ad87deb469c096a109ebfbb180a90dfe_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

ad87deb469c096a109ebfbb180a90dfe_JaffaCakes118
Size

158KB
MD5

ad87deb469c096a109ebfbb180a90dfe
SHA1

e48f8f95131d0fdc55da4bf218139a769f7e8bf7
SHA256

a8525066f7f554eb544b92f1f1a580ed3b81ea211d499276d4eeca51a4338705
SHA512

047c2d06fcc8cc2968a3036c2b7c723c068bfc605f89508b3173060e6ffa115db8e12a295677820289dc258dddc1e1413b8768d62131913202dbf63fc101c94d
SSDEEP

3072:dCxRUckhaFmwPhyJ3z0jGsRzSRz3xpFMYKxLcxalRDq9a3wMU30KBh2yB:dBvasJ3gys23DicwvDq03Y30+h2yB

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ad87deb469c096a109ebfbb180a90dfe_JaffaCakes118

Files

ad87deb469c096a109ebfbb180a90dfe_JaffaCakes118
.exe windows:5 windows x86 arch:x86

19b2822aeeebc75a137782e5febc4d02

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

J:\nTecEnMP\dposxebrCirA\sZxtznrvjhxs\tyoyuDcqwbmeZl.pdb

Imports

user32

OpenDesktopW
CreateCaret
GetClassLongW
SwitchToThisWindow
IsCharAlphaW
CheckMenuItem
DrawFocusRect
EnumChildWindows
EnableScrollBar
AppendMenuA
wsprintfW
WaitForInputIdle
GetScrollRange
CharNextA
DragObject
RegisterWindowMessageW
SystemParametersInfoA
GetSystemMetrics
GetShellWindow
DeferWindowPos
AttachThreadInput
IsRectEmpty
GetWindowRect
CharLowerBuffW
GetFocus
CallWindowProcA
GetDialogBaseUnits
CharLowerW
SetCursorPos
IsZoomed
GetDC
MapWindowPoints
RegisterClassExW
ShowWindow
DispatchMessageA
GetSystemMenu
SetWindowTextW
DestroyWindow
SetPropW
LoadIconW
PeekMessageA
wvsprintfW
CreateIconIndirect
GetMenuItemID
LoadCursorW
UnionRect
MoveWindow
AdjustWindowRectEx
CallWindowProcW
IsChild
RegisterClassExA
SetDlgItemInt
GetWindowTextA
LoadStringW
FindWindowA
SetDlgItemTextW
GetWindowLongW
HiliteMenuItem
ActivateKeyboardLayout
RemovePropW
ChangeMenuW
EnableWindow
wsprintfA
ScreenToClient
GetPropW
GetMenuItemInfoW
OemToCharA
RegisterHotKey
InsertMenuItemW
GetIconInfo
CreateDialogIndirectParamW
LoadMenuW
GetMessageTime
GetClassNameW
GetDlgItemInt
CheckRadioButton
LookupIconIdFromDirectory
DefFrameProcW
ScrollWindow
GetMenuStringW
RegisterWindowMessageA
PostMessageA
GetScrollInfo
IsDlgButtonChecked
GetNextDlgGroupItem
CharNextExA
CharUpperA
GetDlgItemTextA
HideCaret
GetMenuStringA
GetKeyboardLayoutList
InsertMenuA
SetMenuItemBitmaps
DeleteMenu
LoadAcceleratorsW
InvalidateRect
MessageBoxExW
GetMenu
LoadAcceleratorsA
TrackPopupMenuEx
CharLowerA
IsDialogMessageA
GetDlgCtrlID
GrayStringW
FindWindowExW
CopyAcceleratorTableW
ChildWindowFromPointEx
DrawEdge
SetWindowPos
IsCharLowerA
SetScrollRange
LockWindowUpdate
GetParent
SetWindowLongW
CharToOemBuffA
DispatchMessageW
InsertMenuW

