ae47f61bb877dce9c2cfe1fa4d7856c0_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

ae47f61bb877dce9c2cfe1fa4d7856c0_JaffaCakes118
Size

295KB
MD5

ae47f61bb877dce9c2cfe1fa4d7856c0
SHA1

a5fd1b5cd57067cef388dd0bcb968fd41a7e7acb
SHA256

1faa5fa7b3a9b85f52d805dd5671af821a3c83734df1804249684fff1d9cbdf7
SHA512

18630a3ad80aec8efd76378d199e61b79e7006324f602fc0610d98c3154c7a8d1a613e0427b9bf0f48e3ec4311d846b7d4aa574b30048855fda074fbb032f1a9
SSDEEP

6144:g2D22AI5T+5kdxiuXZIN/Cmi47yMjNiM2cEnZY7zbek:xDEIQkauXZw/LW9M6Yz

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ae47f61bb877dce9c2cfe1fa4d7856c0_JaffaCakes118

Files

ae47f61bb877dce9c2cfe1fa4d7856c0_JaffaCakes118
.exe windows:5 windows x86 arch:x86

23ffb18fe5349fddee79c3bde05f64fe

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

Z:\BzpxZjn\BrvpyRaPNhxir\mZlpukgpcua\xiczpyywnmUtzj\bwdHqrapyfFC.pdb

Imports

user32

IsRectEmpty
IsWindowUnicode
CreateIconIndirect
EnableMenuItem
SetParent
CreateWindowExW
GetClassInfoExW
GetClientRect
ReleaseDC
CreateWindowExA
AppendMenuA
CreateDialogParamA
SendMessageTimeoutA
RegisterClassW
DragObject
SetScrollInfo
SetTimer
ShowOwnedPopups
GetNextDlgTabItem
PostMessageA
EnableWindow
OffsetRect
SwapMouseButton
IsCharLowerA
CharToOemW
AttachThreadInput
CopyRect
GetSubMenu
GetClassLongA
wvsprintfW
CheckMenuItem
GetWindowTextW
GetUpdateRect
HideCaret
GetMenuStringW
SetPropW
GetDlgItemTextW
InvalidateRect
GetWindowLongW
SendNotifyMessageW
HiliteMenuItem
CharLowerW
GetKeyboardLayout
CharUpperA
GetSysColor
ClipCursor
SetScrollPos
GetClassInfoExA
CharNextExA
IsWindowVisible
DestroyIcon
OpenIcon
DestroyCaret
GetDlgItemInt
GetMessagePos
CreateDialogIndirectParamW
IsDialogMessageA
CreateIconFromResource
SetWindowTextW
GetScrollPos
UpdateWindow
wsprintfW
GetClassLongW
ChildWindowFromPoint
LoadMenuW
CharToOemA
GetDlgItemTextA
SetCursorPos
LoadIconW
PostThreadMessageA
ScrollWindow
MapDialogRect
GetMenu
DefFrameProcA
EndTask
TranslateAcceleratorA
CharUpperBuffW
CheckRadioButton
AppendMenuW
MonitorFromPoint
DeferWindowPos
AllowSetForegroundWindow
InsertMenuA
LoadStringW
ShowCursor
GetKeyboardLayoutList
IsChild
SetCaretPos
SwitchToThisWindow
DestroyMenu
MessageBoxExW
CharNextW
LoadAcceleratorsA
DrawFocusRect
TranslateMessage
GetClipCursor
ChildWindowFromPointEx
MessageBoxW
CharNextA
IsCharUpperA
MapWindowPoints
WaitMessage
DefWindowProcW
PostThreadMessageW
GetMessageExtraInfo
CallWindowProcW
IsCharAlphaNumericW
SetRect
GetUserObjectInformationW
VkKeyScanW
RedrawWindow

msvcrt

strchr
_controlfp
wcscpy
__set_app_type
__p__fmode
__p__commode
toupper
clearerr
_amsg_exit
_initterm
qsort
wcstombs
isalpha
swscanf
realloc
_acmdln
atoi
mktime
ftell
exit
iswspace
strncmp
wcsncpy
clock
_ismbblead
wcsrchr
time
calloc
_XcptFilter
fprintf
isdigit
strcspn
fread
strtok
_exit
_cexit
rand
putchar
wcslen
__setusermatherr
__getmainargs
isalnum
printf
wcscspn
wcschr

kernel32

HeapLock
lstrcmpiW
SearchPathA
UnlockFile
GetBinaryTypeA
GetModuleFileNameA
SetSystemTime
CancelIo
GlobalFlags
GetDateFormatW
GetDateFormatA
GlobalAddAtomA
lstrcmpW
FlushViewOfFile
GetSystemDirectoryA
DuplicateHandle
DeleteCriticalSection
FindNextFileA
SetTimerQueueTimer
SearchPathW
IsValidLanguageGroup
UnhandledExceptionFilter
LockFile
HeapUnlock
GetFileAttributesA
GetSystemWindowsDirectoryA
SetSystemTimeAdjustment
SetLastError
GetLocaleInfoA
SetCommMask
lstrlenW
EnumResourceNamesA
LoadLibraryExA
VirtualQuery
TerminateThread
VirtualProtect
SuspendThread
GetCommTimeouts
lstrcmpA
GetLastError
FindCloseChangeNotification
GetThreadContext
GlobalSize
CreatePipe
EnterCriticalSection
SleepEx
GetUserDefaultUILanguage
OpenSemaphoreW
CopyFileW
GetComputerNameExW

