a7c7ac582a7eefdbac84d60f43aad03d_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

a7c7ac582a7eefdbac84d60f43aad03d_JaffaCakes118
Size

149KB
MD5

a7c7ac582a7eefdbac84d60f43aad03d
SHA1

749478f3caf28b67ce82844fa4720b9d3bb4fb28
SHA256

5881ec15d67fb8ecd4db87c522646c48de1dffc3bca51d7f240962ee71fc2718
SHA512

054b4c55a7162e713bc94dc01ca2500cf97eaa22d0022bdb4ca7061d63a7ed5395e62f643d1a07cc02f6e572d11d99a1ba1e0b8769dc6aec916a27c6a2b9e17c
SSDEEP

3072:JOumxvF5itfNxwCQKNeY7Kwn3g+MAdOp2mlX323Ne6VFhEAeIk:4umxvmfM7KwwKkwhpdlXKfeA

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a7c7ac582a7eefdbac84d60f43aad03d_JaffaCakes118

Files

a7c7ac582a7eefdbac84d60f43aad03d_JaffaCakes118
.exe windows:5 windows x86 arch:x86

d16f83022063816dcb680f070fb847a2

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

M:\dfczssB\RLbPqrdwwcogy\pilygolOjlhu.pdb

Imports

msvcrt

fgets
rand
_controlfp
isalpha
strtoul
strtok
strcspn
wcslen
mbstowcs
__set_app_type
__p__fmode
wcstoul
isspace
iswxdigit
strstr
__p__commode
_amsg_exit
ungetc
_initterm
strcpy
tolower
malloc
swprintf
isxdigit
localtime
strspn
_ismbblead
system
isupper
setlocale
_XcptFilter
_exit
wcsstr
memset
putc
strtol
strncmp
_cexit
iswspace
wcscpy
__setusermatherr
strerror
getc
__getmainargs
wcsrchr
clock
bsearch
wcstok
atoi

kernel32

CreateFileA
OpenEventA
SetPriorityClass
FindCloseChangeNotification
SetFileAttributesW
MoveFileA
lstrcpyW
EscapeCommFunction
GetTempPathA
SearchPathA
CreateNamedPipeW
FindFirstFileW
MoveFileW
FlushFileBuffers
CancelIo
SetHandleInformation
GetThreadPriority
SetHandleCount
LocalUnlock
GlobalDeleteAtom
FindNextChangeNotification
CreateWaitableTimerA
lstrlenW
GetTempFileNameW
FreeResource
HeapUnlock
SetCommTimeouts
SetWaitableTimer
HeapCreate
GetVersionExA
ReadFile
GetThreadLocale
GetCurrentDirectoryW
FlushViewOfFile
GetTickCount
FindNextFileA
VerSetConditionMask
GetFileAttributesExW
VirtualQuery
SetLastError
ReleaseMutex
ClearCommError
WaitCommEvent
LoadLibraryA
CompareFileTime
GlobalHandle
IsBadReadPtr
GetStartupInfoA
DeleteFileW
SetThreadContext
EnumResourceLanguagesA
GetDateFormatW
GetSystemTimeAsFileTime
HeapReAlloc
DeleteCriticalSection

user32

SetActiveWindow
SetCaretPos
ValidateRect
CharToOemBuffA
SendMessageTimeoutW
KillTimer
wsprintfW
IsCharAlphaNumericW
SetWindowTextW
SetMenu
CharNextW
SetWindowRgn
IsMenu
InvalidateRgn
GetMessageTime
GetMenuStringW
GetMenuItemRect
GetMessageExtraInfo
InsertMenuItemW
MoveWindow
SetDlgItemTextW
InsertMenuW
AttachThreadInput
ClientToScreen
SendInput
InternalGetWindowText
GetClassInfoExA
SetLastErrorEx
CreateIconIndirect
HideCaret
GetKeyboardLayout
DrawFrameControl
GetClipCursor
LoadIconW
DefWindowProcA
OpenInputDesktop
GetWindowLongA
SendNotifyMessageW
GetFocus
CallWindowProcA
SendMessageW
ShowCaret
FindWindowA
SendMessageTimeoutA
GetScrollRange
WaitMessage
SetScrollInfo
OpenIcon
ShowScrollBar
GetShellWindow
GetDlgItemTextA
SetScrollPos
LoadCursorA
GetDlgItemInt
ShowCursor
MapVirtualKeyA
EndPaint
VkKeyScanW
LoadMenuA
LoadMenuW
RegisterHotKey
OemToCharBuffA
DialogBoxIndirectParamA
GetMenuItemCount
CreateDialogParamA
InSendMessage
GetUpdateRect
CheckMenuRadioItem
DestroyCursor
SetUserObjectInformationW
SetForegroundWindow
OpenDesktopW
GetDlgCtrlID
CreateIconFromResource
RegisterClassA
GetUpdateRgn
GetWindowTextLengthW
WaitForInputIdle
CreateCaret
SetWindowLongA
CheckMenuItem
GetKeyNameTextW
SetMenuItemInfoW
GetDCEx
EnableScrollBar
ChildWindowFromPoint
ToUnicodeEx
SetParent
ReleaseDC
CharPrevA
GetClassLongW
GetClientRect
UnloadKeyboardLayout
ReplyMessage
CharUpperA
SetTimer
GetKeyboardType
GetNextDlgGroupItem
IsWindowEnabled
DrawTextA
TranslateAcceleratorW
IsIconic
LoadAcceleratorsW
GetParent
CopyAcceleratorTableW
DefFrameProcA
GetCursorPos
GetClassInfoExW
CheckDlgButton
DrawStateW
ShowWindowAsync
DestroyMenu
CharNextExA
GetActiveWindow
AdjustWindowRect
GetSystemMetrics
CheckRadioButton
RegisterWindowMessageW
ChangeMenuW
CharUpperBuffW

Exports

Exports

?ReadInfoFile@@YGK_KHE:O

Sections

.text
Size: 22KB - Virtual size: 21KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.init
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.erts
Size: 512B - Virtual size: 83B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.wall
Size: 512B - Virtual size: 124KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.info
Size: 1024B - Virtual size: 704B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.udata
Size: 31KB - Virtual size: 31KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 81KB - Virtual size: 81KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d16f83022063816dcb680f070fb847a2

Headers

File Characteristics

PDB Paths

Imports

msvcrt

kernel32

user32

Exports

Exports

Sections

.text Size: 22KB - Virtual size: 21KB

.init Size: 6KB - Virtual size: 5KB

.erts Size: 512B - Virtual size: 83B

.wall Size: 512B - Virtual size: 124KB

.info Size: 1024B - Virtual size: 704B

.data Size: 3KB - Virtual size: 2KB

.udata Size: 31KB - Virtual size: 31KB

.rsrc Size: 81KB - Virtual size: 81KB

.reloc Size: 2KB - Virtual size: 1KB

.text
Size: 22KB - Virtual size: 21KB

.init
Size: 6KB - Virtual size: 5KB

.erts
Size: 512B - Virtual size: 83B

.wall
Size: 512B - Virtual size: 124KB

.info
Size: 1024B - Virtual size: 704B

.data
Size: 3KB - Virtual size: 2KB

.udata
Size: 31KB - Virtual size: 31KB

.rsrc
Size: 81KB - Virtual size: 81KB

.reloc
Size: 2KB - Virtual size: 1KB