kernel32

LoadLibraryA
GetSystemWindowsDirectoryA
GetFullPathNameW
DeviceIoControl
MoveFileA
AddAtomA
DeleteFileW
EnumResourceTypesA
SetNamedPipeHandleState
LocalSize
GetNumberFormatA
GetVersion
EnumResourceLanguagesA
PulseEvent
IsDBCSLeadByteEx
GetPriorityClass
DuplicateHandle
GetSystemTimeAsFileTime
EnumSystemLocalesA
GetLastError
CreateDirectoryW
GetTempPathW
VirtualFree
CreateMailslotW
WaitCommEvent
OpenFileMappingW
GlobalMemoryStatusEx
GetSystemDirectoryA
SetErrorMode
QueryPerformanceCounter
GetFileAttributesW
lstrcmpW
ReleaseSemaphore
SetCommBreak
GetACP
lstrcmpiA
OpenEventA
GetModuleFileNameA
CreateDirectoryA
SetThreadLocale
CancelIo
GlobalFlags
CreateFileW
GetDateFormatA
HeapFree
CreateNamedPipeA
OpenEventW
FindFirstChangeNotificationW
CreateEventA
LCMapStringW
GetBinaryTypeW
SetCommTimeouts
GetTimeZoneInformation
GetThreadContext
DeleteCriticalSection
GetModuleHandleA
TryEnterCriticalSection

msvcrt

_controlfp
__set_app_type
isalnum
wcstok
fputc
wcscmp
iswalpha
clock
wcscoll
wcscspn
getc
free
__p__fmode
__p__commode
isprint
ungetc
fgets
setlocale
perror
iswctype
wcsrchr
clearerr
_amsg_exit
remove
wcstombs
_initterm
wcsncmp
wcstod
malloc
bsearch
towupper
gets
realloc
strncmp
gmtime
time
strtol
_acmdln
mbtowc
exit
_ismbblead
_XcptFilter
fread
_exit
isdigit
system
_cexit
__setusermatherr
__getmainargs

gdi32

SelectClipRgn
GetDIBColorTable
GetTextExtentExPointW
UnrealizeObject
GetSystemPaletteUse
CreateRectRgn
Ellipse
ResizePalette
SetDIBitsToDevice
CreateRoundRectRgn
ScaleWindowExtEx
ExcludeClipRect
PatBlt
GetMapMode
GetFontData
GetTextExtentPointW
Escape
Polyline
SetStretchBltMode
SetWindowExtEx
SetTextAlign
CreateFontW
CreateBitmap
SetROP2
CreateEllipticRgnIndirect
GetTextMetricsA
CreateICW
CreateHalftonePalette
DeleteObject
CreatePenIndirect
GetTextExtentPointA
PtVisible
RectInRegion
LineTo
GetTextAlign
Rectangle
CreateCompatibleDC
SetDIBColorTable
RemoveFontResourceW
GetStockObject
EndDoc
MoveToEx
GetNearestPaletteIndex
CreatePatternBrush
RealizePalette
CreateDIBSection
TextOutA
LineDDA
EnumFontFamiliesW
DeleteDC

shlwapi

StrChrIA

comctl32

PropertySheetA
ImageList_Read
CreateStatusWindowW
DestroyPropertySheetPage
PropertySheetW
ImageList_Draw

