a9f1b25f9926e86b5283475f9ccded92_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

a9f1b25f9926e86b5283475f9ccded92_JaffaCakes118
Size

214KB
MD5

a9f1b25f9926e86b5283475f9ccded92
SHA1

36a29d20e196518a7f32c9a7f7c8497afec3c233
SHA256

ec17c8a9397fd0563453c9d81c67e5e4582e4826221e060e4c192cb5c0efdb2e
SHA512

169b5f40554d6f85429799f79404f411d6de461a22a25745c081b352f77024bac9d2671169a5e372abdc4af7014ed5980523481dbd2f5e4584fc4b703ef5a200
SSDEEP

6144:owStAMg2Mzzn+Www7b2lcrEDxLV3Zp3qopOZewzK:oxnA/+G7b2q83qosZjm

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a9f1b25f9926e86b5283475f9ccded92_JaffaCakes118

Files

a9f1b25f9926e86b5283475f9ccded92_JaffaCakes118
.exe windows:5 windows x86 arch:x86

aa26228ac3a4432a4340b808153b8c7c

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

U:\EzpqplxE\rGhftdslfb\nJckzNvsgrcf.pdb

Imports

user32

DrawTextW
SetRectEmpty
GetWindowDC
GetDlgItem
SendDlgItemMessageW
SendMessageTimeoutW
InvertRect
AppendMenuA
CharNextExA
ShowOwnedPopups
GetScrollRange
LoadCursorA
GetKeyboardLayoutList
ShowWindowAsync
GetWindowTextA
CharLowerBuffW
DrawIconEx
ScrollWindowEx
SendInput
MapVirtualKeyW
GetAsyncKeyState
SetWindowPos
CharLowerW
MessageBoxExA
GetMessageW
LoadIconA
SendNotifyMessageW
CopyAcceleratorTableW
DefWindowProcA
GetCaretPos
SetCursorPos
SetWindowTextA
IsCharAlphaW
TrackPopupMenu
CopyRect
ClientToScreen
CharPrevW
SendDlgItemMessageA
CreateDialogParamA
CallWindowProcA
EqualRect
MonitorFromPoint
OemToCharBuffA
LoadIconW
PostThreadMessageA
AllowSetForegroundWindow
GetCursorPos
IsDialogMessageA
GetWindowRect
PostQuitMessage
InflateRect
IsDialogMessageW
SetMenuItemInfoW
MapWindowPoints
SystemParametersInfoW
LoadCursorW
AppendMenuW
DragObject
SwitchToThisWindow
mouse_event
DefDlgProcA
IsDlgButtonChecked
GetWindowLongA
GetIconInfo
OemToCharA
FillRect
GetMessageExtraInfo
DestroyWindow
GetMenuStringA
DestroyAcceleratorTable
GetForegroundWindow
LoadMenuW
GrayStringW
MessageBoxExW
CharLowerA
DrawIcon
GetSubMenu
OpenIcon
SetWindowRgn
CreateDialogIndirectParamW
SendMessageTimeoutA
ClipCursor
EndDialog
GetNextDlgGroupItem
EnumWindows
InsertMenuA
DestroyCaret
HideCaret
InvalidateRect
GetMenuStringW
GetClassLongA
ShowCaret
DestroyMenu
GetDoubleClickTime
DialogBoxParamW
SetMenu
GetMenuState
CloseDesktop
SetCursor
DispatchMessageW
EnableMenuItem
CreateWindowExA
LoadAcceleratorsW
CreateIconIndirect
RemovePropW
CopyImage
UnionRect
TrackPopupMenuEx
GetSysColorBrush
SetActiveWindow
GetWindowLongW
CheckMenuRadioItem
InsertMenuW
wvsprintfW
OpenInputDesktop
CharUpperBuffW
LoadBitmapA
BeginDeferWindowPos
RegisterWindowMessageA
ActivateKeyboardLayout
LoadMenuA

