a39068848dc4b06eacbe3946c6f9a156_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

a39068848dc4b06eacbe3946c6f9a156_JaffaCakes118
Size

60KB
MD5

a39068848dc4b06eacbe3946c6f9a156
SHA1

b30997126ccbfb75cd3efb35c01d1686e49716e3
SHA256

03cdc8fad83bef3c8d6a42809ceede874518e435565776fdfbf77460c40c1271
SHA512

0ba1e8cc2732a3421d2905ab76cb4a26fa429cfa2a6eeb8d8a73644274bf296a803ac5196c5c643457a8df37cebd06ba781fd1b6094dd93bd75046bb663a10a1
SSDEEP

1536:FscopaELqhAkVb9W25QcsdgdAvp1gEK/:FwpaELqhBVJj+eF

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a39068848dc4b06eacbe3946c6f9a156_JaffaCakes118

Files

a39068848dc4b06eacbe3946c6f9a156_JaffaCakes118
.exe windows:5 windows x86 arch:x86

1a2e11119d1bdb803c564cd6ba3ff527

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

M:\yIlgmnDiPoJOJu\croDuulkxqaq\Veyiypxefy\isaBrfeuc.pdb

Imports

comctl32

DestroyPropertySheetPage
PropertySheetA
CreateStatusWindowW
ImageList_Write
ImageList_Destroy
CreatePropertySheetPageW
ImageList_ReplaceIcon

user32

MonitorFromRect
GetSysColorBrush
SetDlgItemTextA
ScrollWindowEx
wsprintfW
DrawStateW
IsZoomed
DialogBoxParamA
GrayStringW
MessageBoxW
CharUpperW
TabbedTextOutW
LookupIconIdFromDirectory
MapWindowPoints
GetMenuCheckMarkDimensions
CharPrevW
GetMenuState
PostMessageA
GetMenuStringW
ToUnicodeEx
MessageBoxExW
CreateWindowExW
SendMessageTimeoutA
GetSystemMenu
GetDlgItem
GetScrollPos
DrawFrameControl
RegisterHotKey
SetRectEmpty
WaitForInputIdle
OpenInputDesktop
AttachThreadInput
GetWindowDC
DrawTextA
TranslateAcceleratorA
CreateIconFromResource
RedrawWindow
SetMenuItemBitmaps
CharLowerA
GetWindowLongA
GetMenuStringA
SetScrollRange
GetKeyboardType
CharLowerW
ChangeMenuW
IsCharAlphaA
GetMonitorInfoW
GetActiveWindow
FillRect
TrackPopupMenuEx
MapDialogRect
wsprintfA
FindWindowA
SetTimer
keybd_event
GetDC
LoadAcceleratorsA
CreateDialogParamW
CallWindowProcA
PostMessageW
SetDlgItemTextW
SetScrollInfo
DestroyWindow
ShowCaret
GetTopWindow
UnionRect
DrawFocusRect
LoadMenuA
SetMenuDefaultItem
EnableScrollBar
IsCharAlphaNumericW
LockWindowUpdate
ChildWindowFromPointEx
RegisterClassExA
IsWindowEnabled
GetWindowTextLengthW
GetSysColor
CreateDialogIndirectParamW
DrawIconEx
RegisterWindowMessageW
SetActiveWindow
SetCursor
GetShellWindow
DestroyCursor

msvcrt

_controlfp
time
wcsrchr
ungetc
towupper
swprintf
localtime
perror
__set_app_type
__p__fmode
__p__commode
_amsg_exit
strspn
strstr
islower
isupper
vsprintf
iswalpha
_initterm
wcsncpy
floor
wcscspn
_ismbblead
_XcptFilter
putc
strerror
printf
_exit
wcscat
_cexit
__setusermatherr
strchr
__getmainargs
bsearch
wcschr
iswctype

kernel32

GetCurrentThread
GetTimeFormatA
TryEnterCriticalSection
WaitForMultipleObjectsEx
GetTickCount
GetComputerNameW
WinExec
GetModuleFileNameA
GetExitCodeThread
GlobalGetAtomNameW
GetStartupInfoA
lstrcpynA
GetModuleFileNameW
SetThreadPriority
GetLocalTime
CreateSemaphoreA
SetThreadAffinityMask
CompareFileTime
GetCommTimeouts
lstrcpyW
RemoveDirectoryW
LoadLibraryW
HeapFree
RemoveDirectoryA
lstrcmpiW
FindResourceExA
GetFullPathNameW
SetFileAttributesA
FindResourceW
FlushViewOfFile
GlobalMemoryStatusEx
LockFile
FindNextFileW
SetupComm
SetHandleCount
GetWindowsDirectoryA
WriteFile
ReleaseMutex
CloseHandle

shlwapi

UrlGetLocationA
UrlIsOpaqueW

Exports

Exports

?HistoryLoggingOn@@YGKDKPAX:O

Sections

.text
Size: 23KB - Virtual size: 23KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdbg
Size: 512B - Virtual size: 108B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.iplan
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.eplan
Size: 512B - Virtual size: 91B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.run
Size: 512B - Virtual size: 383B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.0dat
Size: 24KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 512B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ram
Size: - Virtual size: 39KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

1a2e11119d1bdb803c564cd6ba3ff527

Headers

File Characteristics

PDB Paths

Imports

comctl32

user32

msvcrt

kernel32

shlwapi

Exports

Exports

Sections

.text Size: 23KB - Virtual size: 23KB

.rdbg Size: 512B - Virtual size: 108B

.iplan Size: 4KB - Virtual size: 4KB

.eplan Size: 512B - Virtual size: 91B

.run Size: 512B - Virtual size: 383B

.0dat Size: 24KB - Virtual size: 23KB

.data Size: 3KB - Virtual size: 2KB

.tls Size: 512B - Virtual size: 512B

.ram Size: - Virtual size: 39KB

.rsrc Size: 2KB - Virtual size: 1KB

.text
Size: 23KB - Virtual size: 23KB

.rdbg
Size: 512B - Virtual size: 108B

.iplan
Size: 4KB - Virtual size: 4KB

.eplan
Size: 512B - Virtual size: 91B

.run
Size: 512B - Virtual size: 383B

.0dat
Size: 24KB - Virtual size: 23KB

.data
Size: 3KB - Virtual size: 2KB

.tls
Size: 512B - Virtual size: 512B

.ram
Size: - Virtual size: 39KB

.rsrc
Size: 2KB - Virtual size: 1KB