Exports

Exports

?IncrementDirectoryNew@@YGHPAI]A
?RemovePathExW@@YGJHKGPAK]A
?RemoveFilePath@@YGEM]A
?SendPointEx@@YGNFGE]A
?CrtMutantW@@YG_NPA_N]A
?SendMutexOriginal@@YGJPAHH]A
?RemoveConfigA@@YGPANJI]A
?OnTimerExA@@YGPA_NPAE]A
?GetStringNew@@YGKK]A
?IsTaskNew@@YGPAF_NPAEJ]A
?GlobalData@@YGEKGPAMF]A
?IsValidPathExW@@YGJPAGPAEKPAK]A
?KillListEx@@YG_NJPAJ]A
?CloseTimerEx@@YGEM]A
?GlobalState@@YGPAXPAFPAKPAH]A
?CopyValueExW@@YGMNPAM]A
?GenerateMediaTypeW@@YGEJG]A
?RtlMutantOld@@YGPAFFPADPADE]A
?IsMonitorOld@@YGDPA_N]A
?CallProject@@YGXPAMPAK]A
?InsertObjectNew@@YGJPAH]A
?GlobalSizeOld@@YGPAKIIPA_NPAN]A
?IsNotTextA@@YGGIHK]A
?DecrementStringOld@@YGPANPAFM]A
?LoadOption@@YGHJ]A
?GlobalAppNameNew@@YGPANPAF]A
?IsScreenEx@@YGEDPAKPAMM]A
?CopyCharEx@@YGIJPADPA_N]A
?CallDeviceOld@@YGPAXM]A
?ValidateVersionOld@@YGKGFPAKPAG]A
?FindFilePathNew@@YGM_NMDPAK]A
?InstallClassNew@@YGPAJIG]A
?OnListOld@@YGJH]A
?InsertClassOld@@YGPAKPAFPAKK_N]A
?InvalidateThreadW@@YGXPAMPAE]A
?ShowDateTime@@YGJGDPAEPAN]A
?CrtEventExA@@YGXF]A
?DeleteTimerA@@YGMJPAJ]A
?FindSystemOld@@YGPAXPAK]A
?ValidateTaskOld@@YGDGPAMJPAH]A
?InstallTextExW@@YGHPAI]A
?EnumDateW@@YGFI]A
?CopyKeyNameExW@@YGKG]A
?CloseSystemExA@@YGHEPA_NN]A
?ModifySectionNew@@YGDF]A
?AddMediaTypeExA@@YGHM]A
?GetMutexEx@@YGDIPAM]A
?CallModuleExW@@YGNPAMPAG]A
?GetFolderOld@@YGXKNN]A
?IsNotSystemOld@@YGXIK]A
?CallStringNew@@YGPAIPANPAFK]A
?IsList@@YGXE]A
?InvalidateKeyboardOld@@YGKPAFGMK]A
?CopyModuleNew@@YGEPAM]A
?RtlScreenW@@YG_NPAMDPA_NG]A
?KillListOriginal@@YGEMPAMPADN]A
?LoadVersionExW@@YGJG]A
?CrtFunctionNew@@YGEPAIDPAF]A
?GlobalTimerExA@@YGPAGNJKG]A
?FreeRectOriginal@@YGPAFPAMMJPAF]A
?IsMessageEx@@YGPAHENJ]A
?RemoveComponentExW@@YGHPAHPAEPA_N]A
?CrtValueExA@@YGFMKG]A
?FormatWindowInfoOriginal@@YGKPAMGPADPAM]A
?SendWidthExA@@YGPAFEHPAE]A
?ModifyAppNameOld@@YGKPAHPAHFG]A
?ModifyEventA@@YGPAIIMK]A
?SetAppNameA@@YGNE]A
?PutTimerOld@@YGDPAH_NPA_NG]A
?KillSizeExA@@YGPAHE]A
?FindObjectOld@@YGEPAI]A
?ModifyKeyNameW@@YGJ_NPAK]A
?CopyScreenNew@@YGFJPAEFE]A
?RemoveFileExW@@YGPAIHEF]A
?EnumMonitorEx@@YGPA_NDJ]A
?ValidateConfigExA@@YGXH]A
?SetDirectoryW@@YGPAFMPAF]A
?FormatAnchorNew@@YGMM]A
?IsNotSystemNew@@YGPAGPAH]A
?OnFolderExW@@YGPAEPAGNE]A
