b2271b52bd405a119c99060b43942480_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

b2271b52bd405a119c99060b43942480_JaffaCakes118
Size

208KB
MD5

b2271b52bd405a119c99060b43942480
SHA1

353016df8271f5fe4438d35c10d771c334991cc4
SHA256

406b09501750ca1d33980bffd8b5f7d7ebfa5617ba627be299c384c320925f9d
SHA512

4fddde5dbba674b3ac59648c9c19ed379fbf2b0a532936b4672ef10b3ba281292f9d4adb38d5c2964e4f5cd43032a55fe4f8b683e643aa25533153dc820e6ade
SSDEEP

6144:ki4BsmgPx9lxac0CAx5nK54letLmM5ofht:x4Bfix9/aBMaULm2A

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b2271b52bd405a119c99060b43942480_JaffaCakes118

Files

b2271b52bd405a119c99060b43942480_JaffaCakes118
.exe windows:5 windows x86 arch:x86

b617f26f1e4d468294874140b7c92c12

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

L:\CxhfxrTPQpmemx\ouSwlMhvsk\WkmXimRGg\xiswadOzdyzzNf.pdb

Imports

gdi32

CreateBitmap
GetTextExtentPoint32W
SelectPalette
PolyBezier
SetPaletteEntries
OffsetViewportOrgEx
GetTextExtentPointA
CreateDIBSection
SetROP2
GetPixel
GetMapMode
GetTextExtentExPointW
CreateHalftonePalette
CreateCompatibleDC
StretchDIBits
CreatePolygonRgn
EndPage
CreateHatchBrush
CreateRoundRectRgn
PtInRegion
GetDeviceCaps
GetTextCharsetInfo
SetRectRgn
TextOutA
SetAbortProc
CreatePatternBrush
SetWindowOrgEx
GetBitmapBits
GetPaletteEntries
Escape
GetViewportOrgEx
CreateFontW
LPtoDP
CreateRectRgnIndirect
CreateBrushIndirect
SetStretchBltMode
SetDIBits
EnumFontFamiliesW
SelectClipRgn
RoundRect
MoveToEx
CombineRgn
ExtTextOutA
IntersectClipRect
GetSystemPaletteEntries
SetDIBColorTable
SetDIBitsToDevice
CreateRectRgn
UnrealizeObject
GetRgnBox
CreateCompatibleBitmap

msvcrt

fflush
_controlfp
tolower
__set_app_type
qsort
wcscpy
fread
getc
realloc
strtok
calloc
strncpy
iswdigit
memset
wcstombs
wcscat
toupper
getenv
__p__fmode
__p__commode
putc
gmtime
_amsg_exit
wcspbrk
_initterm
wcstok
_acmdln
system
strtoul
exit
_ismbblead
strchr
swprintf
iswxdigit
wcscmp
srand
fwrite
_XcptFilter
vswprintf
isspace
ftell
isprint
_exit
perror
atoi
sprintf
gets
_cexit
__setusermatherr
__getmainargs
islower
wcscspn

comctl32

CreatePropertySheetPageA
ImageList_Write
ImageList_AddMasked
ImageList_Create
ImageList_ReplaceIcon
ImageList_Remove
DestroyPropertySheetPage

user32

wvsprintfA
GetCaretPos
BeginPaint
GetMenuState
DialogBoxIndirectParamW
PtInRect
DefFrameProcW
CheckMenuRadioItem
DestroyIcon
CopyRect
InsertMenuW
DefWindowProcA
GetClientRect
GetClipCursor
CharLowerW
PeekMessageW
DefDlgProcW
RemovePropW
DestroyMenu
SetWindowPos
ShowScrollBar
BringWindowToTop
TranslateAcceleratorW
InvalidateRect
FindWindowW
WindowFromPoint
SetRectEmpty
GetDesktopWindow
DrawEdge
SetMenuDefaultItem
GetMenuItemRect
DrawMenuBar
GetKeyboardLayoutList
IsCharAlphaW
GetSystemMetrics
GetWindowDC
DrawFocusRect
LoadIconA
AllowSetForegroundWindow
IsWindowUnicode
WaitMessage
GetNextDlgTabItem
GetUpdateRect
HideCaret
CharToOemA
IsCharUpperA
CreateDialogIndirectParamW
MapVirtualKeyExW
ClipCursor
wsprintfW
PostMessageW
IsIconic
ToUnicodeEx
DestroyAcceleratorTable
GetMessageA
LoadStringW
EnumWindows
TileWindows
IsDialogMessageW
CopyAcceleratorTableW
InternalGetWindowText
CharUpperW
ReleaseDC
TrackPopupMenuEx
DestroyCaret
DefWindowProcW
SendDlgItemMessageW
LoadStringA
SwapMouseButton
RegisterWindowMessageW
LoadImageA
MoveWindow
keybd_event
GetKeyboardLayout
GetKeyNameTextW
AppendMenuW
InSendMessageEx
GetMenuStringW
MonitorFromRect
ScrollWindowEx
RegisterWindowMessageA
SetForegroundWindow
GetFocus
GetKeyboardLayoutNameW
GetWindow
PostThreadMessageA
GetDlgItemTextW
SetRect
ReplyMessage
OemToCharBuffA
GetDlgCtrlID
MapWindowPoints
GetPropW
LoadAcceleratorsW
GetSysColor
SetWindowTextA
DialogBoxParamW
SendMessageTimeoutA
GetScrollRange
MessageBoxA
SetCaretPos
GetMenuItemID
SetScrollInfo
FrameRect
DragObject
GetUserObjectInformationW
InsertMenuA
GetLastActivePopup
CopyImage
GetParent
CreateDialogParamA
CreateCursor
CreateDialogParamW
InvertRect
SetFocus
GetWindowLongA
RegisterHotKey
ScreenToClient
SetUserObjectInformationW
MessageBoxExA
OpenIcon
DispatchMessageA
CharNextW
UnloadKeyboardLayout
ShowOwnedPopups
wvsprintfW