gdi32

EndPath
SetTextColor
RestoreDC
StartDocW
OffsetRgn
SetWindowOrgEx
GetTextExtentPointW
LineTo
WidenPath
Rectangle
IntersectClipRect
PatBlt
RealizePalette
TextOutA
SetBrushOrgEx
LPtoDP
ScaleWindowExtEx
BitBlt
CreateFontA
GetClipBox
UnrealizeObject
GetBkMode
LineDDA
SetDIBColorTable
CreateSolidBrush
CombineRgn
CreateBrushIndirect
SelectClipRgn
StartPage
Polyline
StretchBlt
GetBitmapBits
SetTextAlign
FillRgn
GetFontData
CreateEllipticRgnIndirect
GetSystemPaletteEntries
Escape
GetTextAlign
GetPaletteEntries
AddFontResourceW
ExtTextOutA
RectInRegion
BeginPath
CreateCompatibleBitmap
GetROP2
GetTextExtentPoint32A
SetBitmapBits
SetStretchBltMode
ExtFloodFill
EndPage

kernel32

SetTimerQueueTimer
GetNumberFormatA
GetThreadPriority
FindResourceExA
SearchPathW
QueryPerformanceCounter
GetCompressedFileSizeW
lstrcpynW
IsBadStringPtrW
SetNamedPipeHandleState
HeapWalk
LoadLibraryA
WaitForMultipleObjects
GetLastError
ClearCommBreak
SetThreadExecutionState
GetCommandLineW
AreFileApisANSI
CreateThread
TlsFree
GetUserDefaultLCID
SetLocalTime
FindCloseChangeNotification
FoldStringW
WriteFile
LCMapStringA
SetHandleInformation
VirtualProtect
GetModuleFileNameA
GetLocaleInfoA
ClearCommError
LocalFree
DuplicateHandle
GetSystemWindowsDirectoryA
SetThreadContext
GetACP
GetAtomNameA
DefineDosDeviceW
CreateNamedPipeA
SystemTimeToFileTime
TerminateThread
SetFileApisToOEM
ReadFile
GetCommModemStatus
GetModuleHandleA
CreateSemaphoreW
OpenFile
SuspendThread
GetWindowsDirectoryW
GetShortPathNameA
FindFirstFileW
DeleteCriticalSection
GetCurrentThread
ConvertDefaultLocale
GetStartupInfoW
SetEvent
DisconnectNamedPipe

msvcrt

fwrite
sscanf
wcsstr
_controlfp
setvbuf
__set_app_type
__p__fmode
iswxdigit
wcstol
__p__commode
ftell
_amsg_exit
bsearch
rand
wcsrchr
isspace
_initterm
wcscmp
iswspace
fputs
setlocale
iswctype
isprint
tolower
_acmdln
putc
remove
fclose
isdigit
ungetc
exit
_ismbblead
malloc
strerror
clearerr
wcslen
atol
iswdigit
puts
wcscspn
_XcptFilter
_exit
calloc
wcsncmp
_cexit
__setusermatherr
strncmp
__getmainargs
strtol

