b94f84540dbb51d084bceb3e5b6ba89c_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

b94f84540dbb51d084bceb3e5b6ba89c_JaffaCakes118
Size

56KB
MD5

b94f84540dbb51d084bceb3e5b6ba89c
SHA1

c8bf9bc058a07300391fa97ad27e7560cbbc64f6
SHA256

f421966c447d979677a22c53d15db817e3b407e21e1709a8d5cc3319079574ff
SHA512

452fbff35250e5d422a268b8b8cd29a89c874995a14cd023349a9c0debcad67e5da52b1372d2eaa8c79238496a54633e54767ce54e73435f61dd05dfad73804f
SSDEEP

1536:dUMRs00v7O2vZkrkwL7rEc+xedvJUfRN:S40vqWNAQc+xelej

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b94f84540dbb51d084bceb3e5b6ba89c_JaffaCakes118

Files

b94f84540dbb51d084bceb3e5b6ba89c_JaffaCakes118
.exe windows:5 windows x86 arch:x86

00572267611ef066afa7f883f8509f6d

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

L:\NtzFofzxe\EEAymiiehh\tsvuxumhXWJj\pdTysenm\tQUcvrf.pdb

Imports

comctl32

ImageList_AddMasked
InitCommonControlsEx
DestroyPropertySheetPage
CreatePropertySheetPageW
ImageList_ReplaceIcon
CreateStatusWindowW

msvcrt

ungetc
toupper
wcscpy
mktime
srand
mbtowc
fprintf
_controlfp
fread
fgetc
wcstombs
vsprintf
iswprint
wcscat
wcscspn
__set_app_type
free
__p__fmode
fseek
__p__commode
sprintf
wcspbrk
isspace
wcstok
towupper
_amsg_exit
_initterm
puts
islower
tolower
fputs
_acmdln
strcoll
exit
strncmp
isalnum
strncpy
_ismbblead
remove
putchar
bsearch
_XcptFilter
wcschr
_exit
clearerr
_cexit
__setusermatherr
rand
__getmainargs

comdlg32

CommDlgExtendedError
GetOpenFileNameW
PageSetupDlgW
GetFileTitleW

user32

CharLowerBuffW
SetCursor
CharToOemW
SetMenu
RegisterWindowMessageA
GetMenuCheckMarkDimensions
IsChild
GetNextDlgGroupItem
GetDC
CharToOemA
IsWindowVisible
GetUserObjectInformationA
OpenIcon
RegisterWindowMessageW
CheckRadioButton
DrawTextExW
GetWindowPlacement
SetWindowTextA
ChangeMenuW
OemToCharA
GetDialogBaseUnits
OpenInputDesktop
EndPaint
GetMenuState
SwitchToThisWindow
CharLowerA
GetIconInfo
FindWindowExA
KillTimer
GetAsyncKeyState
SendMessageTimeoutA
FrameRect
GetScrollInfo
SetActiveWindow
SetRectEmpty
InSendMessage
wsprintfA
GetClipCursor
RegisterClassExA
GetClassLongW
SetWindowLongW
AttachThreadInput
UpdateWindow
TranslateMessage
OpenDesktopW
IsIconic
DialogBoxIndirectParamA
DrawIcon
RemoveMenu
EqualRect
GetCaretPos
DefWindowProcA
SetLastErrorEx
CallWindowProcW
DrawStateW
PeekMessageA
GetKeyboardLayoutList
SetCaretPos
ModifyMenuW
CheckMenuItem
EnumThreadWindows
AppendMenuA
GetSystemMenu
CopyImage
CopyRect
FillRect
LoadAcceleratorsA
CharPrevW
WaitForInputIdle
GetWindowDC
DestroyCursor
SetWindowPos
DialogBoxParamA
DrawStateA
SetScrollInfo
DestroyAcceleratorTable
GetUpdateRgn
CreateCaret
GetMenuItemCount
DefWindowProcW
IsCharAlphaNumericW
DefFrameProcA
LoadIconW
SetMenuDefaultItem
DialogBoxIndirectParamW
HiliteMenuItem
MapDialogRect
MoveWindow
LoadIconA
wvsprintfW
InsertMenuA
DragObject
GetMessageExtraInfo
LoadBitmapW
InvalidateRgn
TileWindows
LoadImageA
BringWindowToTop
ClipCursor
SetScrollRange
DeleteMenu
CharPrevA
IsDlgButtonChecked
FindWindowExW
EnumChildWindows
GrayStringW
DialogBoxParamW
AdjustWindowRect
GetAltTabInfoW
PostMessageA
DispatchMessageA
PostQuitMessage
GetScrollPos
LockWindowUpdate
ShowWindow
GetDCEx
ReleaseDC
CharUpperW

