a2f56911f72697b7fcb838b903a92c2f_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

a2f56911f72697b7fcb838b903a92c2f_JaffaCakes118
Size

212KB
MD5

a2f56911f72697b7fcb838b903a92c2f
SHA1

643f018398631e72b51513831ac5422611a9d21f
SHA256

5da0da0e61eb72c9fd7c612e71795208cc1110dd03ad9339ab9108ee70d10246
SHA512

534f87c90bb9bdd8d016d1f0004bcbd2660183885c6ac4bda793cbbf9545708c4acd91bcf0d38fbbe1f8e17c4f8467d65fc5e9548623e3deab9fff6e3af58a79
SSDEEP

6144:rmtwG5zNXiBfNI1SIEItUwsmdI1EddjXERO/:bFh8kwU1md3/

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a2f56911f72697b7fcb838b903a92c2f_JaffaCakes118

Files

a2f56911f72697b7fcb838b903a92c2f_JaffaCakes118
.exe windows:5 windows x86 arch:x86

d3692d054325b18c7f3d35aca927b6fd

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

L:\zygcaiwbw\jmmTnlf\hyDhbgHvIGbsv\YbTHGPrsoeyjv.pdb

Imports

user32

RemoveMenu
GetDlgItem
GetWindowRect
GetActiveWindow
ChangeMenuW
SetCaretPos
EndDialog
CloseDesktop
InsertMenuA
DefWindowProcA
GetMessagePos
DialogBoxIndirectParamW
CharToOemA
LoadMenuA
OemToCharA
WindowFromPoint
SetFocus
SwitchToThisWindow
SetTimer
LoadStringW
EndTask
TabbedTextOutW
LoadAcceleratorsW
GetSysColor
GetMenuItemInfoW
SendMessageTimeoutA
HideCaret
GetClassLongW
IsCharAlphaNumericW
GetWindow
CreateIconIndirect
SetSysColors
DrawEdge
RedrawWindow
SetForegroundWindow
DestroyCursor
UnloadKeyboardLayout
GetCursorPos
TranslateMessage
OffsetRect
GetAsyncKeyState
DrawTextW
GetWindowDC
GetScrollRange
GetWindowLongA
IsRectEmpty
SystemParametersInfoA
SetClassLongW
CascadeWindows
wvsprintfW
CallWindowProcA
GetMenuItemCount
CallWindowProcW
CreateMenu
SetCursorPos
GetSystemMenu
EndPaint
GetLastActivePopup
AdjustWindowRectEx
TranslateAcceleratorA
ShowWindowAsync
CharLowerW
ShowOwnedPopups
GetWindowPlacement
GetMessageTime
IsWindowEnabled
OemToCharBuffA
keybd_event
EnableMenuItem
InSendMessageEx
InSendMessage
ToUnicodeEx
DefFrameProcA
GetWindowTextW
CreatePopupMenu
LoadIconW
FindWindowA
GetDialogBaseUnits
GetMenuState
GetKeyState
DrawFocusRect
LoadIconA
SetLastErrorEx
SetMenu
CharUpperBuffA
LoadImageW
GetShellWindow
GetDlgItemTextA
IsDlgButtonChecked
SetRect
PostThreadMessageA
CheckRadioButton
GetCaretPos
ClipCursor
ScrollWindowEx
GetKeyNameTextW
IsCharLowerA
EnumChildWindows
MapDialogRect
MessageBoxExA
GetNextDlgTabItem
DefDlgProcW
CheckDlgButton
SetMenuItemBitmaps
GetUpdateRgn
DeleteMenu
RemovePropW

kernel32

HeapSize
ClearCommBreak
SetHandleCount
CreateEventW
CreateMailslotW
IsBadReadPtr
IsValidLanguageGroup
LoadLibraryA
VirtualAlloc
GetVersion
SetThreadAffinityMask
CreateMutexA
GlobalLock
IsBadCodePtr
GetCurrentThread
PulseEvent
FormatMessageW
UnhandledExceptionFilter
GlobalMemoryStatus
RemoveDirectoryA
GetFileTime
GetTimeZoneInformation
GetUserDefaultLCID
SetUnhandledExceptionFilter
CreateSemaphoreA
lstrcmpA
SetFilePointer
SetEndOfFile
SetSystemTimeAdjustment
GetTimeFormatW
GlobalAddAtomW
GlobalDeleteAtom
lstrcmpiW
GlobalGetAtomNameW
GetCommandLineA
lstrcpynW
CreateWaitableTimerW
SetPriorityClass
LoadResource
LoadLibraryW
CloseHandle
GlobalFindAtomW
EnterCriticalSection
GetSystemTimeAdjustment
CreateNamedPipeA
ConnectNamedPipe
VirtualQuery
OpenEventA
GetLocaleInfoW

msvcrt

fgets
iswxdigit
_controlfp
free
toupper
__set_app_type
isalpha
putchar
__p__fmode
wcstod
clock
iswprint
__p__commode
_amsg_exit
_initterm
_acmdln
exit
wcscat
gets
perror
wcscmp
strtok
setlocale
wcspbrk
strcpy
fgetc
strncmp
_ismbblead
_XcptFilter
wcstoul
getc
fflush
_exit
isupper
_cexit
strstr
strcspn
__setusermatherr
atol
fputs
fclose
__getmainargs
strpbrk
localtime
isspace

