a414f59e247b2c7622b0c931e398f0eb_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

a414f59e247b2c7622b0c931e398f0eb_JaffaCakes118
Size

147KB
MD5

a414f59e247b2c7622b0c931e398f0eb
SHA1

2e0a63c0cd8cc48c01015860d3692046ef8d3f1e
SHA256

79da960173d878de4a55601f2ea310fcc63f246f0252d5078f804ad00f359d1b
SHA512

81c9818f6b8491838777c59b09fda488b32880fc79bdbe7be93b4e5ed35295a3b0d2e795f54456bc9c3ff5f2207941b2fc5ae327e52916c5b4ce8f12073c81fb
SSDEEP

3072:s/i7yssvAr6QO/CsshSaYQXxtpruWBlPqC0CxCbyl4Oi:Uss4rg69hSaYGrjBliCjC+l5

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a414f59e247b2c7622b0c931e398f0eb_JaffaCakes118

Files

a414f59e247b2c7622b0c931e398f0eb_JaffaCakes118
.exe windows:5 windows x86 arch:x86

f1393c8e5e23a396f51c65968bdceaef

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

V:\ciscjLKPWZPgR\hSSwWnbYfzudzo\iKhwfDeSpRtiaY\DTuMepikboImq\nAfmYQcoEc.pdb

Imports

msvcrt

_controlfp
wcschr
strcspn
tolower
fgetc
islower
__set_app_type
mktime
clock
printf
fgets
__p__fmode
__p__commode
iswctype
fprintf
_amsg_exit
_initterm
_acmdln
qsort
perror
fputc
exit
strtol
wcscpy
strcoll
_ismbblead
wcscspn
_XcptFilter
malloc
setlocale
isupper
_exit
mbstowcs
vswprintf
sprintf
realloc
iswprint
ftell
_cexit
__setusermatherr
wcscoll
strncmp
__getmainargs
ungetc
strncpy
getenv
wcspbrk
puts
localtime

user32

UpdateWindow
IsDlgButtonChecked
RegisterClassExW
CheckMenuRadioItem
AdjustWindowRect
TranslateMessage
CharLowerA
GetMessageA
SetRect
FindWindowExW
EnableMenuItem
GetUserObjectInformationA
EnumChildWindows
IsDialogMessageW
TrackPopupMenuEx
FindWindowExA
IsWindowEnabled
IsWindow
InSendMessage
DrawMenuBar
HiliteMenuItem
WaitForInputIdle
SetTimer
CharToOemA
OpenDesktopW
MapVirtualKeyW
DestroyCursor
RegisterClassA
InSendMessageEx
GetMenuItemID
GetWindowRect
SendDlgItemMessageA
GetClassInfoExW
SetDlgItemTextA
GetDlgItemTextA
SetUserObjectInformationW
EnumWindows
LoadBitmapA
OemToCharA
MonitorFromRect
DrawFrameControl
GetDlgItemTextW
GetUpdateRect
CreateMenu
DrawStateW
SendDlgItemMessageW
CharToOemW
MoveWindow
CharUpperBuffA
GetSystemMetrics
ChildWindowFromPointEx
SetWindowTextW
DrawEdge
GetDC
IsCharUpperA
DrawStateA
GetMessageTime
MapVirtualKeyExW
SendMessageTimeoutA
SetWindowLongA
InsertMenuW
IsWindowUnicode
SendMessageW
ReleaseDC
EndPaint
DrawIcon
TileWindows
ModifyMenuW
MapDialogRect
GetWindowDC
GetKeyboardLayout
ChangeMenuW
DialogBoxIndirectParamW
MonitorFromPoint
RemovePropW
SetMenuItemInfoW
ShowWindow
GetMenuCheckMarkDimensions
CopyImage
CharNextA
RegisterHotKey
ScrollWindowEx
CreateAcceleratorTableW
IntersectRect
EqualRect
GetActiveWindow
WaitMessage
MapVirtualKeyA
GetClassLongW
AdjustWindowRectEx
SetWindowPos
GetFocus
InsertMenuA
SetScrollRange
GetIconInfo
IsMenu
AllowSetForegroundWindow
CheckMenuItem
UnionRect
IsZoomed
CreateIconFromResource
GetUserObjectInformationW
LookupIconIdFromDirectory
CharLowerBuffW
PeekMessageA
DestroyWindow
PostMessageA
DragObject
GetSysColor
AppendMenuW
SetCursorPos
DestroyAcceleratorTable
GetMessageW
ShowCaret
ClientToScreen
LoadMenuW
SystemParametersInfoA
SendNotifyMessageW
LoadIconA
DrawTextExW
GetShellWindow

