b3fe0be3efe17f39e362c4012c11a882_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

b3fe0be3efe17f39e362c4012c11a882_JaffaCakes118
Size

172KB
MD5

b3fe0be3efe17f39e362c4012c11a882
SHA1

0347a66ea916db72df2e753fc7281945980d6cfa
SHA256

eedfb1848bc92fa56be251da7b13d64021ccd5e88571ed37962012323fd4759b
SHA512

fe81c0d503963b868a479cab81bdaa491019bc42e43a93f46ac480a6a6f83d74d154c10e9f22a75c50b2724b348fae2ed84e3631faaf689f3b70981f4cb06b41
SSDEEP

3072:kpfxloCApKpMGzPucAjw4UF8QWUV3eHSjeokv6FPz7ydDzHdsftYO:kpfxlIc9/bFPeHI4vOPPSH9I

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b3fe0be3efe17f39e362c4012c11a882_JaffaCakes118

Files

b3fe0be3efe17f39e362c4012c11a882_JaffaCakes118
.exe windows:5 windows x86 arch:x86

09a7a9869d524c2015af7d45cc95533e

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

V:\tuzzWia\MJcGtwpjkHYQeu\rbgmiuDp\igdpnFIylJJszj.pdb

Imports

comdlg32

GetOpenFileNameW
CommDlgExtendedError
FindTextW
ReplaceTextW

comctl32

CreatePropertySheetPageW
CreateToolbarEx
CreatePropertySheetPageA
PropertySheetA
ImageList_AddMasked
ImageList_Create

kernel32

GetThreadContext
GetWindowsDirectoryA
GlobalGetAtomNameA
CreateWaitableTimerW
FindFirstFileW
GetNumberFormatA
CreatePipe
GetTickCount
LCMapStringA
LoadLibraryExA
IsValidLanguageGroup
GetUserDefaultLangID
GetFileAttributesW
SetThreadPriority
GetCurrentDirectoryW
VirtualProtect
lstrlenW
CreateWaitableTimerA
FindNextFileA
FlushViewOfFile
TlsSetValue
GetCommModemStatus
CompareStringW
HeapFree
PulseEvent
GetModuleHandleA
SetEvent
LocalLock
FindCloseChangeNotification
GetTempFileNameA
GlobalFree
CreateSemaphoreW
GetModuleFileNameA
FindResourceW
GetCommandLineA
CreateFileA
DeleteFileA
MoveFileA
GetStdHandle
SuspendThread
LoadLibraryExW
SetThreadLocale
CreateDirectoryA
VerSetConditionMask
SetTimerQueueTimer
DeleteFileW
SetLocalTime
SetPriorityClass
Sleep
SetLastError
GlobalAlloc
SetUnhandledExceptionFilter
HeapUnlock
CreateThread
QueryPerformanceCounter

shlwapi

UrlGetPartW

msvcrt

_controlfp
wcstoul
sscanf
wcscpy
iswprint
puts
remove
fseek
__set_app_type
fwrite
wcstod
swscanf
system
time
__p__fmode
putc
__p__commode
localtime
fprintf
_amsg_exit
srand
mbtowc
_vsnwprintf
strcspn
iswspace
_initterm
_ismbblead
clock
_XcptFilter
isprint
wcstok
atol
_exit
fclose
fread
strtoul
_cexit
strpbrk
strncmp
setlocale
clearerr
strtok
strcpy
vsprintf
fputs
__setusermatherr
strcoll
__getmainargs

user32

LoadImageA
SetMenuDefaultItem
LoadStringW
GrayStringW
SendNotifyMessageW
IsWindowEnabled
TabbedTextOutW
OffsetRect
GetWindowRect
SetWindowTextA
GetMessagePos
DrawStateA
GetUpdateRgn
SystemParametersInfoA
SendMessageTimeoutW
GetDC
SendInput
GetSysColor
GetWindowTextA
GetWindowPlacement
IsDialogMessageW
keybd_event
IsMenu
IsDlgButtonChecked
LoadIconA
CharToOemA
DestroyWindow
GetAsyncKeyState
SetActiveWindow
CheckDlgButton
HiliteMenuItem
ExitWindowsEx
PostMessageW
SetWindowLongW
MonitorFromRect
PeekMessageA
DrawAnimatedRects
CreateIconFromResource
LoadCursorW
CreateMenu
DrawIcon
SetMenu
DrawTextW
GetWindowLongW
SetDlgItemInt
DialogBoxIndirectParamA
GetMenuStringA
InsertMenuItemW
ShowCursor
TranslateAcceleratorW
GetClassInfoExA
ScrollWindow
SetWindowPos
ModifyMenuW
ShowWindow
GetKeyState
SetRect
AttachThreadInput
DestroyAcceleratorTable
IsRectEmpty
MonitorFromPoint
wsprintfW
GetMessageTime
CharNextExA
CreateAcceleratorTableW
SetWindowLongA
GetUserObjectInformationW
FindWindowExA
GetMessageW
GetDlgItemTextW
GetDlgItemTextA
SetPropW
GetMenuCheckMarkDimensions
IsWindow
MapDialogRect
CheckRadioButton
BeginPaint
BeginDeferWindowPos
DestroyCursor
GetNextDlgGroupItem
InvertRect
DefFrameProcA
HideCaret
MessageBoxExA
RemoveMenu
CharNextA
wvsprintfW
IsCharAlphaNumericW
RedrawWindow
GetMenuItemCount
GetSysColorBrush
IsWindowUnicode
AdjustWindowRectEx
CopyAcceleratorTableW
GetMenuItemInfoW
CopyRect
CreateIconIndirect
SendMessageW
SetTimer
CloseDesktop
SetMenuItemBitmaps
GetMenuItemID
CharUpperBuffA
CreateCursor
RegisterClassA
SetCaretPos
IsCharAlphaA
GetCaretPos
DefDlgProcA
LoadAcceleratorsW
DrawEdge
LoadAcceleratorsA
EnumChildWindows
ShowCaret
mouse_event
IsCharUpperA
KillTimer
GetKeyboardLayoutList
OpenDesktopW
AppendMenuW

Exports

Exports

?CreatDlgItemList@@YGKPBDDPAX:O

Sections

.text
Size: 23KB - Virtual size: 22KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.exp
Size: 512B - Virtual size: 121B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.edit
Size: 1KB - Virtual size: 254KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ixport
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.sims
Size: 1024B - Virtual size: 577B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.ndat
Size: 512B - Virtual size: 192B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 136KB - Virtual size: 136KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

09a7a9869d524c2015af7d45cc95533e

Headers

File Characteristics

PDB Paths

Imports

comdlg32

comctl32

kernel32

shlwapi

msvcrt

user32

Exports

Exports

Sections

.text Size: 23KB - Virtual size: 22KB

.exp Size: 512B - Virtual size: 121B

.edit Size: 1KB - Virtual size: 254KB

.data Size: 2KB - Virtual size: 2KB

.ixport Size: 6KB - Virtual size: 5KB

.sims Size: 1024B - Virtual size: 577B

.ndat Size: 512B - Virtual size: 192B

.rsrc Size: 136KB - Virtual size: 136KB

.text
Size: 23KB - Virtual size: 22KB

.exp
Size: 512B - Virtual size: 121B

.edit
Size: 1KB - Virtual size: 254KB

.data
Size: 2KB - Virtual size: 2KB

.ixport
Size: 6KB - Virtual size: 5KB

.sims
Size: 1024B - Virtual size: 577B

.ndat
Size: 512B - Virtual size: 192B

.rsrc
Size: 136KB - Virtual size: 136KB