acb07bf8f5c6671bbc8fe1fd56aeb620_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

acb07bf8f5c6671bbc8fe1fd56aeb620_JaffaCakes118
Size

215KB
MD5

acb07bf8f5c6671bbc8fe1fd56aeb620
SHA1

17237ab33ce189f73b9f0ea978f16ed618f791ca
SHA256

5c886c2c44a66b8bbaf4e80252fa962be18b45cf8a64f32c4eafee10ffd6a8e5
SHA512

e7181774a1ead468100d445a1a6013a33ece991afcff17d63e9c171fe33e6a5edb6c9b08d4765dff395519a8ff94402738b29ab93abd561dec43163ca7b44325
SSDEEP

6144:S8Nehe2W07UvD+WdXIv7LM3oQvxVjRPvGOX:Boz2nY3KoQpVx+

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
acb07bf8f5c6671bbc8fe1fd56aeb620_JaffaCakes118

Files

acb07bf8f5c6671bbc8fe1fd56aeb620_JaffaCakes118
.exe windows:5 windows x86 arch:x86

00facdbfd9c7ed25227fd2700e51beb2

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

F:\uhjPaqxhxKwe\mkzKMfksUsem\qpkEpGTknsoc\nVGYhrFyabEjDa.pdb

Imports

msvcrt

perror
strncpy
atoi
fputc
floor
wcscpy
wcscat
_controlfp
__set_app_type
strcpy
__p__fmode
iswalpha
__p__commode
_amsg_exit
_initterm
_acmdln
exit
_ismbblead
isalpha
_XcptFilter
strcoll
strtoul
putc
strcspn
wcschr
iswdigit
_exit
system
_cexit
toupper
wcstod
iswprint
setvbuf
realloc
__setusermatherr
__getmainargs
fclose
strspn
wcscspn

gdi32

CreateSolidBrush
GetClipBox
PolyBezier
ExtTextOutA
CreatePalette
ResizePalette
ScaleWindowExtEx
SetPixel
SetRectRgn
CreateEllipticRgnIndirect
LineTo
SetBkColor
SetBitmapBits
TextOutA
Rectangle
GetStockObject
SetViewportExtEx
SelectPalette
GetPixel
Polygon
EndPage
EnumFontsW
CreatePolygonRgn
CreateRectRgn
SetStretchBltMode
SetMapMode
SetWindowOrgEx
GetViewportOrgEx
EnumFontFamiliesExW
CreateHalftonePalette
CreateFontW
Ellipse
GetTextFaceW
SetLayout
RectVisible
GetTextExtentPoint32W
GetROP2

kernel32

GetSystemTimeAdjustment
LCMapStringA
GetFileInformationByHandle
GetTempPathA
GetWindowsDirectoryA
CreateFileMappingW
SetHandleInformation
IsBadStringPtrW
HeapReAlloc
VerifyVersionInfoW
GetExitCodeThread
ConnectNamedPipe
LoadLibraryW
LoadLibraryExA
GetLocaleInfoA
DeleteAtom
CompareStringA
WaitForSingleObjectEx
GetSystemWindowsDirectoryW
GetDateFormatW
GetFileType
lstrlenW
TransactNamedPipe
GetOEMCP
UnhandledExceptionFilter
SetFileTime
GetNumberFormatA
GetShortPathNameA
GetTimeFormatW
CreateNamedPipeW
BuildCommDCBAndTimeoutsW
SearchPathW
GetTickCount
TlsSetValue
lstrcpyA
SetErrorMode
GetAtomNameA
GetModuleFileNameW
VirtualQuery
GetCommandLineW