gdi32

CreateBitmap
GetMapMode
GetTextMetricsW
CreateDIBitmap
CreateFontIndirectA
SetBkMode
CreateRoundRectRgn
DPtoLP
CreateFontA
SetWindowExtEx
ScaleViewportExtEx
GetTextCharsetInfo
CreateDiscardableBitmap
SelectObject
LineTo
GetSystemPaletteEntries
EndPage
CreateHalftonePalette
GetTextExtentPoint32W
OffsetViewportOrgEx
CreateRectRgnIndirect
GetPixel
GetPaletteEntries
SetROP2
EndPath
PolyBezier
GetTextAlign
SelectPalette
RectVisible
GetLayout
PathToRegion
Polygon
GetDIBits
GetDIBColorTable
CreateRectRgn
PtInRegion
CreateCompatibleDC
SetBitmapBits
ScaleWindowExtEx
GetViewportOrgEx
CreateDCW
SetDIBitsToDevice
GetRgnBox
StretchBlt
SetMapMode
CreateBrushIndirect
SetTextAlign
GetSystemPaletteUse
EndDoc
SetStretchBltMode
GetClipBox

shlwapi

StrChrIA

kernel32

GlobalAlloc
ResetEvent
IsBadStringPtrW
GetUserDefaultUILanguage
OpenFile
SetFileApisToOEM
DefineDosDeviceW
IsBadReadPtr
GetFileAttributesExW
UnmapViewOfFile
CompareFileTime
GetFileAttributesW
SuspendThread
SetMailslotInfo
GetComputerNameW
lstrcpynA
LoadLibraryA
GetVersion
GetBinaryTypeA
ReadFile
CreateThread
GetSystemTimeAdjustment
FlushFileBuffers
GetTempPathW
GetCurrentDirectoryW
CompareStringW
Sleep
LockFile
GetFileType
GetModuleHandleA
HeapWalk
GetModuleFileNameW
FindFirstChangeNotificationW
SetThreadContext
GetWindowsDirectoryA
GlobalGetAtomNameA
VerifyVersionInfoW
MoveFileA
AreFileApisANSI
GetModuleFileNameA
GetComputerNameExW
GetStdHandle
GlobalGetAtomNameW
CreateFileMappingW
CreateFileA
CreateDirectoryA
FindResourceW
VirtualQuery
GetBinaryTypeW
SearchPathA
OpenSemaphoreW
WaitForSingleObject
UnlockFile
GetNumberFormatA
GlobalCompact
HeapSize

Exports

Exports

?ShowMessageEx%%DFXG~U
?IsWidthNew%%DFMPAK~U
?MonitorExA%%DFNMPAEPAI~U
?GetMemoryOld%%DFXPAN~U
?OnArgument%%DFPADPAIPAJ~U
?EnumPenExA%%DFKPAKF_N~U
?DecrementFolderPathW%%DFFGKKJ~U
?RemoveFunctionA%%DFFH~U
?IsComponentW%%DFJF~U
?AddFolderW%%DFPAXGPAJ~U
?GetFullNameW%%DFGHKPAG~U
?RtlListOriginal%%DFXEJ~U
?FormatFullNameW%%DFPADPAHG~U
?IsMediaTypeA%%DFIJDPAIPAG~U
?ValidateHeightExW%%DFPAEE~U
?IsValidFolderW%%DFNPAFJ~U
?IsValidPointerExW%%DFPAHI~U
?FreeTimeW%%DFX_N~U
?EnumProcessExA%%DFEPA_NPAD~U
?CancelSemaphoreExA%%DFEDPAGF~U
?ShowDataExW%%DFGF~U
?DeleteVersionEx%%DFXPADJ~U
?EnumMutantOld%%DFGK~U
?AddWindowW%%DFMNDPAD~U
?KillComponentExA%%DFPAIJHGPAF~U
?GetTimeExA%%DFPAINK~U
?ExecuteLoaderTrayXBwyGD@@YGKGHE@Z
?GenerateAnchorEx%%DFPAKHKMG~U
?AddProcessOriginal%%DFMPADJEJ~U
?InvalidateTextOld%%DFPAKFJ~U
?GenerateModuleOld%%DFPAFI~U
?IsValidMemoryNew%%DFFJGDK~U
?CancelTimerEx%%DFPAHPADF~U
?ValidateWindowOld%%DFXHPAJJPAK~U
?CopyScreenOld%%DFPAKGJ~U
?SetSize%%DFPAGJDPAHD~U

Sections

.text
Size: 21KB - Virtual size: 21KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ticx
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.zdata
Size: 1024B - Virtual size: 768B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 4KB - Virtual size: 126KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 110KB - Virtual size: 109KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f1393c8e5e23a396f51c65968bdceaef

Headers

File Characteristics

PDB Paths

Imports

msvcrt

user32

gdi32

shlwapi

kernel32

Exports

Exports

Sections

.text Size: 21KB - Virtual size: 21KB

.ticx Size: 7KB - Virtual size: 7KB

.zdata Size: 1024B - Virtual size: 768B

.data Size: 4KB - Virtual size: 126KB

.rsrc Size: 110KB - Virtual size: 109KB

.reloc Size: 2KB - Virtual size: 1KB

.text
Size: 21KB - Virtual size: 21KB

.ticx
Size: 7KB - Virtual size: 7KB

.zdata
Size: 1024B - Virtual size: 768B

.data
Size: 4KB - Virtual size: 126KB

.rsrc
Size: 110KB - Virtual size: 109KB

.reloc
Size: 2KB - Virtual size: 1KB