b980b07e2ce895c8172626b77b281841_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

b980b07e2ce895c8172626b77b281841_JaffaCakes118
Size

143KB
MD5

b980b07e2ce895c8172626b77b281841
SHA1

c516dec6765d405a3a76d636f83a9b0dcb817e05
SHA256

5929cd015cdc376b36e8ef767415212ae8e57a9d4ea90fccc517d7739fd90aa5
SHA512

7b9dcf5648280838c008a7aeef30e9e6be2d95662c7de52c21ceffb54e7ac1fbbc55da5fab6886a53d6c93194c1140a48d85fed601120b0378e4f4b2a392515a
SSDEEP

3072:ia2QBVu4UU52JVar0QrXdmUGRq48fZJn6ODsIZYi+R+N:+qu65iajDNwq4h3T98

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b980b07e2ce895c8172626b77b281841_JaffaCakes118

Files

b980b07e2ce895c8172626b77b281841_JaffaCakes118
.dll windows:5 windows x86 arch:x86

815e9060f5849afd972891a0f1d178d8

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

V:\pOycFscpaGa\oFyqjtwytfDrY\zetsyxnrSz\xQQnihaph\onOhndfnr.pdb

Imports

shlwapi

UrlGetLocationA
UrlIsOpaqueW

user32

SendMessageW
MapVirtualKeyExW
SetScrollPos
EnableScrollBar
DefWindowProcA
SetTimer
GetDlgItemTextW
HideCaret
LoadStringA
SetWindowPlacement
ShowCaret
GetDC
CreatePopupMenu
ShowWindow
OemToCharA
GetKeyboardLayoutList
EnumThreadWindows
CheckDlgButton
CreateIconIndirect
DispatchMessageA
TranslateAcceleratorW
SetDlgItemInt
GetWindowRect
LoadStringW
SetScrollRange
GetUserObjectInformationA
GetDlgItemTextA
CopyImage
IsIconic
DialogBoxParamA
LoadMenuW
IsWindowEnabled
TrackPopupMenu
GetTopWindow
GetWindowDC
CreateMenu
wsprintfW
FillRect
PostThreadMessageA
TileWindows
AppendMenuA
GetMenuItemID
IsCharUpperA
wvsprintfA
CharLowerW
EnumChildWindows
IsDialogMessageW
ModifyMenuW
IsDialogMessageA
GetScrollPos
CreateAcceleratorTableW
AttachThreadInput
GetMessageExtraInfo
SetCaretPos
OpenInputDesktop
CloseDesktop
CharNextExA
DragObject
HiliteMenuItem
RegisterClassW
InvalidateRgn
IsCharAlphaA
GetDialogBaseUnits
GetMenuState
GetMessageW
GetIconInfo
CreateDialogParamW
OpenDesktopW
DrawFrameControl
CharUpperW
ScrollWindowEx
CreateWindowExA
DeferWindowPos
FindWindowW
ExitWindowsEx
SetUserObjectInformationW
GetMessageA
GetWindowTextA
IsCharAlphaW
GetSysColor
GetMenuStringW
MapWindowPoints
FindWindowExA
CreateWindowExW
DispatchMessageW

comdlg32

GetOpenFileNameA
GetFileTitleW
ChooseColorW
ReplaceTextW
CommDlgExtendedError

msvcrt

_controlfp
mbstowcs
strspn
__set_app_type
isupper
__p__fmode
fseek
__p__commode
_amsg_exit
getc
setlocale
_initterm
_ismbblead
isprint
localtime
wcstoul
atol
wcsncmp
_XcptFilter
rand
floor
fread
_exit
_cexit
strcspn
strtoul
__setusermatherr
__getmainargs
swscanf
mktime
time
fgets
tolower
putchar
srand
wcstol

kernel32

IsValidLanguageGroup
GlobalCompact
MulDiv
GetTempPathA
GlobalSize
SetThreadContext
CreateSemaphoreA
UnlockFile
SetFileAttributesA
GetOEMCP
SetFileAttributesW
FormatMessageA
GetCommConfig
RaiseException
EnterCriticalSection
GetBinaryTypeW
GetWindowsDirectoryW
SleepEx
GetFileInformationByHandle
ReadFile
GetSystemDefaultUILanguage
lstrcpyW
lstrcmpiW
MoveFileExW
ClearCommBreak
GlobalFindAtomW
IsBadStringPtrW
CreateMailslotW
HeapFree
FindFirstFileA
GetModuleFileNameA
GetCommandLineW
FindResourceW
CreateFileA
VirtualQuery
DeleteAtom
InitializeCriticalSection
EscapeCommFunction
MoveFileW
MapViewOfFile

Exports

Exports

H99:O
?HistoryLoggingOn@@YGKDKPAX:O

Sections

.text
Size: 23KB - Virtual size: 23KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdbg
Size: 512B - Virtual size: 116B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.iplan
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.eplan
Size: 512B - Virtual size: 107B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.run
Size: 1024B - Virtual size: 674B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.0dat
Size: 107KB - Virtual size: 106KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ram
Size: - Virtual size: 166KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

815e9060f5849afd972891a0f1d178d8

Headers

File Characteristics

PDB Paths

Imports

shlwapi

user32

comdlg32

msvcrt

kernel32

Exports

Exports

Sections

.text Size: 23KB - Virtual size: 23KB

.rdbg Size: 512B - Virtual size: 116B

.iplan Size: 4KB - Virtual size: 4KB

.eplan Size: 512B - Virtual size: 107B

.run Size: 1024B - Virtual size: 674B

.0dat Size: 107KB - Virtual size: 106KB

.data Size: 3KB - Virtual size: 2KB

.ram Size: - Virtual size: 166KB

.rsrc Size: 2KB - Virtual size: 1KB

.text
Size: 23KB - Virtual size: 23KB

.rdbg
Size: 512B - Virtual size: 116B

.iplan
Size: 4KB - Virtual size: 4KB

.eplan
Size: 512B - Virtual size: 107B

.run
Size: 1024B - Virtual size: 674B

.0dat
Size: 107KB - Virtual size: 106KB

.data
Size: 3KB - Virtual size: 2KB

.ram
Size: - Virtual size: 166KB

.rsrc
Size: 2KB - Virtual size: 1KB