b1098565d1518f78762216c4f2a6e0f2_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

b1098565d1518f78762216c4f2a6e0f2_JaffaCakes118
Size

143KB
MD5

b1098565d1518f78762216c4f2a6e0f2
SHA1

8229d388308e3577d36698bc1c21fc2838686913
SHA256

2e2813cb11791eb56603032bb00370b5a6f91a6590f5656f6f3831d7275a7196
SHA512

9a37030e63b6a1b4faa5988b06b57feb08a96c2d85cf3e711f733ee14f2b1b54a73273ebe9a138b758d7c9ae747e6bd86ddca04fec57a2cc74888af54e88b00e
SSDEEP

3072:/XpfsC18qTt5bsrcntQki1k7Wp1KJl1oLItgDFu5uZ:eCimXxT8S31Oagv

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b1098565d1518f78762216c4f2a6e0f2_JaffaCakes118

Files

b1098565d1518f78762216c4f2a6e0f2_JaffaCakes118
.exe windows:5 windows x86 arch:x86

7f820f7add09b235092aee9b2263eb33

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

V:\zxqxYnyib\mMVluMYQgefiVs\anfnbExV.pdb

Imports

comctl32

InitCommonControlsEx
ImageList_Draw
ImageList_Destroy
ImageList_LoadImageW
ImageList_Create

kernel32

SearchPathW
HeapAlloc
TransactNamedPipe
IsDBCSLeadByte
IsValidLanguageGroup
GetModuleHandleW
lstrcatA
SetLocalTime
GetExitCodeThread
IsBadReadPtr
GetFullPathNameW
CompareFileTime
SystemTimeToFileTime
SetCommMask
ConnectNamedPipe
UnhandledExceptionFilter
CancelIo
CreateSemaphoreA
GetOEMCP

user32

GetWindowPlacement
TranslateAcceleratorW
IsChild
ChangeMenuW
OemToCharA
EnumChildWindows
GetClientRect
DragObject
UnionRect
DefWindowProcA
GetUserObjectInformationW
GetKeyState
GetMenuItemCount
GetNextDlgGroupItem
DrawFrameControl
ShowScrollBar
SetWindowTextA
SetClassLongW
SetRect
FillRect
ClipCursor
FindWindowW
GetClassInfoW
ScrollWindowEx
GrayStringW
LoadAcceleratorsW
GetMenuItemRect
DialogBoxIndirectParamA
SystemParametersInfoW
MessageBoxExA
ShowWindowAsync
CopyRect
SetRectEmpty
CallWindowProcA
CheckDlgButton
AdjustWindowRectEx
DefDlgProcA
IsWindow
SendMessageTimeoutW
CheckMenuRadioItem
MapDialogRect
wvsprintfA
GetShellWindow
CharPrevA
ChildWindowFromPointEx
SetActiveWindow

msvcrt

_controlfp
tolower
__set_app_type
rand
strncmp
wcstombs
__p__fmode
mbstowcs
__p__commode
strtol
time
fgets
_amsg_exit
memset
system
ftell
ungetc
_initterm
_acmdln
exit
_ismbblead
swprintf
_XcptFilter
_exit
_cexit
iswctype
__setusermatherr
__getmainargs

shlwapi

PathRemoveExtensionA
PathRelativePathToA

comdlg32

GetFileTitleW
ReplaceTextW
PageSetupDlgW

gdi32

LineTo
TextOutW
SetWindowExtEx
CreateHatchBrush
CreateHalftonePalette
PtVisible
SetStretchBltMode
CreateSolidBrush
SetBitmapBits
TranslateCharsetInfo
OffsetViewportOrgEx
SetAbortProc
PathToRegion
IntersectClipRect
CreatePenIndirect
GetDeviceCaps
SetTextColor

Exports

Exports

?CrtTaskOriginal@@YGPAXM*Z
?IncrementClassA@@YGDJPAMPAKPAE*Z
?PutClass@@YGFPAIIPAF*Z
?CallObjectA@@YGXPAKPAJPAJ*Z
?FolderPathEx@@YGJJPAMF*Z
?InstallAnchorOld@@YGPAHDK*Z
?FindCharA@@YGEF*Z
?ModifyDialogOriginal@@YGPA_NPAF*Z
?CrtObjectOriginal@@YGPAMIEPAG*Z

Sections

.text
Size: 112KB - Virtual size: 112KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.dir_e
Size: 512B - Virtual size: 429B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 92KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.port_i
Size: 512B - Virtual size: 508B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.dbug
Size: 512B - Virtual size: 28B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.dir_i
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.dir_v
Size: 512B - Virtual size: 140B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.dir_pt
Size: 512B - Virtual size: 140B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.dir_st
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

7f820f7add09b235092aee9b2263eb33

Headers

File Characteristics

PDB Paths

Imports

comctl32

kernel32

user32

msvcrt

shlwapi

comdlg32

gdi32

Exports

Exports

Sections

.text Size: 112KB - Virtual size: 112KB

.dir_e Size: 512B - Virtual size: 429B

.data Size: 2KB - Virtual size: 92KB

.port_i Size: 512B - Virtual size: 508B

.dbug Size: 512B - Virtual size: 28B

.dir_i Size: 3KB - Virtual size: 2KB

.dir_v Size: 512B - Virtual size: 140B

.dir_pt Size: 512B - Virtual size: 140B

.dir_st Size: 13KB - Virtual size: 13KB

.rsrc Size: 6KB - Virtual size: 5KB

.reloc Size: 2KB - Virtual size: 1KB

.text
Size: 112KB - Virtual size: 112KB

.dir_e
Size: 512B - Virtual size: 429B

.data
Size: 2KB - Virtual size: 92KB

.port_i
Size: 512B - Virtual size: 508B

.dbug
Size: 512B - Virtual size: 28B

.dir_i
Size: 3KB - Virtual size: 2KB

.dir_v
Size: 512B - Virtual size: 140B

.dir_pt
Size: 512B - Virtual size: 140B

.dir_st
Size: 13KB - Virtual size: 13KB

.rsrc
Size: 6KB - Virtual size: 5KB

.reloc
Size: 2KB - Virtual size: 1KB