user32

GetDoubleClickTime
CloseDesktop
GetClassNameW
FindWindowExA
RegisterWindowMessageW
OpenDesktopW
CharNextA
DrawIconEx
MessageBoxExA
GetMenuItemRect
GetKeyboardLayoutNameW
IsCharUpperA
CreateWindowExA
GetKeyboardType
AdjustWindowRect
SetLastErrorEx
WaitForInputIdle
OpenIcon
SystemParametersInfoW
DrawFrameControl
GetDlgItemTextA
MessageBoxExW
AdjustWindowRectEx
InSendMessage
GetMenuItemInfoW
InternalGetWindowText
CheckMenuRadioItem
InflateRect
GetClassInfoExW
InsertMenuA
CharLowerW
GetClientRect
InsertMenuW
SetWindowTextA
GetFocus
SetWindowLongA
GetScrollInfo
IsWindowUnicode
EndDialog
IsZoomed
GetDesktopWindow
ToUnicodeEx
PostThreadMessageA
MonitorFromPoint
GetDlgItemTextW
GetSysColorBrush
IsCharLowerA
IntersectRect
LoadMenuW
SetParent
ShowWindow
GetWindowLongW
DrawTextW
CreateIconFromResource
RegisterClassW
SendDlgItemMessageW
ClipCursor
IsDialogMessageW
RemovePropW
GetMenuItemID
GetMenu
ScrollWindow
ModifyMenuW
PostMessageW
LoadBitmapW
CopyAcceleratorTableW
GetPropW
GetNextDlgGroupItem
SendMessageTimeoutW
ValidateRect
SetTimer
ChangeMenuW
GetKeyboardLayoutList
DestroyAcceleratorTable
MoveWindow
GetMonitorInfoW
GetMessageW
SetPropW
IsWindowEnabled
CreateDialogIndirectParamW
GetUpdateRect
MapVirtualKeyExW
CharUpperW
CopyImage
EnumWindows
GetCaretPos
TranslateAcceleratorA
DrawMenuBar
SetDlgItemTextW
CascadeWindows

Exports

Exports

?AddTimeOld@@YGPAJEMD&U
?CancelDirectoryOld@@YG_NPAEPAIF&U
?FreeCharNew@@YGFPAGF&U
?DecrementEvent@@YGPAIJ&U
?AnchorEx@@YGHPAEF&U
?ModifyConfigExW@@YGMPAHHDPAG&U
?CharEx@@YGPAFPAEM&U
?CancelSystemEx@@YGHPAEHJPAE&U
?ClosePathNew@@YGID&U
?CallMonitorA@@YGKPAMGG&U
?FreeArgumentNew@@YGXK_N&U
?EnumMutantOld@@YGDEPAF&U
?InvalidateWindowInfoW@@YGNPAMPAGPAJJ&U
?KillSemaphoreOriginal@@YGXPAMD&U
?GenerateMutexNew@@YGNPAHH&U
?SendMonitorExA@@YGDPAFPAMK&U
?ModifyPointOriginal@@YGM_ND&U
?ShowDateOld@@YGPAE_NPAHPAKPAI&U
?SendExpression@@YGPAGJ&U
?InstallPointerNew@@YGGHPAE_N&U
?CopyAnchor@@YGPADJF&U
?GetMonitorEx@@YGJH&U
?CancelConfigExW@@YGXPAFFPANPAJ&U
?InvalidateFileExW@@YGEFPAK&U
?IsNotSemaphore@@YGJJJ&U
?RtlTimeA@@YGXPAEJ&U
?OnPath@@YGPAGGPAGPANE&U
?ValidateProviderOld@@YGPAFJJI&U
?RemoveListItemOld@@YGKPAFPAIPAGPAH&U
?KillTextEx@@YGHPAHHD&U
?InsertWidthNew@@YGXPAEPAI&U
?LoadTaskOld@@YGMPAKPAIEK&U
?RtlWindowInfoA@@YGXPAEGDPAD&U
?HideSectionA@@YGPAD_NG&U
?GenerateOptionOld@@YGPAXPAEIEJ&U

Sections

.text
Size: 82KB - Virtual size: 81KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.imdat
Size: 1024B - Virtual size: 840B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.edata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 18KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 1024B - Virtual size: 56KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 109KB - Virtual size: 108KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

00facdbfd9c7ed25227fd2700e51beb2

Headers

File Characteristics

PDB Paths

Imports

msvcrt

gdi32

kernel32

user32

Exports

Exports

Sections

.text Size: 82KB - Virtual size: 81KB

.imdat Size: 1024B - Virtual size: 840B

.edata Size: 1KB - Virtual size: 1KB

.data Size: 18KB - Virtual size: 17KB

.rdata Size: 1024B - Virtual size: 56KB

.rsrc Size: 109KB - Virtual size: 108KB

.reloc Size: 2KB - Virtual size: 1KB

.text
Size: 82KB - Virtual size: 81KB

.imdat
Size: 1024B - Virtual size: 840B

.edata
Size: 1KB - Virtual size: 1KB

.data
Size: 18KB - Virtual size: 17KB

.rdata
Size: 1024B - Virtual size: 56KB

.rsrc
Size: 109KB - Virtual size: 108KB

.reloc
Size: 2KB - Virtual size: 1KB