gdi32

OffsetViewportOrgEx
ScaleViewportExtEx
SelectClipRgn
DPtoLP
RealizePalette
CreateCompatibleDC
GetStockObject
RestoreDC
GetLayout
AddFontResourceW
PtInRegion
SetBkMode
SetBitmapDimensionEx
SetViewportExtEx
SetAbortProc
CreateFontIndirectW
GetDIBColorTable
GetTextExtentPoint32W
SetTextAlign
GetROP2
GetTextExtentPointW
GetClipBox
GetSystemPaletteEntries
UnrealizeObject
DeleteObject
GetTextAlign
RectVisible
SaveDC
GetPaletteEntries
CreateBrushIndirect
CreateCompatibleBitmap
ExcludeClipRect
CreateRectRgnIndirect
GetNearestPaletteIndex
PatBlt
CreateBitmap
GetDIBits
IntersectClipRect
ExtTextOutW
GetCurrentObject
GetSystemPaletteUse
SetRectRgn
SetWindowExtEx
CreateFontW
SetLayout
GetTextExtentPoint32A
Escape

Exports

Exports

?ShowMutexExW@@YGXEKDE@Z
?KillProviderExA@@YGFKGG@Z
?DeleteNameEx@@YGHH@Z
?GetStringOld@@YGPAKPAEF_NK@Z
?InstallFolderPathOriginal@@YGJIPANPAD@Z
?DeleteTimeNew@@YGPAEFPAEH@Z
?ValidateWidthW@@YGPAF_N@Z
?RemoveMutexOld@@YGPAFMFH@Z
?IsFolderOriginal@@YGXMPAFPAJPAJ@Z
?ShowSize@@YGPAGPAIN@Z
?LoadWindowInfoA@@YG_NPAIPAFPA_N@Z
?InvalidateMutex@@YGPAJPAMKPAI@Z
?AddAnchorOriginal@@YGPADDJ@Z
?ValidateMutex@@YGINPAG@Z
?ShowCommandLineOld@@YGIJ@Z
?WidthOriginal@@YGPAXDPAH@Z
?RemoveSectionNew@@YGJIFM@Z
?InvalidateArgumentNew@@YGPAXPAE@Z
?ModifyFullNameOld@@YGXE@Z
?InstallComponentA@@YGPAHJE@Z
?ModifyProjectExW@@YGHPAFMPAHN@Z
?IsProviderOld@@YG_N_NHND@Z
?SendMutexA@@YGPAKN@Z
?KillProjectExA@@YGEGH@Z
?ModifyKeyNameExA@@YGKPAMDJ@Z
?ModifyHeaderExA@@YGPAKHPAHPA_N@Z
?ShowFunctionNew@@YGGD_NPAM@Z
?InstallListOld@@YGPAEK@Z
?CallFullNameEx@@YGPAKHNIN@Z
?LoadArgumentNew@@YGPAIDPAG@Z
?EnumStateOriginal@@YGPAJGJPAH@Z
?DecrementObjectEx@@YGXI@Z
?CloseKeyNameOld@@YGMI@Z
?GlobalTaskExA@@YGMHPAMEJ@Z
?OnTimerEx@@YGDPAIE@Z
?PutProfile@@YGXPAM@Z
?ValidatePathEx@@YGGH@Z
?EnumComponent@@YGKM@Z

Sections

.text
Size: 57KB - Virtual size: 57KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.dt_i
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.dt_e
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 80KB - Virtual size: 80KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 132KB - Virtual size: 132KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

23ffb18fe5349fddee79c3bde05f64fe

Headers

File Characteristics

PDB Paths

Imports

user32

msvcrt

kernel32

gdi32

Exports

Exports

Sections

.text Size: 57KB - Virtual size: 57KB

.dt_i Size: 6KB - Virtual size: 6KB

.dt_e Size: 1KB - Virtual size: 1KB

.data Size: 13KB - Virtual size: 13KB

.rdata Size: 80KB - Virtual size: 80KB

.rsrc Size: 132KB - Virtual size: 132KB

.reloc Size: 2KB - Virtual size: 1KB

.text
Size: 57KB - Virtual size: 57KB

.dt_i
Size: 6KB - Virtual size: 6KB

.dt_e
Size: 1KB - Virtual size: 1KB

.data
Size: 13KB - Virtual size: 13KB

.rdata
Size: 80KB - Virtual size: 80KB

.rsrc
Size: 132KB - Virtual size: 132KB

.reloc
Size: 2KB - Virtual size: 1KB