gdi32

SetWindowOrgEx
OffsetViewportOrgEx
GetTextColor
CreatePolygonRgn
CreateRoundRectRgn
SetAbortProc
GetTextFaceW
Ellipse
MoveToEx
SetDIBits
TextOutW
GetObjectA
SetLayout
DPtoLP
GetSystemPaletteEntries
GetTextExtentPointA
PtVisible
GetLayout
GetDIBColorTable
IntersectClipRect
SetBitmapDimensionEx
ExtFloodFill
GetTextExtentPointW
Escape
UnrealizeObject
ScaleViewportExtEx
PolyBezier
GetTextCharsetInfo
SetDIBitsToDevice
CreateBitmapIndirect
DeleteDC
SetViewportOrgEx
Polyline
CreateFontIndirectW
StartDocW
ExtTextOutA
SaveDC
FillRgn
PatBlt
SetROP2
ExtTextOutW
GetTextExtentPoint32A
GetCharWidth32W
PathToRegion

comctl32

ImageList_SetIconSize
DestroyPropertySheetPage
ImageList_LoadImageW
PropertySheetW
ImageList_Destroy
ImageList_Draw

Exports

Exports

?ModifyClassEx@@YGKMPAGPAI@Z
?FreeDialogNew@@YGMGPAM@Z
?IncrementWindowInfoNew@@YGPAFPAMJM@Z
?LoadAnchorEx@@YGPAJJJG@Z
?LoadArgumentEx@@YGJPAGMN@Z
?IsNotPointExA@@YGJPA_NKIF@Z
?CrtOptionOld@@YGXIPAE@Z
?SendClassOriginal@@YGDFPAKNPAM@Z
?EnumSizeOld@@YGPAFPAJ_N@Z
?RtlProjectExW@@YGXMPAMFPAF@Z
?CopySemaphoreExW@@YGGPAIPANF@Z
?SendObjectW@@YGFPA_NPAE@Z
?EnumFolderW@@YGPAEEPAFPAJD@Z
?FindPointerOriginal@@YGKPAFPAKH@Z
?CopyPointExA@@YGGK@Z
?RtlComponentEx@@YGDG@Z
?GenerateFolderA@@YGXMHD@Z
?HideTaskNew@@YGXD@Z
?InvalidateMutexOld@@YGXJJPAKG@Z
?InsertStringOld@@YGDPAJ@Z
?GetPointExA@@YGXPAJGPAIPAN@Z
?GenerateHeaderNew@@YGPAXN@Z
?CopyMonitorA@@YGFM@Z
?InsertFilePathW@@YGFDMJ@Z
?CallOptionW@@YGEPAE@Z
?IsNotCommandLineOld@@YGPAXMPAD@Z
?FormatFolderW@@YGMH_N@Z
?GetEventA@@YGEPAI@Z
?IncrementFunctionOld@@YGPAIPADM@Z
?OnSection@@YGHEPAEPAFK@Z
?InstallMonitorOld@@YGXEK@Z
?ValidatePenW@@YGNPAGEG@Z
?FullNameNew@@YGPAXE@Z
?CancelHeight@@YGPAFPAF@Z
?IsKeyNameNew@@YGXGN@Z

Sections

.text
Size: 184KB - Virtual size: 184KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.tbl_i
Size: 1024B - Virtual size: 1024B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tbl_e
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bdat3
Size: 512B - Virtual size: 32B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bdat0
Size: 512B - Virtual size: 32B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bdat1
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bdat2
Size: 512B - Virtual size: 44B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.vptr4
Size: 512B - Virtual size: 32B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 1024B - Virtual size: 757B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d3692d054325b18c7f3d35aca927b6fd

Headers

File Characteristics

PDB Paths

Imports

user32

kernel32

msvcrt

gdi32

comctl32

Exports

Exports

Sections

.text Size: 184KB - Virtual size: 184KB

.tbl_i Size: 1024B - Virtual size: 1024B

.tbl_e Size: 1KB - Virtual size: 1KB

.bdat3 Size: 512B - Virtual size: 32B

.bdat0 Size: 512B - Virtual size: 32B

.bdat1 Size: 5KB - Virtual size: 5KB

.bdat2 Size: 512B - Virtual size: 44B

.vptr4 Size: 512B - Virtual size: 32B

.data Size: 13KB - Virtual size: 13KB

.rdata Size: 1024B - Virtual size: 757B

.rsrc Size: 512B - Virtual size: 16B

.reloc Size: 2KB - Virtual size: 1KB

.text
Size: 184KB - Virtual size: 184KB

.tbl_i
Size: 1024B - Virtual size: 1024B

.tbl_e
Size: 1KB - Virtual size: 1KB

.bdat3
Size: 512B - Virtual size: 32B

.bdat0
Size: 512B - Virtual size: 32B

.bdat1
Size: 5KB - Virtual size: 5KB

.bdat2
Size: 512B - Virtual size: 44B

.vptr4
Size: 512B - Virtual size: 32B

.data
Size: 13KB - Virtual size: 13KB

.rdata
Size: 1024B - Virtual size: 757B

.rsrc
Size: 512B - Virtual size: 16B

.reloc
Size: 2KB - Virtual size: 1KB