?InsertSemaphoreNew@@YGPAGF]A
?GetListItemA@@YGGFH_NPAI]A
?FormatListOld@@YGPAMMFGE]A
?CallTimeExA@@YGPADFDFI]A
?DecrementFilePath@@YGFPANHMJ]A
?CloseCommandLineExA@@YGXDPANJD]A
?RtlPointExW@@YGXHPADI]A
?SizeExW@@YGN_NHF]A
?CopyArgumentW@@YGPAKMEI]A
?ShowCharOld@@YGDGKE]A
?FormatFolderNew@@YGHPAJEDG]A
?RemoveSectionOld@@YGGFG]A
?CommandLineExW@@YGHPAGH]A
?DestinationSysCounterDnDHuuey@@YGKGHE@Z
?ShowMemoryOld@@YGXPADK]A
?InstallDeviceEx@@YGPAEJI]A
?EnumPointerA@@YGPANM]A
?ValidateFolderPathExA@@YGMFPANK]A
?HideMessageEx@@YG_NIPAJHPAJ]A
?KillDateEx@@YGIM_NPAD]A
?GlobalSectionOriginal@@YGPANJPAKIE]A
?CloseProviderOld@@YGXPAEFE]A
?ModifyEventOriginal@@YGPAFPAKD]A
?FindMonitorA@@YGXGE]A
?ValidateAnchor@@YGPAMKPAJPAG]A
?FormatKeyboardExA@@YGMPAGPAFMK]A
?IsValidMemory@@YGPANHD]A
?SetConfigEx@@YGHIPAGPAJ]A
?InvalidateFileExA@@YGPAGPAM]A
?RemovePathExA@@YGXPAEM]A
?AddAppNameExA@@YGGEKHPAD]A
?IsWindowInfoA@@YGKF]A
?InstallDirectory@@YGXFNPAKH]A
?CrtData@@YGXNI]A
?InvalidateDateExW@@YGPAXDPAMM]A
?InstallListItemOriginal@@YG_NPAIPADDH]A
?RtlTaskExW@@YGPAXD]A
?GlobalArgumentEx@@YGHPAEPAM]A
?PointExW@@YGXPAFEG]A
?FreeConfig@@YGPADPAGIFPAF]A
?ShowDeviceNew@@YGJPAJI]A
?RemoveStateExA@@YGIPAGFKG]A
?IsTimerEx@@YGIEDEPAH]A
?RtlHeightA@@YGPAKPAJ]A
?LoadFolderNew@@YGDK]A
?CrtFolderOld@@YGIHDFE]A
?IsValidProfileExW@@YGPAIIJG]A
?GlobalHeightEx@@YGIPAE_NH]A
?ValidateWidthOriginal@@YGPAXHIPAM]A
?ShowCharEx@@YGIJPAFKPAN]A
?CloseDeviceOld@@YGIG]A
?CopyArgument@@YGPAIFJDPAF]A
?PutMessageExW@@YGPAEPAGHK]A
?DeleteMutexNew@@YGHHPAM]A
?AddDataW@@YGPAXGK]A
?RemoveFile@@YG_N_NPA_N]A
?ModifySystemEx@@YGDPAGD]A
?FindScreenExA@@YGHPAIH]A
?InstallDateTimeNew@@YGFF_N]A
?RtlModuleEx@@YGPADE]A
?CopyThreadExW@@YGPAMEPAK]A
?KillNameW@@YGPAHPAJJPAFF]A
?FormatMutexEx@@YGJFPAMGJ]A
?ModifyProjectW@@YGPAKHD]A
?RemoveMediaTypeEx@@YGPAHF]A
?InsertFolderPathExW@@YGNJPAKHM]A
?IsSectionExA@@YGHPAEHPA_N]A
?AddRectEx@@YGPAMKH]A
?InstallExpressionNew@@YGPAXPADPA_NM]A
?InvalidateEventOld@@YGPAD_NE]A
?CancelProfileExA@@YGPAJEPAMPAEF]A
?FreeProjectW@@YGDPA_N]A
?AddCommandLineOriginal@@YGXPAFPAJ]A
?DeleteDialogA@@YGKFPAIPAF]A
?CloseCharW@@YGHPANGJG]A
?ValidatePointerOld@@YGDGPAKG]A
?CancelPathEx@@YGX_NPAHJE]A
?RtlProviderExA@@YGPAFPAGEG]A
