtual size: 81KB

.data Size: 19KB - Virtual size: 18KB

.rdata Size: 1KB - Virtual size: 57KB

.rsrc Size: 109KB - Virtual size: 108KB

.reloc Size: 2KB - Virtual size: 1KB

.text
Size: 81KB - Virtual size: 81KB

.data
Size: 19KB - Virtual size: 18KB

.rdata
Size: 1KB - Virtual size: 57KB

.rsrc
Size: 109KB - Virtual size: 108KB

.reloc
Size: 2KB - Virtual size: 1KB