a7ee8daa4b7eb408444ef8bb65d3fc9e_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

a7ee8daa4b7eb408444ef8bb65d3fc9e_JaffaCakes118
Size

60KB
MD5

a7ee8daa4b7eb408444ef8bb65d3fc9e
SHA1

6da7c48e72ac11ae5c81d5875e5969b509ca05fe
SHA256

762668ccaa4a1b4b9a0948a3ec959879fb3c60fb549673798b23b89d1e2c21ae
SHA512

320022ad321001040b2533fdefc0d8f507fcb6579d645403ca7473712c9d2a07a5769dfde5b77d7d3474caadfb1cdfd1ba84266be0b83cc16b9049f24e98e8c2
SSDEEP

1536:3v1g7DlQAkVb6JC5Qck6pUJKAq7eC70m:f1g75QBVu4jpU0eA

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a7ee8daa4b7eb408444ef8bb65d3fc9e_JaffaCakes118

Files

a7ee8daa4b7eb408444ef8bb65d3fc9e_JaffaCakes118
.exe windows:5 windows x86 arch:x86

765c99aeef5eb587c5decdc1b96fcdbc

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

C:\xyfUyyGi\czurorxuq\ymnUddvnK\gidgMYtxX\cbbNfiwuoFptqg.pdb

Imports

shlwapi

UrlGetLocationA
UrlIsOpaqueW

kernel32

SetFileApisToOEM
GetCommModemStatus
UnmapViewOfFile
CreateSemaphoreA
GetStdHandle
GlobalHandle
HeapLock
SetHandleCount
ClearCommError
LocalAlloc
GetACP
MoveFileA
VirtualQuery
GetLastError
GetUserDefaultLCID
FindNextChangeNotification
SetCommState
SetCurrentDirectoryA
FindCloseChangeNotification
GetVersion
lstrcmpiW
GetTickCount
lstrcpyW
CreateFileMappingA
AddAtomA
CreateNamedPipeA
GetModuleFileNameA
FlushViewOfFile
VerSetConditionMask
MoveFileExW
SleepEx
DefineDosDeviceW
FindResourceExA
GetPriorityClass
IsDBCSLeadByte
HeapAlloc
CreateRemoteThread
FindNextFileA
HeapFree
GetComputerNameExA

user32

DefWindowProcA
CheckDlgButton
ReplyMessage
DispatchMessageW
PeekMessageA
ClipCursor
LoadBitmapW
CreateIconIndirect
CreateIconFromResource
CreateWindowExA
ShowOwnedPopups
LoadBitmapA
DialogBoxParamW
AttachThreadInput
SetScrollRange
MapWindowPoints
RedrawWindow
CharNextExA
WaitForInputIdle
ScrollWindow
EnumChildWindows
GetMessageW
LoadImageW
PostThreadMessageA
wvsprintfW
EnableMenuItem
GetForegroundWindow
EndDialog
SetWindowPos
SetClassLongW
ChangeMenuW
CharPrevA
IsCharAlphaA
CharToOemW
OpenIcon
IsMenu
DrawTextW
SetWindowTextA
CharToOemA
GetAsyncKeyState
InsertMenuA
InvalidateRgn
GetCursorPos
IsWindowVisible
CopyAcceleratorTableW
GetActiveWindow
LoadIconW
GetKeyboardLayoutList
SetParent
DrawTextA
SetRect
DrawIcon
InsertMenuItemW
DrawStateW
DestroyCursor
AppendMenuA
GetClassLongA
GetDC
GetWindow
FindWindowExW
MonitorFromPoint
ReleaseDC
GetLastActivePopup
MessageBoxExW
wsprintfW
SetWindowPlacement
UpdateWindow
WaitMessage
CreatePopupMenu
CheckMenuItem
CreateCursor
CharUpperW
GetDCEx
GetClipCursor
GetMenu
GetScrollInfo
EnumThreadWindows
SwitchToThisWindow
CopyRect
IsWindow
GetCaretPos
AppendMenuW
CharToOemBuffA
GetUpdateRgn
SystemParametersInfoW

msvcrt

_controlfp
isupper
localtime
__set_app_type
qsort
sscanf
getc
__p__fmode
__p__commode
time
strpbrk
mktime
_amsg_exit
_initterm
rand
_ismbblead
isspace
malloc
setlocale
fgetc
_XcptFilter
_exit
wcsncmp
wcsncpy
wcsstr
atol
remove
towlower
getenv
_cexit
isdigit
printf
iswprint
__setusermatherr
fseek
__getmainargs

Exports

Exports

?HistoryLoggingOn@@YGKDKPAX:O

Sections

.text
Size: 23KB - Virtual size: 23KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdbg
Size: 512B - Virtual size: 113B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.iplan
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.eplan
Size: 512B - Virtual size: 91B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.run
Size: 512B - Virtual size: 430B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.0dat
Size: 24KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ram
Size: - Virtual size: 39KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tls
Size: 512B - Virtual size: 512B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

765c99aeef5eb587c5decdc1b96fcdbc

Headers

File Characteristics

PDB Paths

Imports

shlwapi

kernel32

user32

msvcrt

Exports

Exports

Sections

.text Size: 23KB - Virtual size: 23KB

.rdbg Size: 512B - Virtual size: 113B

.iplan Size: 4KB - Virtual size: 4KB

.eplan Size: 512B - Virtual size: 91B

.run Size: 512B - Virtual size: 430B

.0dat Size: 24KB - Virtual size: 23KB

.data Size: 3KB - Virtual size: 2KB

.ram Size: - Virtual size: 39KB

.tls Size: 512B - Virtual size: 512B

.rsrc Size: 2KB - Virtual size: 1KB

.text
Size: 23KB - Virtual size: 23KB

.rdbg
Size: 512B - Virtual size: 113B

.iplan
Size: 4KB - Virtual size: 4KB

.eplan
Size: 512B - Virtual size: 91B

.run
Size: 512B - Virtual size: 430B

.0dat
Size: 24KB - Virtual size: 23KB

.data
Size: 3KB - Virtual size: 2KB

.ram
Size: - Virtual size: 39KB

.tls
Size: 512B - Virtual size: 512B

.rsrc
Size: 2KB - Virtual size: 1KB