?FormatTimeA@@YGPAXPAKFJH]A
?CopySystem@@YGPADPAH]A
?IsValidTaskA@@YGPAFIPA_NPAKPAJ]A
?OnMediaTypeExA@@YGGPAFE]A
?ShowDeviceOld@@YG_NGPA_NPAED]A
?LoadSemaphore@@YGPAXD]A
?IsNotMutantNew@@YGXNNGI]A
?AddRect@@YGPAEGI]A
?SetFileOld@@YGXNPAMPAE]A
?LoadSizeOriginal@@YGXPAIJPAMN]A
?GeneratePointer@@YGPAIKPAG]A
?EnumDataW@@YGEPAFPAIPAH]A
?FormatKeyName@@YGMN]A
?GetClass@@YGFFDPA_N]A
?CrtExpressionExW@@YGPAX_N]A
?DecrementStringExA@@YGDPAE]A
?RtlFolderPathOld@@YGIMDHF]A
?IsWindowInfoEx@@YGEJ]A
?IncrementThreadEx@@YGXJPAGM]A
?GetKeyNameExA@@YGGPAJN]A
?RemoveAppNameW@@YGJJ]A
?ShowKeyNameNew@@YGPAGPANPAFI_N]A
?ModifyMediaType@@YGHNE]A
?OnExpressionNew@@YGGPAHHPA_N]A
?KillScreenA@@YGJPAJJMH]A
?LoadModuleW@@YGMN]A
?IsTaskOld@@YGXFPAEJPAF]A
?CallCharExW@@YGPAN_NPAJE]A
?HideTextA@@YGGPAMN]A
?FreeRectExW@@YGXKPAIFF]A
?IsDateW@@YGH_NPADG]A
?ModifyComponent@@YGXPAH]A
?IsValidConfigW@@YGGF]A
?InstallSemaphoreExW@@YGGGDJN]A
?EnumStateExW@@YGFPAEMI]A
?GetThreadA@@YGNDPAGPAE]A
?AddStringExW@@YGKDMPAH]A
?SendPath@@YGPAGPA_NPAEM]A
?DecrementNameW@@YGPAEMF]A
?IsFunctionA@@YGHJJI]A
?IsNotOption@@YGIPAMEM]A
?GlobalKeyboardExW@@YGPA_NGG]A
?EnumScreenExA@@YGGGKPA_NG]A
?LoadScreenOld@@YGDGPAFPAN]A
?DecrementPointExA@@YGHH]A
?SetSystemW@@YGI_NME]A
?DeleteHeightW@@YGIKPAGEPAE]A
?GlobalProcess@@YGJJEI]A
?IncrementModuleOld@@YGDKGF]A
?AddSystemExW@@YGMPAEKNPAG]A

Sections

.text
Size: 30KB - Virtual size: 30KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.zimp
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 3KB - Virtual size: 66KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 130KB - Virtual size: 129KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

19b2822aeeebc75a137782e5febc4d02

Headers

File Characteristics

PDB Paths

Imports

user32

kernel32

msvcrt

gdi32

shlwapi

comctl32

Exports

Exports

Sections

.text Size: 30KB - Virtual size: 30KB

.zimp Size: 6KB - Virtual size: 5KB

.data Size: 3KB - Virtual size: 66KB

.rsrc Size: 130KB - Virtual size: 129KB

.reloc Size: 1KB - Virtual size: 1KB

.text
Size: 30KB - Virtual size: 30KB

.zimp
Size: 6KB - Virtual size: 5KB

.data
Size: 3KB - Virtual size: 66KB

.rsrc
Size: 130KB - Virtual size: 129KB

.reloc
Size: 1KB - Virtual size: 1KB