Exports

Exports

?DeleteCharNew@@YGPAXE_N]A
?ModifyDateW@@YGPAJJ]A
?ValidateMediaTypeW@@YG_NPAJPAMM]A
?GetProcessEx@@YGPAG_NKED]A
?OnExpressionA@@YGKPADFG]A
?EnumFunctionExW@@YGXGHJ]A
?ModifyFolderPathOriginal@@YG_NGEPAMPAD]A
?GlobalFilePathExA@@YGDJF]A
?LoadFunctionExW@@YGIPAJ]A
?AddOptionEx@@YGMKN]A
?InsertClassOriginal@@YGGJG]A
?ArgumentExW@@YGHDPAHPADM]A
?OnComponentExW@@YGPAIPAFKPAE]A
?InsertPointOld@@YGPAIPAHPAIPAJ]A
?DecrementNameOld@@YGMPAMI]A
?CallArgumentEx@@YGHF]A
?GenerateMemory@@YGMPADPADPAJ]A
?GlobalConfigA@@YGEFFDPAN]A
?InvalidateProfileW@@YGHDIPAF]A
?GetNameA@@YGFGDPAF]A
?GenerateFullNameOriginal@@YGPA_NHF]A
?AddProfileExA@@YGPAJMPAED]A
?CancelProviderOld@@YGXPADDEPAJ]A
?KillEventOriginal@@YGXF]A
?SendValueOriginal@@YGDHPA_N]A
?ValidateTextOld@@YGDD]A
?InsertProcessA@@YG_NPAJPAJJD]A
?EnumObject@@YGPAXPAMPAG]A
?FilePathA@@YGPAHM_N]A
?RtlFunctionExW@@YGJPANGMPAE]A
?InsertValueOld@@YGPA_NJPAEGPAJ]A
?ValidateMessageOriginal@@YGK_NG]A
?InsertCharOld@@YGPAIPA_N]A
?IsNotFolderExW@@YGHG]A
?ModifyPenOriginal@@YGGF]A
?GetWindowInfoNew@@YGHKPAMGPAD]A
?ShowMemoryA@@YGDNPAHH]A
?InstallKeyNameExA@@YGEJEPAEPAK]A
?GlobalStringOriginal@@YGPA_N_NEJ_N]A
?CopyListEx@@YGNF]A
?DecrementSectionW@@YGJF]A
?SendModuleExA@@YGXG]A
?ModifyClassExA@@YGPAFHHG]A
?KillAnchorExW@@YGNPAMI]A
?CopyProjectOld@@YGMKPAG]A
?PutSemaphoreNew@@YGDG]A
?CancelDeviceExA@@YGEIPAFG]A
?CancelFolderEx@@YGFHH]A
?HideNameExA@@YGPAE_NPAHD]A
?DeletePathExW@@YGKIH]A
?IsNotKeyNameOriginal@@YGEKJ]A
?FormatWindowEx@@YGJPAHG]A
?DecrementExpressionOriginal@@YG_NIJFD]A
?CopyFullNameOriginal@@YGPAJPAFGE]A
?AddWidthA@@YGXJEPAI]A
?LoadSystemOld@@YGJPAD]A
?ValidatePointerExW@@YGXPAFH]A
?SetProfileOriginal@@YGFKPAD]A
?CloseRectNew@@YGIPAEJPAI]A
?GlobalMonitorExW@@YGDIJPAD]A
?SendCommandLineA@@YGPAIPADPAD_NPAE]A
?GetFunctionNew@@YGFJJD]A
?LoadConfigOriginal@@YGIDNPAD]A
?FindProjectEx@@YGMN]A
?AddEventOriginal@@YG_N_NPAKED]A
?CopyFullNameExA@@YGPAGG]A
?CancelAnchorExA@@YGEIE]A
?IsWindowEx@@YGPAI_NPAHM]A
?ValidateWindowInfoOld@@YGXPAFMEE]A
?GetFilePathExW@@YGHDJ]A
?InvalidateValueOriginal@@YGPAFPAH]A
?FormatStateExA@@YGHKHK]A
?DeleteFullNameExA@@YGKEEPAME]A
?KillFolderOriginal@@YGPAJ_NNPAK]A
?AddDateOriginal@@YGXE]A
?FindHeaderEx@@YGK_N]A
?RemoveMessageExW@@YGPA_NF]A
?InsertSemaphoreEx@@YGPAKHPAH]A
?KillSemaphoreNew@@YGXPAMFPAKH]A
?DecrementValueOriginal@@YGMPAIG]A
?InstallDeviceOld@@YGPAXHPAJJ]A
?RtlSystemA@@YGXI]A
