b23225a5d7a7bb0cbfac231cf3c186b1_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

b23225a5d7a7bb0cbfac231cf3c186b1_JaffaCakes118
Size

151KB
MD5

b23225a5d7a7bb0cbfac231cf3c186b1
SHA1

0015c368c675e05ce16781a39cf35b4250c4e2d2
SHA256

554b75c008707ea9653a65fabd271c8b27f126003691fd7b5854f3afb477794f
SHA512

314f46583047acc37b558023e8c895a940ffa07381283d722a17df5585bc6a3c9c886cdb63975e60695bb5db64c7c2dbdf9dcf8b82d7e05e977e4876a1627459
SSDEEP

3072:lYlsZt2RMCgVLG/MJNcaIAy/flPz1W6BXWnW6aL3L+lGuNQgy4v+:z2mY/MJN5y/fZ1W6lWnWTCVQby+

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b23225a5d7a7bb0cbfac231cf3c186b1_JaffaCakes118

Files

b23225a5d7a7bb0cbfac231cf3c186b1_JaffaCakes118
.exe windows:5 windows x86 arch:x86

19955b3e3bc7d9432eb61fa2baec26cc

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

F:\ivsWyGostmK\hVhjticFre\oebIwoXop\jgVplcmLMp.pdb

Imports

shlwapi

StrToIntA

user32

OpenDesktopW
GetNextDlgTabItem
FindWindowA
PostMessageA
InternalGetWindowText
DrawFrameControl
UnionRect
GetClassLongW
MapVirtualKeyA
EndPaint
DialogBoxIndirectParamW
IsCharAlphaW
DialogBoxIndirectParamA
LookupIconIdFromDirectory
MonitorFromRect
LoadImageA
ModifyMenuW
AllowSetForegroundWindow
RemovePropW
DestroyAcceleratorTable
GetCaretPos
DefFrameProcA
PeekMessageA
FindWindowW
EnumThreadWindows
InsertMenuA
GetMenuStringA
GetWindow
LoadAcceleratorsW
LoadBitmapW
SendInput
SetMenuDefaultItem
SendMessageTimeoutA
GetUserObjectInformationA
WaitMessage
RemoveMenu
CopyRect
DefWindowProcA
LoadIconA
GetDC
GetMenuItemCount
SetForegroundWindow
GetParent
CreateWindowExW
IsWindow
CallWindowProcW
SetPropW
DeleteMenu
SetCaretPos
RegisterWindowMessageA
DefFrameProcW
SetRect
SetWindowPos
ScrollWindowEx
ScreenToClient
CreateDialogParamW
EnableMenuItem
GetClassInfoW
SetMenuItemBitmaps
SetDlgItemInt
DrawTextW
IsIconic
MapWindowPoints
CharUpperBuffW
OpenInputDesktop
GetDlgCtrlID
GetScrollRange
CreateDialogIndirectParamW
DefDlgProcA
LoadBitmapA
DestroyIcon
GetAltTabInfoA
DrawTextExW
GetCaretBlinkTime
WaitForInputIdle
LockWindowUpdate
SetRectEmpty
GetMessageExtraInfo
CharPrevW
DestroyCaret
ShowWindow
CloseDesktop
ChangeMenuW
GetSysColorBrush
GetSysColor
VkKeyScanW
SetSysColors
InvertRect
wvsprintfW
ActivateKeyboardLayout
ExitWindowsEx
HideCaret
GetClassInfoExA
EndDialog
DragObject
MapVirtualKeyExW
SetTimer
IsDialogMessageA
GetMessageA
CascadeWindows
InSendMessageEx
EnableScrollBar
GetClientRect
CharLowerW
InsertMenuW
GetClassLongA
PostThreadMessageA
GetScrollInfo
EnableWindow
TranslateAcceleratorA
IsWindowEnabled
InvalidateRgn
LoadImageW
BringWindowToTop
LoadIconW
TrackPopupMenu
GetTopWindow
IsRectEmpty
GetAsyncKeyState
AdjustWindowRect
SetParent
SetScrollPos

comdlg32

PrintDlgExW
GetFileTitleW
ChooseColorW
PrintDlgW
FindTextW
ReplaceTextW

kernel32

ClearCommBreak
DeleteFileW
GetFileAttributesW
TlsGetValue
FreeResource
LocalLock
HeapAlloc
VirtualProtect
EnumSystemLocalesA
VirtualQuery
CreateFileW
SetupComm
GetShortPathNameA
GetModuleFileNameW
ReleaseMutex
GetModuleFileNameA
CreateMutexA
GetFileSize
MoveFileExW
AddAtomA
CallNamedPipeW
SetThreadPriority
GetCommProperties
lstrcpynA
SetThreadLocale
FileTimeToSystemTime
IsValidLocale
GetCommModemStatus
OpenSemaphoreW
GlobalFindAtomW
EscapeCommFunction
DeviceIoControl
GetModuleHandleA
LoadLibraryExA
UnhandledExceptionFilter
FindResourceExW
GetCommState
LockFile
HeapFree
LockResource
GetFileType
LeaveCriticalSection
FileTimeToLocalFileTime
PulseEvent
GetModuleHandleW
GetProcessHeap
DeleteFileA
HeapUnlock
GetHandleInformation
AddAtomW
GetSystemWindowsDirectoryW
GetAtomNameW
CompareFileTime
QueryDosDeviceW
lstrcpynW
SetCommState
MoveFileW
IsValidLanguageGroup
SearchPathA

msvcrt

strstr
strcspn
puts
atoi
isalpha
strtoul
localtime
free
_controlfp
setvbuf
__set_app_type
towlower
isspace
__p__fmode
clearerr
toupper
__p__commode
strncmp
strerror
floor
mktime
_amsg_exit
wcscmp
sscanf
vswprintf
_initterm
wcspbrk
strrchr
_ismbblead
fwrite
_XcptFilter
memset
fgets
strncpy
malloc
_exit
strspn
fflush
ftell
_cexit
fputc
__setusermatherr
strcpy
vsprintf
__getmainargs
fputs
iswspace
towupper

Exports

Exports

?GenericOutputInfoYSUh@@YGK_KHE[D

Sections

.text
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 20KB - Virtual size: 116KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 123KB - Virtual size: 122KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

19955b3e3bc7d9432eb61fa2baec26cc

Headers

File Characteristics

PDB Paths

Imports

shlwapi

user32

comdlg32

kernel32

msvcrt

Exports

Exports

Sections

.text Size: 8KB - Virtual size: 8KB

.data Size: 20KB - Virtual size: 116KB

.rsrc Size: 123KB - Virtual size: 122KB

.reloc Size: 2KB - Virtual size: 1KB

.text
Size: 8KB - Virtual size: 8KB

.data
Size: 20KB - Virtual size: 116KB

.rsrc
Size: 123KB - Virtual size: 122KB

.reloc
Size: 2KB - Virtual size: 1KB