b404ad569615b43d66c6cb79224e7b7a_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

b404ad569615b43d66c6cb79224e7b7a_JaffaCakes118
Size

44KB
MD5

b404ad569615b43d66c6cb79224e7b7a
SHA1

bb5044386246eb497fba05c56229b33ab605f445
SHA256

b0e053452043bd62b5c180d08f8a114e18016d0f7e220d5e26e6041b84b3bc9c
SHA512

9998d2b0ff24eb1fbdb5bacecf418209a1892e933e9d379d16fa94a5048c44d7f06d06019f54423ba6bc66a5f7632ac1cd1757429a7e38ef5f3cada20b5a82d0
SSDEEP

768:bwP4kIN1Lp6qYybJ6IRH/q8sPK16ePWHusv9FLeoIJ:DkIzTFRRfVseiH/d2

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b404ad569615b43d66c6cb79224e7b7a_JaffaCakes118

Files

b404ad569615b43d66c6cb79224e7b7a_JaffaCakes118
.exe windows:5 windows x86 arch:x86

f03660d5535295bb102763ac85c4673a

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

X:\wdRrtkfcnhfevt\sYvSiDRaiBhfA\fbkasnPkkhh.pdb

Imports

shlwapi

PathIsUNCW

user32

SetTimer
GetDlgItemInt
DrawFrameControl
LockWindowUpdate
SetScrollPos
CharUpperBuffA
CharUpperW
SetWindowLongW
ReleaseDC
DestroyAcceleratorTable
EnableMenuItem
DialogBoxParamA
GetWindowTextA
RegisterHotKey
SetFocus
FrameRect
AdjustWindowRectEx
CloseDesktop
SendMessageTimeoutA
GetDialogBaseUnits
CharUpperA
PostMessageA
GetKeyboardLayout
BringWindowToTop
RegisterClassExA
SetMenuItemBitmaps
SetWindowPos
CharNextExA
AllowSetForegroundWindow
IsIconic
GetMenuStringW
DispatchMessageA
InflateRect
GetMessagePos
CheckRadioButton
SetWindowLongA
SetWindowRgn
GetMenuItemRect
IsWindowVisible
SetActiveWindow
CreateWindowExW
ChildWindowFromPoint
ShowWindowAsync
LoadBitmapW
OffsetRect
GetClipCursor
ClientToScreen
DeferWindowPos
IsCharUpperA
VkKeyScanW
SetRect
CreateDialogIndirectParamW
SetUserObjectInformationW
GetCursorPos
CreateIconIndirect
GetKeyboardLayoutList
SetSysColors
SetWindowTextA
GetMessageW
IsWindowEnabled
GetWindow
ChildWindowFromPointEx
ModifyMenuW
GetSystemMenu
ExitWindowsEx
SetRectEmpty
LoadAcceleratorsA
SetMenu
EndPaint
SendDlgItemMessageW
GetWindowLongA
UnloadKeyboardLayout
OpenIcon
wsprintfA
AppendMenuW
GetMenu
wsprintfW
LoadCursorW
InsertMenuW
SetScrollRange
SetDlgItemTextA
IsMenu
GetParent
CharLowerBuffW
wvsprintfW
LoadMenuW
RegisterClassW
TranslateAcceleratorA
SendInput
GetMonitorInfoW
ShowScrollBar
SendMessageTimeoutW
DrawIcon
SendMessageW
IsDialogMessageW
GetMessageTime
PostThreadMessageA
SetParent
DrawStateA
GetDoubleClickTime
SetScrollInfo
IsWindow
GetDlgItem
CreateAcceleratorTableW
GetMenuStringA
SendDlgItemMessageA
DrawFocusRect
GetIconInfo
ToUnicodeEx
GetClassInfoW
CreateIconFromResource
CreateDialogParamA
MoveWindow
DefDlgProcA
GetWindowPlacement
GetMenuItemID
IsRectEmpty
PostQuitMessage
GetClassInfoExA
GetAsyncKeyState
GetPropW
GetWindowRect
DefWindowProcW