kernel32

QueryPerformanceCounter
GetThreadLocale
CreateDirectoryA
CallNamedPipeW
IsBadCodePtr
OpenFile
GlobalAlloc
GetTempFileNameW
UnlockFile
GetOEMCP
SetPriorityClass
SuspendThread
CreateThread
TlsGetValue
SetLastError
SetThreadExecutionState
LoadLibraryW
lstrcmpiA
GetAtomNameW
GetNumberFormatA
GetCommProperties
UnhandledExceptionFilter
LocalLock
GlobalMemoryStatus
CreateNamedPipeA
GetModuleHandleW
GetStartupInfoA
lstrcpyW
IsBadStringPtrW
lstrcpyA
CopyFileA
GetThreadTimes
VerSetConditionMask
SetEvent
CreateEventA
GetTimeFormatW
LockFile
FreeLibrary
GetOverlappedResult
GlobalGetAtomNameW
GetModuleFileNameA
GetComputerNameExA
CreateFileMappingA
FoldStringW
DisconnectNamedPipe
ExitThread
GetSystemDefaultUILanguage
GlobalAddAtomW
SearchPathW
GetCompressedFileSizeW
ReleaseSemaphore
EnterCriticalSection
FindNextFileA
SetWaitableTimer
GetModuleHandleA
CreateFileW
GlobalSize
GlobalLock
lstrlenW
GetDateFormatW

Exports

Exports

?DeleteMutexEx@@IJJE@X
?DecrementListItemOriginal@@IJPAJGE@X
?LoadDevice@@IJ_NG@X

Sections

.text
Size: 118KB - Virtual size: 117KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.import
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.cfg1
Size: 512B - Virtual size: 44B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pcode
Size: 13KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.cfg2
Size: 512B - Virtual size: 44B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.cfg3
Size: 1024B - Virtual size: 722B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 61KB - Virtual size: 61KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b617f26f1e4d468294874140b7c92c12

Headers

File Characteristics

PDB Paths

Imports

gdi32

msvcrt

comctl32

user32

kernel32

Exports

Exports

Sections

.text Size: 118KB - Virtual size: 117KB

.import Size: 1KB - Virtual size: 1KB

.rdata Size: 6KB - Virtual size: 6KB

.cfg1 Size: 512B - Virtual size: 44B

.pcode Size: 13KB - Virtual size: 12KB

.cfg2 Size: 512B - Virtual size: 44B

.cfg3 Size: 1024B - Virtual size: 722B

.data Size: 2KB - Virtual size: 11KB

.rsrc Size: 61KB - Virtual size: 61KB

.reloc Size: 2KB - Virtual size: 2KB

.text
Size: 118KB - Virtual size: 117KB

.import
Size: 1KB - Virtual size: 1KB

.rdata
Size: 6KB - Virtual size: 6KB

.cfg1
Size: 512B - Virtual size: 44B

.pcode
Size: 13KB - Virtual size: 12KB

.cfg2
Size: 512B - Virtual size: 44B

.cfg3
Size: 1024B - Virtual size: 722B

.data
Size: 2KB - Virtual size: 11KB

.rsrc
Size: 61KB - Virtual size: 61KB

.reloc
Size: 2KB - Virtual size: 2KB