b0c090c104bedf8d408d30a5716236e8_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

b0c090c104bedf8d408d30a5716236e8_JaffaCakes118
Size

213KB
MD5

b0c090c104bedf8d408d30a5716236e8
SHA1

2a6a284179531de66f25b21b45aad874831732c8
SHA256

20aa686f120d1f50d2446d440679f98eed966a9e4790ebd1e2e9963115b22a81
SHA512

c255b8700a56ab797a2fe352efde804051dd6c19838c98c18021c8f9f547a3204c9780d94c07c7630778045e6cd7968bd89a89a20902cbcc4fa0426f48d7074d
SSDEEP

6144:0o2WaQkomzlE5DhFvFTxt1tEa+lCNFrIx:2Y5VtF9OV0g

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b0c090c104bedf8d408d30a5716236e8_JaffaCakes118

Files

b0c090c104bedf8d408d30a5716236e8_JaffaCakes118
.exe windows:5 windows x86 arch:x86

24467bceaba8eda86901ff4e6a6c6f58

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

M:\jgwqtlyPlKy\pejseufBj\vLqcBtbDjwiasC.pdb

Imports

comctl32

ImageList_GetImageCount
CreatePropertySheetPageA
CreatePropertySheetPageW
ImageList_Remove
CreateToolbarEx
DestroyPropertySheetPage

msvcrt

mktime
_controlfp
clock
fclose
fgets
wcsstr
swscanf
wcscpy
__set_app_type
strcpy
strncmp
__p__fmode
fgetc
__p__commode
atol
_amsg_exit
_initterm
swprintf
iswalpha
bsearch
remove
wcscoll
atoi
_ismbblead
vswprintf
isspace
fprintf
strncpy
iswxdigit
_XcptFilter
wcstombs
strtoul
strstr
fseek
iswdigit
strerror
realloc
time
_exit
_cexit
__setusermatherr
__getmainargs
wcstol
getc
exit
fflush
qsort

user32

CloseDesktop
InsertMenuW
IsMenu
GetMenuItemID
PostThreadMessageW
CreateWindowExA
PostThreadMessageA
GetMenuItemCount
GetClientRect
GetDlgItemTextA
IsDialogMessageA
DrawTextW
SetActiveWindow
DestroyCursor
RegisterClassW
GetWindowTextLengthW
IsDialogMessageW
UnloadKeyboardLayout
GetDlgCtrlID
EnumThreadWindows
InflateRect
GetKeyNameTextW
GetTopWindow
SetScrollPos
EnableScrollBar
MessageBoxExW
GetNextDlgGroupItem
PostMessageA
InsertMenuItemW
IsCharAlphaNumericW
DragObject
KillTimer
wvsprintfA
GetKeyboardLayoutList
GetDoubleClickTime
CreateCaret
IsChild
ArrangeIconicWindows
SetPropW
CharToOemW
LoadAcceleratorsA
GetParent
DrawMenuBar
GetWindowPlacement
GetSysColorBrush
CreateIconFromResource
AdjustWindowRect
DrawIcon
GetCursorPos
InvertRect
OpenDesktopW
SetMenuDefaultItem
GetUserObjectInformationW
CreateWindowExW
GetIconInfo
GetMessageTime
MoveWindow
GetClassLongW
SwitchToThisWindow
MessageBoxA
GetCaretPos
MapWindowPoints
ClipCursor
RegisterClassExA
InsertMenuA
LoadBitmapW
GetDlgItemTextW
CharUpperBuffA
SetRectEmpty
CreateIconIndirect
SendMessageW
ScreenToClient
GetLastActivePopup
CharPrevW
SendDlgItemMessageA
CharLowerW
ToUnicodeEx
LoadAcceleratorsW
SendMessageTimeoutW
DispatchMessageW
CascadeWindows
IsRectEmpty
DrawIconEx
InSendMessageEx
EndPaint
InvalidateRgn
LockWindowUpdate
IsWindowUnicode
GetAsyncKeyState
keybd_event
CharLowerBuffW
IsCharAlphaA
DispatchMessageA
CharUpperBuffW
ModifyMenuW
GetFocus
AttachThreadInput
CharUpperW
GetKeyboardLayoutNameW
SendDlgItemMessageW
MonitorFromRect
SetSysColors
GetSystemMenu
FindWindowA
SendNotifyMessageW
BeginPaint
CopyImage
ChildWindowFromPointEx
DefFrameProcW
SetDlgItemTextW
DrawTextExW
SetMenu
MapVirtualKeyExW
OffsetRect
EndDialog
SendInput
SetMenuItemInfoW
RegisterWindowMessageW

kernel32

FindFirstFileA
SetFileAttributesA
DisconnectNamedPipe
lstrcpynA
GlobalFlags
OpenSemaphoreW
DeviceIoControl
lstrlenA
SetThreadPriority
GetStdHandle
SetCurrentDirectoryW
GetThreadContext
FreeResource
GetTempPathW
CreateFileMappingA
EnumResourceNamesW
GetOverlappedResult
WaitForSingleObject
QueryDosDeviceW
CancelWaitableTimer
GetProcAddress
GetCommState
SetCommBreak
LoadLibraryA
HeapWalk
SuspendThread
ClearCommError
CreateWaitableTimerA
GlobalFree
FindFirstFileW
FindResourceExA
GetThreadPriority
GetCurrentThreadId
CreateDirectoryA
SetThreadAffinityMask
MapViewOfFile
RegisterWaitForSingleObject
LoadResource
VirtualProtect
CancelIo
GlobalHandle
GetNumberFormatA
IsValidLanguageGroup
GetFileType
GetPriorityClass
SetEvent
GetCommConfig
lstrcmpiA
GetStartupInfoA
GetOEMCP
AddAtomW
HeapCreate
VirtualAlloc
GetExitCodeThread
lstrcmpA

Exports

Exports

?DialogReactivateIns@@YGK_KHE[D

Sections

.text
Size: 20KB - Virtual size: 19KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.idata
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 96B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 200KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 181KB - Virtual size: 180KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

24467bceaba8eda86901ff4e6a6c6f58

Headers

File Characteristics

PDB Paths

Imports

comctl32

msvcrt

user32

kernel32

Exports

Exports

Sections

.text Size: 20KB - Virtual size: 19KB

.idata Size: 6KB - Virtual size: 5KB

.edata Size: 512B - Virtual size: 96B

.data Size: 3KB - Virtual size: 200KB

.rsrc Size: 181KB - Virtual size: 180KB

.reloc Size: 1KB - Virtual size: 1KB

.text
Size: 20KB - Virtual size: 19KB

.idata
Size: 6KB - Virtual size: 5KB

.edata
Size: 512B - Virtual size: 96B

.data
Size: 3KB - Virtual size: 200KB

.rsrc
Size: 181KB - Virtual size: 180KB

.reloc
Size: 1KB - Virtual size: 1KB