kernel32

VirtualAlloc
CreateFileA
IsBadWritePtr
VerSetConditionMask
GetFileAttributesExA
GetTempFileNameW
GetTempPathW
GetCommandLineA
GetUserDefaultLCID
lstrcpynW
GetThreadLocale
SetLocalTime
SetUnhandledExceptionFilter
WaitForMultipleObjects
LocalSize
HeapValidate
LocalLock
OpenEventW
HeapLock
GetTimeZoneInformation
SetCurrentDirectoryA
EnumResourceLanguagesA
CreateNamedPipeA
VirtualFree
AddAtomA
lstrcpyW
GetModuleHandleA
GetOEMCP
SleepEx
GetSystemWindowsDirectoryW
GetAtomNameA
LeaveCriticalSection
EnumResourceNamesW
CreateFileMappingA
FreeLibrary
LoadLibraryExW
TransactNamedPipe
GetUserDefaultLangID
CreateFileMappingW
FormatMessageW
WaitForMultipleObjectsEx
VerifyVersionInfoW
GetCurrentDirectoryW
CreateMutexA
OpenFile
DisconnectNamedPipe
LoadLibraryExA
FileTimeToSystemTime
GetModuleFileNameA
WriteFile
IsBadStringPtrW
LocalFree
PulseEvent
GlobalAddAtomW

msvcrt

_controlfp
__set_app_type
__p__fmode
fwrite
vswprintf
wcsrchr
exit
floor
mbstowcs
fputc
__p__commode
_amsg_exit
getc
swscanf
_initterm
strncmp
isprint
fprintf
wcspbrk
strtol
wcstok
fgetc
sprintf
remove
wcstol
towlower
memset
wcscat
_ismbblead
wcsstr
rand
isspace
strcoll
_XcptFilter
wcstoul
time
_exit
sscanf
setvbuf
_cexit
isalpha
calloc
bsearch
__setusermatherr
strtok
putc
__getmainargs
swprintf

Exports

Exports

?OwnerInitDescriptor@@YGK_KK:O

Sections

.itext
Size: 21KB - Virtual size: 21KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.ips1
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ips2
Size: 512B - Virtual size: 89B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.ntrs
Size: 512B - Virtual size: 367B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.ips3
Size: 512B - Virtual size: 192B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.mode
Size: - Virtual size: 40KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tls
Size: 512B - Virtual size: 512B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 36KB - Virtual size: 35KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f03660d5535295bb102763ac85c4673a

Headers

File Characteristics

PDB Paths

Imports

shlwapi

user32

kernel32

msvcrt

Exports

Exports

Sections

.itext Size: 21KB - Virtual size: 21KB

.ips1 Size: 6KB - Virtual size: 5KB

.ips2 Size: 512B - Virtual size: 89B

.ntrs Size: 512B - Virtual size: 367B

.ips3 Size: 512B - Virtual size: 192B

.data Size: 3KB - Virtual size: 2KB

.mode Size: - Virtual size: 40KB

.tls Size: 512B - Virtual size: 512B

.rsrc Size: 36KB - Virtual size: 35KB

.reloc Size: 2KB - Virtual size: 1KB

.itext
Size: 21KB - Virtual size: 21KB

.ips1
Size: 6KB - Virtual size: 5KB

.ips2
Size: 512B - Virtual size: 89B

.ntrs
Size: 512B - Virtual size: 367B

.ips3
Size: 512B - Virtual size: 192B

.data
Size: 3KB - Virtual size: 2KB

.mode
Size: - Virtual size: 40KB

.tls
Size: 512B - Virtual size: 512B

.rsrc
Size: 36KB - Virtual size: 35KB

.reloc
Size: 2KB - Virtual size: 1KB