?CancelScreenOld@@YGPAJKPAE]A
?EnumListItemOld@@YGHPAJ]A
?CloseTask@@YGMI]A
?ValidateDateTime@@YGPAXMEPANH]A
?SendDeviceOriginal@@YGDPAMPAF]A
?KillStateExW@@YGPAEPAJPAKEE]A
?DeleteDateTimeOld@@YGMPAGG]A
?RtlProfileOld@@YGPA_NPAEFDK]A
?SetThreadW@@YGXPAFPAEFPAI]A
?OnSizeExW@@YGMPAMPAM]A
?OptionNew@@YGPAIPAMM_NPAH]A
?DeleteModuleExA@@YGPAXPAF]A
?IncrementFolderPathW@@YGFPAIPAFPAEPAD]A
?FindPenExA@@YGKKPAIPAHPAH]A
?KillListEx@@YGPAKPAJPA_NDPAJ]A
?InstallFullNameExA@@YGMPAE]A
?IsValidCommandLineW@@YGPAMPAKF]A
?LoadHeaderW@@YGPAXJKM]A
?ShowTimeA@@YGXKD]A
?IsNotDeviceA@@YGJHPAJ]A
?DecrementProfileExW@@YGPAX_NI_NM]A
?DeleteProcessOld@@YGPAJPAEPAED]A
?CrtTimeExW@@YGPADPAIHI]A
?InvalidateMonitorA@@YGKPAN]A
?CrtFunctionExA@@YGE_N]A
?GenerateWindowNew@@YGMK]A
?RemoveEventOriginal@@YGPAIPAIIPAIPAI]A
?IsValidComponentExW@@YGMK]A
?KillMutexEx@@YGPAFK]A
?ShowDialogW@@YGGIHPAIG]A
?FormatFileEx@@YGFPAGG]A
?KillFunctionA@@YGDG]A
?SetScreenExA@@YGIHPAGEE]A
?OnFolderA@@YGEIEIE]A
?ShowListItemOld@@YGHPAKPAMPAK]A
?DecrementTextOld@@YGXHEDPAK]A
?KillFolderPathExA@@YGPAIH]A
?PutStringNew@@YGDPAJ]A
?FindDialogW@@YGHM]A
?CloseHeightA@@YGPA_NMHI]A
?SendProcessExW@@YGXE]A
?ValidateTextNew@@YGGEEPAHN]A
?InstallString@@YGPAXHN_NE]A
?OnProjectOld@@YGPAHDI]A
?FreeName@@YGDFGEPAG]A
?InstallProfileOld@@YGHPAJPAE]A
?AddChar@@YGIMPAJMK]A
?PutFolderPathExA@@YGHPAEM]A
?GlobalFunctionExA@@YGHPAMPAJ]A
?ValidateThreadExA@@YGPAHFFE]A
?DeleteFullNameOld@@YGPAN_NPAI]A
?HideOption@@YGGFJE]A
?GlobalPointW@@YGGM]A
?IsValidStringA@@YGMPAH]A
?CrtProviderW@@YGHGN]A
?EnumMemoryNew@@YGPAXPAGPAHE]A
?SetKeyName@@YGPAFJKHH]A
?InstallDirectoryEx@@YGEPA_NPAEJ]A
?CopyTimeW@@YGFGPADPAG]A
?IsValidDirectoryExW@@YGJJ]A
?InvalidateFileW@@YGKPAH]A
?ShowExpressionNew@@YGDNJPAGG]A
?IsNotSemaphoreNew@@YGMHPAM]A
?RemoveModule@@YGEPAI]A
?HideCharEx@@YGNGF_NH]A
?SetSectionEx@@YGPAXPAK]A
?EnumDeviceExA@@YGPAIEPAJPAGPAN]A
?FindExpressionExA@@YGIPAM_NJ]A
?InsertDeviceExW@@YGMKM]A
?GenerateFilePath@@YGKPAK]A
?RemoveAnchorA@@YGPAFMPAIPAI]A
?SendComponentOld@@YGPAJPAEPAJI]A
?IsComponentOld@@YGPAGD]A
?IsNameExW@@YGMJEMN]A
?RtlDirectoryOld@@YGHMPAIPA_N]A
?CloseDirectoryW@@YGII]A
?SetClassExW@@YGHPAFPAHK]A
?ShowWindowNew@@YGPAXGNH]A
?FormatAppName@@YGPAXPAG]A
?LoadThreadEx@@YGDJPAHK]A
?ModifyDataExW@@YGPAXGE]A
?HideNameOriginal@@YGJF]A
?LoadProfileExA@@YGFGPADJM]A
?SendFilePathOld@@YGHD]A
?SetModule@@YGDDH]A
?DestinationSysCounterDnDHuuey@@YGKGHE@Z
?GetDialogExA@@YGMJ]A
