b57157a9a8edd483520761b4eb690729_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

b57157a9a8edd483520761b4eb690729_JaffaCakes118
Size

536KB
MD5

b57157a9a8edd483520761b4eb690729
SHA1

ce377ed59135da741aec72182e79cec456b8d7a1
SHA256

0834370275500117efa35a0dd2a2e15b53a05b1ff532b1a203cc0d0193cc459f
SHA512

e95f98d099dccc5da96dc466d95df1d7273ee7c16bfc4380ae8b0d35d60c7ebc3e52adaa121ffa27d28e82f20afb0ceedd2f610e5c3742f93f6e1cdd4a4d6287
SSDEEP

12288:5b/KK5TXcYR2wAf+vRQpqjak8e6W559voEshSmVqpB5Hl:tLtGf4RQEjak8eZ98QjpZ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b57157a9a8edd483520761b4eb690729_JaffaCakes118

Files

b57157a9a8edd483520761b4eb690729_JaffaCakes118
.exe windows:5 windows x86 arch:x86

0b26ce798a5f14b41f5828b9c5678857

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

S:\bDwrTnpjJc\vdofyxuMGawntp\yempcncGo\dresYGq\Fmeatwh.pdb

Imports

msvcrt

fputs
ungetc
wcscmp
ftell
perror
islower
_controlfp
wcstoul
__set_app_type
__p__fmode
strtol
__p__commode
vswprintf
_amsg_exit
wcsstr
malloc
realloc
clearerr
wcscspn
fseek
_initterm
strspn
puts
isprint
qsort
_ismbblead
mbtowc
fputc
rand
setlocale
wcspbrk
towupper
fclose
_XcptFilter
memset
bsearch
wcscat
strrchr
_exit
strchr
_cexit
__setusermatherr
fgetc
strerror
mktime
putchar
isspace
wcstombs
__getmainargs
free

user32

RegisterWindowMessageW
GetFocus
CharUpperA
MoveWindow
TrackPopupMenu
EndDialog
DrawIconEx
ScreenToClient
CharPrevW
CreateCursor
EnableScrollBar
ShowScrollBar
MapVirtualKeyA
CharNextExA
DispatchMessageA
CharLowerBuffW
InternalGetWindowText
InvalidateRgn
CallWindowProcA
DrawStateA
CreateDialogParamA
ValidateRect
SetDlgItemTextA
CharUpperBuffA
DrawMenuBar
LoadBitmapA
GrayStringW
GetMenuItemID
GetWindowTextW
RegisterWindowMessageA
SetWindowRgn
ToUnicodeEx
GetKeyboardLayout
GetDC
ActivateKeyboardLayout
PostThreadMessageA
GetDlgItemTextA
DefWindowProcW
IsDlgButtonChecked
SetFocus
GetCursorPos
MessageBoxW
EqualRect
CreateAcceleratorTableW
DispatchMessageW
InflateRect
ModifyMenuW
CheckRadioButton
ClipCursor
CheckMenuRadioItem
GetDoubleClickTime
OemToCharBuffA
DrawTextExW
DefFrameProcW
DefDlgProcW
SetDlgItemInt
GetWindow
IsRectEmpty
BeginDeferWindowPos
wsprintfA
OemToCharA
IntersectRect
MapVirtualKeyExW
LoadBitmapW
GetSubMenu
CharUpperBuffW
IsMenu
GetUserObjectInformationA
SetRect
GetMessageW
EnumChildWindows
PostMessageW
RemovePropW
SetUserObjectInformationW
ShowCaret
SetMenuDefaultItem
IsWindowUnicode
ScrollWindowEx
WaitForInputIdle
ShowOwnedPopups
DialogBoxParamA
GetPropW
IsCharLowerA
GetWindowLongW
DialogBoxParamW
AttachThreadInput
GetWindowPlacement
GetWindowTextLengthW
MonitorFromPoint
SetRectEmpty
CreateWindowExA
HiliteMenuItem
GetTopWindow
SetWindowTextW
RegisterClassA
GetScrollRange
InSendMessage
DialogBoxIndirectParamW
TrackPopupMenuEx
DrawStateW
DeferWindowPos
SendMessageA
PostQuitMessage
SendDlgItemMessageW
GetLastActivePopup
SetWindowPos
GetNextDlgGroupItem
GetMenuItemCount
CreateWindowExW
keybd_event
LoadCursorA
SetScrollPos
TileWindows
EndPaint
DefFrameProcA
GetWindowRect
RegisterClassW
SetSysColors

shlwapi

PathIsUNCA

comctl32

ImageList_Destroy
ImageList_Create
ImageList_GetImageCount
ImageList_GetIconSize
ImageList_AddMasked
CreateToolbarEx

comdlg32

GetFileTitleW
ChooseFontW
PrintDlgW
GetOpenFileNameW

kernel32

FindFirstFileA
AreFileApisANSI
GetFullPathNameW
GetPriorityClass
SetThreadContext
FlushFileBuffers
GetNumberFormatA
VirtualFree
GetFileAttributesW
GetFileTime
lstrcmpiA
ReadFile
AddAtomA
TlsSetValue
CreateMutexA
CancelIo
ReleaseSemaphore
InitializeCriticalSection
GetCurrentThread
GetVersion
RaiseException
FormatMessageA
GetACP
DefineDosDeviceW
GlobalLock
lstrcpyA
GetSystemWindowsDirectoryA
HeapValidate
CreatePipe
FreeResource
GlobalReAlloc
GetTempPathW
GetStartupInfoA
GetLastError
LockResource
WaitForSingleObjectEx
GetCommModemStatus
LeaveCriticalSection
GetFileType
HeapReAlloc
ClearCommBreak
SetThreadPriority
CompareFileTime
GetFileInformationByHandle
GetLocalTime
SetCommState
FindResourceExA
GetSystemDefaultUILanguage
GetSystemDirectoryW
GetOEMCP
SetThreadAffinityMask
DeleteFileW

Exports

Exports

?DialogReactivateIns@@YGK_KHE:O
?ForwardControlItem@@YGK_KK:O

Sections

.itext
Size: 21KB - Virtual size: 21KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.ips1
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ips2
Size: 512B - Virtual size: 130B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.read
Size: 512B - Virtual size: 964KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.ips3
Size: 512B - Virtual size: 192B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ips4
Size: 150KB - Virtual size: 150KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 350KB - Virtual size: 350KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

0b26ce798a5f14b41f5828b9c5678857

Headers

File Characteristics

PDB Paths

Imports

msvcrt

user32

shlwapi

comctl32

comdlg32

kernel32

Exports

Exports

Sections

.itext Size: 21KB - Virtual size: 21KB

.ips1 Size: 6KB - Virtual size: 5KB

.ips2 Size: 512B - Virtual size: 130B

.read Size: 512B - Virtual size: 964KB

.ips3 Size: 512B - Virtual size: 192B

.data Size: 3KB - Virtual size: 2KB

.ips4 Size: 150KB - Virtual size: 150KB

.rsrc Size: 350KB - Virtual size: 350KB

.reloc Size: 2KB - Virtual size: 1KB

.itext
Size: 21KB - Virtual size: 21KB

.ips1
Size: 6KB - Virtual size: 5KB

.ips2
Size: 512B - Virtual size: 130B

.read
Size: 512B - Virtual size: 964KB

.ips3
Size: 512B - Virtual size: 192B

.data
Size: 3KB - Virtual size: 2KB

.ips4
Size: 150KB - Virtual size: 150KB

.rsrc
Size: 350KB - Virtual size: 350KB

.reloc
Size: 2KB - Virtual size: 1KB