gdi32

SetRectRgn
SetAbortProc
CombineRgn
CreateICW
UnrealizeObject
GetPixel
CreateBrushIndirect
SaveDC
SetTextAlign
Rectangle
CreateRoundRectRgn
GetFontData
CreateDiscardableBitmap
ExcludeClipRect
SetBkMode
EnumFontFamiliesExW
GetStockObject
ScaleViewportExtEx
OffsetViewportOrgEx
StretchDIBits
CreateEllipticRgnIndirect
CreateHalftonePalette
PathToRegion
SetViewportExtEx
GetTextExtentExPointW
DeleteObject
ExtTextOutA
GetTextExtentPoint32W
CreateDIBitmap
GetROP2
DPtoLP
RealizePalette
GetBitmapBits
SelectObject
CreateFontIndirectW
StartPage
SetBkColor
SelectPalette
LineTo
BeginPath
GetClipBox
SetMapMode
GetObjectW
EndDoc
GetObjectA
EnumFontsW
SetBitmapBits
PatBlt

kernel32

VerifyVersionInfoW
PulseEvent
GetModuleFileNameA
WaitForMultipleObjects
GetFileAttributesA
LocalAlloc
AddAtomW
SetThreadAffinityMask
GlobalFlags
OpenFile
GetWindowsDirectoryW
TerminateThread
IsBadWritePtr
VirtualQuery
SetThreadLocale
GetFileType
GetLocaleInfoA
GlobalCompact
GetComputerNameW
GetShortPathNameW
GetModuleHandleA
GetLongPathNameW
GlobalLock
HeapReAlloc
GetCommState
lstrcpynA
MoveFileA
GetModuleFileNameW
GetFullPathNameA
SetCommBreak
SystemTimeToFileTime
LockFile
FindResourceW
GetCommProperties
GlobalAddAtomW
InitializeCriticalSection
CancelWaitableTimer
LoadLibraryW
CopyFileA
HeapWalk
CreateMailslotW
GetWindowsDirectoryA
FileTimeToSystemTime
MapViewOfFile
DeleteFileA
CreateMutexA
GetThreadLocale
IsBadReadPtr
ClearCommBreak
WaitForSingleObject
GlobalDeleteAtom
IsBadStringPtrW
GetComputerNameExW
MoveFileExW

Exports

Exports

?HideMemoryEx@@YGHEPAJM]A
?BitCounterArrayIdeDunAs@@YGKGE@Z
?IsValidObjectOld@@YGXKPAF]A

Sections

.text
Size: 20KB - Virtual size: 20KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 3KB - Virtual size: 52KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 29KB - Virtual size: 29KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

00572267611ef066afa7f883f8509f6d

Headers

File Characteristics

PDB Paths

Imports

comctl32

msvcrt

comdlg32

user32

gdi32

kernel32

Exports

Exports

Sections

.text Size: 20KB - Virtual size: 20KB

.data Size: 3KB - Virtual size: 52KB

.rsrc Size: 29KB - Virtual size: 29KB

.reloc Size: 1KB - Virtual size: 1KB

.text
Size: 20KB - Virtual size: 20KB

.data
Size: 3KB - Virtual size: 52KB

.rsrc
Size: 29KB - Virtual size: 29KB

.reloc
Size: 1KB - Virtual size: 1KB