a2a453547e61e7f68d408c266d2a15b2_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

a2a453547e61e7f68d408c266d2a15b2_JaffaCakes118
Size

222KB
MD5

a2a453547e61e7f68d408c266d2a15b2
SHA1

a82cac1fe8afe25b5f706a8b46bd98bc87e33ef0
SHA256

a1c39f54627dec2bd6ee767542e7b10c51f987247dfa29247ab975b8e43815ec
SHA512

fd529c9915903774f8ac069145f1817b130769b12de08b097791669447d9103cfb10cb0c7bc532ba2f68c05b166c15b9cf0b689a5026e98e2ccb033160d8042d
SSDEEP

6144:Es6/f1DJd8ulFaVjqGu2Jay/a9D8c5KO:EPBlFaVbJP/aKp

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a2a453547e61e7f68d408c266d2a15b2_JaffaCakes118

Files

a2a453547e61e7f68d408c266d2a15b2_JaffaCakes118
.exe windows:5 windows x86 arch:x86

fd0ae633be223726a7867c012cabb950

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

L:\qXnQtXpwnlK\ySNpZcpSjezixv\YvdHJDSt.pdb

Imports

user32

ShowCaret
PtInRect
IsRectEmpty
EqualRect
DrawFocusRect
SetCursorPos
CharLowerBuffW
ChildWindowFromPointEx
SetPropW
SetWindowTextW
GetUserObjectInformationA
VkKeyScanW
BringWindowToTop
DeleteMenu
DefWindowProcW
DestroyAcceleratorTable
wsprintfW
GetWindowPlacement
GetKeyNameTextW
EnableWindow
GetWindowLongW
GetIconInfo
CreateWindowExA
AdjustWindowRect
CreateCursor
GetAsyncKeyState
GetForegroundWindow
MapDialogRect
GetWindowTextLengthW
GetDCEx
EndPaint
SetWindowPos
CharPrevA
LookupIconIdFromDirectory
CallWindowProcW
LoadAcceleratorsA
DispatchMessageW
GetMessagePos
OpenIcon
CreateIconFromResource
GetDesktopWindow
GetWindowLongA
CopyRect
DrawStateW
DrawTextA
ShowWindowAsync
WaitForInputIdle
SetForegroundWindow
TrackPopupMenu
MessageBoxA
GetScrollInfo
GetClipCursor
GetWindow
CharToOemW
AppendMenuA
GetWindowRect
FindWindowA
SetScrollInfo
OpenInputDesktop
GetFocus
IsWindow
GetDC
IsCharLowerA
CreatePopupMenu
GetMessageExtraInfo
GetDlgItemInt
GetMenuStringA
GetLastActivePopup
SetWindowTextA
SendNotifyMessageW
WaitMessage
DispatchMessageA
TabbedTextOutW
SetMenu
CharToOemBuffA
FindWindowExA
DeferWindowPos
IsDialogMessageA
GetUserObjectInformationW
ValidateRect
SetSysColors
DefFrameProcW
GetMenuItemID
SetRect
EndDialog
LoadMenuA
TileWindows
OemToCharA
InflateRect
CheckMenuRadioItem
SetDlgItemTextA
CreateCaret
DefDlgProcW
SendDlgItemMessageW
CharUpperW
LoadAcceleratorsW
AdjustWindowRectEx
OpenDesktopW
CharLowerA
CallWindowProcA
IsCharAlphaW
DrawIconEx
DestroyMenu
SetWindowLongA
GetSubMenu
wsprintfA
GetSystemMenu
PeekMessageA

comdlg32

PageSetupDlgW
ReplaceTextW
GetOpenFileNameA
CommDlgExtendedError

comctl32

ImageList_AddMasked
InitCommonControlsEx
CreatePropertySheetPageW
ImageList_SetIconSize
DestroyPropertySheetPage
CreatePropertySheetPageA

msvcrt

calloc
fgetc
strtol
_controlfp
strchr
__set_app_type
wcsncpy
__p__fmode
vswprintf
isupper
getenv
__p__commode
localtime
isalpha
mktime
wcscat
_amsg_exit
_initterm
fgets
clock
free
iswxdigit
_acmdln
isprint
exit
wcspbrk
_ismbblead
fputc
_XcptFilter
_exit
wcstol
strerror
wcstombs
_cexit
iswalpha
__setusermatherr
time
malloc
wcstoul
fprintf
wcschr
tolower
strtoul
sscanf
strspn
__getmainargs

kernel32

lstrcmpiW
SizeofResource
GetFileAttributesExA
GlobalSize
GetFullPathNameA
SetFileAttributesA
FindCloseChangeNotification
CompareStringA
LoadLibraryExA
CreateWaitableTimerA
IsBadReadPtr
GetLastError
HeapCreate
SetLocalTime
EnumSystemLocalesA
MoveFileExA
IsBadCodePtr
CreateFileW
FlushFileBuffers
GetCurrentProcessId
GetCommProperties
GetFileInformationByHandle
GlobalReAlloc
SetCommState
SleepEx
SetCommBreak
GetProcAddress
CloseHandle
FindResourceA
SetHandleInformation
VirtualAlloc
EnumResourceLanguagesA
UnmapViewOfFile
VirtualFree
MoveFileExW
WriteConsoleInputW
SetThreadAffinityMask
MapViewOfFile
SetPriorityClass
GetBinaryTypeW
GetSystemWindowsDirectoryA
GetAtomNameW
FileTimeToDosDateTime
GetUserDefaultLangID
LCMapStringW
ResumeThread
DefineDosDeviceW
SetupComm
HeapReAlloc
GlobalAddAtomW
GetCurrentProcess
DeviceIoControl
OpenEventA
SetCommTimeouts