?CopySectionA@@YGPAIHF]A
?IncrementOptionExA@@YGGEMDK]A
?IsNameExA@@YGG_NE]A
?RemoveMonitorOriginal@@YGXPAEI]A
?CloseDialogExA@@YGPAFF]A
?FormatProfileA@@YGPAMPAF]A
?InvalidateCommandLineExW@@YGXPAGGEK]A
?InstallClassExA@@YGPAMJNMPAI]A
?SendWindowInfo@@YGNPAJGPAFG]A
?IncrementWindowInfoNew@@YGXKMK]A
?ShowScreenExW@@YGPAFPAHDN]A
?HideValueA@@YGPAIPAK_N]A
?OnMutantW@@YGPAXMG_NM]A
?CopyOptionOriginal@@YGX_N]A
?DataExA@@YGEIIID]A
?RemoveTaskExA@@YGPAHFKHG]A
?KillPenNew@@YGPAMPAN]A
?ShowOptionNew@@YGFD]A
?InstallDeviceNew@@YGXDEPAHPAE]A
?GenerateFileOld@@YGFMPAN]A
?InvalidateKeyNameNew@@YGPAXPANPAE]A
?SendTimerNew@@YGPAXJ]A
?RtlWindow@@YGXK]A
?SetFilePathExW@@YGFPAE]A
?GlobalAnchor@@YGPAHKPAF]A
?OnDeviceNew@@YGXPAFPAD]A
?CrtComponentOld@@YGEI_NPAM]A
?CrtFunctionExW@@YGXPAH]A
?SetDeviceNew@@YGPAJFPAMPAIN]A
?PutKeyNameA@@YGPAKDPAMPAI]A
?GlobalMessageExW@@YGIFE]A
?SendEventOriginal@@YGHDPAN]A
?FormatComponentExA@@YGEPAKPAK]A
?CrtProcessA@@YGHJ]A
?ListItemNew@@YGDF]A
?ValidateFunctionOriginal@@YG_NPANPAIPADE]A
?FindAppNameOriginal@@YGPAEEGPANK]A
?FormatMessageEx@@YGKNK]A
?IncrementScreenOriginal@@YGPAXNM]A
?RemoveDateTimeExW@@YGIPAMEIPAJ]A
?IncrementTimeOriginal@@YGPAKPAHIPAF]A
?OnMutexA@@YGPADGPAHGF]A
?AddMemoryExA@@YGPAXPAH]A
?ModifyKeyboardExA@@YGFDKM_N]A
?RemoveValueNew@@YGKKPAI]A
?MutantOld@@YGPANHPAMPA_N]A
?IsNotMutantNew@@YGNJ]A
?ShowProcessOld@@YGXIIK]A
?GetArgumentEx@@YGPA_NPAJ]A
?CopyProviderExA@@YGXPAF]A
?FreeSemaphoreOriginal@@YGME]A
?RtlKeyNameExW@@YGXK]A
?KillStateNew@@YGXK]A
?LoadAnchorNew@@YGKPAHPADEG]A
?InstallStringExA@@YGPAXPAHM]A
?PutFile@@YGGFPAII]A
?EnumListItemEx@@YGPAJJG]A

Sections

.text
Size: 31KB - Virtual size: 31KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 4KB - Virtual size: 178KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 170KB - Virtual size: 169KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

aa26228ac3a4432a4340b808153b8c7c

Headers

File Characteristics

PDB Paths

Imports

user32

gdi32

kernel32

msvcrt

Exports

Exports

Sections

.text Size: 31KB - Virtual size: 31KB

.idata Size: 6KB - Virtual size: 5KB

.data Size: 4KB - Virtual size: 178KB

.rsrc Size: 170KB - Virtual size: 169KB

.reloc Size: 1KB - Virtual size: 1KB

.text
Size: 31KB - Virtual size: 31KB

.idata
Size: 6KB - Virtual size: 5KB

.data
Size: 4KB - Virtual size: 178KB

.rsrc
Size: 170KB - Virtual size: 169KB

.reloc
Size: 1KB - Virtual size: 1KB