gdi32

SetTextColor
GetCurrentObject
SetPaletteEntries
DPtoLP
RectInRegion
StartPage
SaveDC
EnumFontFamiliesW
FillRgn
GetTextExtentPointW
SetWindowOrgEx
GetCharWidth32W
SetWindowExtEx
GetTextColor
GetDeviceCaps
SetViewportOrgEx
EnumFontFamiliesExW
SetPixel
SetROP2
GetRgnBox
GetTextMetricsA
GetPaletteEntries
CreatePen
WidenPath
UnrealizeObject
AddFontResourceW
SetBkColor
ResizePalette
ExtFloodFill
CreateHalftonePalette
PtVisible
GetTextAlign
RealizePalette
SetBitmapDimensionEx
LPtoDP
RoundRect
Escape
GetLayout
MoveToEx
Rectangle
CreateFontA
CreateHatchBrush
CreateICW
SetAbortProc

Exports

Exports

?IsValidConfigExA@@YGJPAJPAGG~U
?FindPenOriginal@@YGXPAGEFJ~U
?CallSystemNew@@YGXPAI~U
?IncrementClassOriginal@@YGPADPAJ~U
?CloseKeyNameOld@@YGXPAK~U
?IsSizeA@@YGPAEE~U
?ValidateWindowInfoNew@@YGXNMGPA_N~U
?FreeTaskExA@@YGHPAKPAG~U
?InvalidatePointExW@@YGHIFHF~U
?InsertFullNameA@@YGPAXINIG~U
?KillAppNameExA@@YGPAKPAI~U
?FreeAnchorExA@@YG_NKI~U
?ValidateChar@@YGPAGIPAGK~U
?DeleteHeaderW@@YGKHKPAM~U
?ExpressionEx@@YGHDMDPAG~U
?KillValueOriginal@@YGGMPAMG~U
?EnumValueA@@YGXDFM~U
?CrtOptionA@@YGJMGJF~U
?ModifyTime@@YGXKPAD~U
?SetNameOriginal@@YG_NEPADPAF~U
?EnumAppName@@YGKHPANHE~U
?GenerateProviderOld@@YGPAJMPAEJ~U
?LoadMediaTypeExA@@YGDPAJJM~U
?CrtArgumentEx@@YGPAMH~U
?FormatThreadOld@@YGDPAI_NPAD~U
?CancelMediaTypeNew@@YGGPADJPANPA_N~U
?CloseWindowInfoOld@@YGEJNKPAE~U
?FormatFileA@@YGEPAG_N~U
?EnumRect@@YGXPAEPAMPAI~U
?CloseFileA@@YGGPAE~U
?CloseScreen@@YGPAKFHE~U
?RtlProjectOriginal@@YGXPADKHF~U

Sections

.text
Size: 193KB - Virtual size: 192KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.tbl_i
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tbl_e
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bdat3
Size: 512B - Virtual size: 32B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bdat0
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bdat1
Size: 512B - Virtual size: 32B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bdat2
Size: 512B - Virtual size: 44B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.vptr4
Size: 512B - Virtual size: 32B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 1024B - Virtual size: 622B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

fd0ae633be223726a7867c012cabb950

Headers

File Characteristics

PDB Paths

Imports

user32

comdlg32

comctl32

msvcrt

kernel32

gdi32

Exports

Exports

Sections

.text Size: 193KB - Virtual size: 192KB

.tbl_i Size: 1KB - Virtual size: 1KB

.tbl_e Size: 1KB - Virtual size: 1KB

.bdat3 Size: 512B - Virtual size: 32B

.bdat0 Size: 5KB - Virtual size: 5KB

.bdat1 Size: 512B - Virtual size: 32B

.bdat2 Size: 512B - Virtual size: 44B

.vptr4 Size: 512B - Virtual size: 32B

.data Size: 13KB - Virtual size: 13KB

.rdata Size: 1024B - Virtual size: 622B

.rsrc Size: 512B - Virtual size: 16B

.reloc Size: 2KB - Virtual size: 2KB

.text
Size: 193KB - Virtual size: 192KB

.tbl_i
Size: 1KB - Virtual size: 1KB

.tbl_e
Size: 1KB - Virtual size: 1KB

.bdat3
Size: 512B - Virtual size: 32B

.bdat0
Size: 5KB - Virtual size: 5KB

.bdat1
Size: 512B - Virtual size: 32B

.bdat2
Size: 512B - Virtual size: 44B

.vptr4
Size: 512B - Virtual size: 32B

.data
Size: 13KB - Virtual size: 13KB

.rdata
Size: 1024B - Virtual size: 622B

.rsrc
Size: 512B - Virtual size: 16B

.reloc
Size: 2KB - Virtual size: 2KB