b6a53fdef5775e03a9303f68eed8f308_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

b6a53fdef5775e03a9303f68eed8f308_JaffaCakes118
Size

227KB
MD5

b6a53fdef5775e03a9303f68eed8f308
SHA1

35ad3a051b6426f91e1132792a1f3149275442e3
SHA256

2f2f6e0d6906034a2c856e2d473988ca769958765ab92030071f028784bf0274
SHA512

3cf9616d1a247600377156da7646b7b174332affcf6fd5e7909f9b8c0c8f3785d65e840cf4d6a911fef5050d2985fb45d867bc379331306997d34ddb1c251860
SSDEEP

6144:eS9Ohs38zTZAijg6k7OuRHczx/21S8rmaI3/b4ArMt:eSCy8xiplczxObmaEbmt

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b6a53fdef5775e03a9303f68eed8f308_JaffaCakes118

Files

b6a53fdef5775e03a9303f68eed8f308_JaffaCakes118
.exe windows:5 windows x86 arch:x86

c7af12f88bd31d695a0b2b9b4b2247c7

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

I:\KiEtDmsmtCAJn\VphUqtKkoov\SrshUWPdt\jkivnrxoUgcbd.pdb

Imports

gdi32

DPtoLP
EnumFontFamiliesExW
EnumFontFamiliesW
SaveDC
GetObjectA
CreatePen
GetTextExtentPoint32W
Ellipse
PatBlt
TranslateCharsetInfo
SetStretchBltMode
CreateBitmap
GetTextMetricsW
CreateDCW
SetBitmapDimensionEx
GetCurrentObject
WidenPath
SetBrushOrgEx
RemoveFontResourceW
GetFontData
GetLayout
CreateICW
SetBitmapBits
CreateEllipticRgnIndirect
SetViewportExtEx
ExcludeClipRect
GetTextExtentPointA
SetDIBits
ExtFloodFill
TextOutA
GetPaletteEntries
CreateFontIndirectA
TextOutW
SetPaletteEntries
CreateFontW
StretchBlt
EndPath
EndPage
SetBkColor
AddFontResourceW
SelectPalette
CombineRgn
LineTo
RealizePalette
GetTextExtentExPointW
CreateDIBitmap

kernel32

CancelIo
FindFirstFileA
GetExitCodeProcess
CompareFileTime
LocalUnlock
SetTimerQueueTimer
RaiseException
GetUserDefaultUILanguage
GlobalMemoryStatus
EnumResourceNamesA
SetHandleInformation
lstrlenW
LoadLibraryExW
lstrcpyW
GetAtomNameW
FreeResource
Sleep
CreateWaitableTimerW
EnterCriticalSection
CreateNamedPipeA
lstrcmpiW
WaitForSingleObjectEx
FindClose
IsDBCSLeadByte
FindFirstChangeNotificationW
TlsGetValue
GetCommState
lstrcmpA
UnlockFile
GetAtomNameA
LoadLibraryW
CreateDirectoryA
MoveFileA
GetStringTypeExW
GetFileSize
DeleteFileA
GlobalLock
GetVersionExW
FindNextFileA
GetOverlappedResult
GetCompressedFileSizeW
GetCurrentProcess
SetCommTimeouts
RtlUnwind
LoadResource
VerifyVersionInfoW
WaitForSingleObject
MapViewOfFile
InitializeCriticalSection
GetModuleFileNameW
FindNextFileW
IsBadStringPtrW

user32

GetSysColor
MapVirtualKeyA
SendInput
GetActiveWindow
DrawFocusRect
InSendMessage
DrawStateW
EnumThreadWindows
RegisterHotKey
PtInRect
CreateCursor
GetWindowLongW
TabbedTextOutW
EnumWindows
WindowFromPoint
InvalidateRgn
GetMenuItemRect
SetCaretPos
CharToOemBuffA
GetDoubleClickTime
MapVirtualKeyExW
InSendMessageEx
DeferWindowPos
GetNextDlgTabItem
SystemParametersInfoA
CopyImage
FrameRect
SetRectEmpty
GetDlgItem
RegisterWindowMessageW
EnableMenuItem
IsRectEmpty
SetClassLongW
DrawTextExW
GetClientRect
FindWindowW
ShowCursor
SetPropW
WaitMessage
CloseDesktop
CharUpperBuffA
LoadIconW
mouse_event
GetParent
GetMenuStringW
DestroyWindow
CharLowerA
SetLastErrorEx
DestroyIcon
GetDesktopWindow
GetDlgItemTextA
TranslateMessage
CharToOemA
GetClipCursor
DestroyCaret
GetScrollRange
DefFrameProcW
SetScrollInfo
EnumChildWindows
GetUserObjectInformationA
DefDlgProcA
CharPrevA
DispatchMessageA
CascadeWindows
LoadAcceleratorsA
DispatchMessageW
IsWindow
WaitForInputIdle
ShowWindowAsync
SwitchToThisWindow
SetDlgItemInt
RedrawWindow
TileWindows
IsCharLowerA
SetSysColors
GetPropW
GetKeyboardLayoutList
MonitorFromPoint
SetUserObjectInformationW
CheckDlgButton
DialogBoxParamA
DrawIcon
OffsetRect
CopyAcceleratorTableW
MessageBoxExW
GetDlgCtrlID
PostMessageW
DrawTextW
AdjustWindowRect
GetWindowTextA
GetClassInfoW
CreateIconIndirect
IsDialogMessageW
GetDialogBaseUnits
GetSystemMetrics
InsertMenuItemW
SetMenuItemBitmaps
BeginPaint
SetDlgItemTextA
CreateDialogIndirectParamW
CharNextW
IsMenu
IntersectRect
DestroyCursor
AdjustWindowRectEx
CheckRadioButton
GetLastActivePopup
DestroyAcceleratorTable
GetWindowTextLengthW
SetWindowLongA

msvcrt

isspace
wcsncmp
wcschr
wcscmp
iswprint
isprint
getc
_controlfp
sprintf
__set_app_type
__p__fmode
clearerr
__p__commode
ftell
_amsg_exit
system
perror
tolower
putc
fflush
iswxdigit
rand
_initterm
_acmdln
setvbuf
exit
atoi
sscanf
_ismbblead
iswctype
strcoll
strstr
putchar
vswprintf
_XcptFilter
_exit
strerror
floor
_cexit
wcscspn
__setusermatherr
iswspace
wcscoll
wcscat
__getmainargs
strspn

Exports

Exports

?DeleteDateTimeA@@YGKPAGFDD&U
?IsNotDateOld@@YGMPAH&U
?GenerateFunctionA@@YGGPAFH&U
?OnMutantW@@YGPAFKGPAN&U
?SendSystemEx@@YGNM&U
?IsValidVersionExW@@YGPAMFPADPAG&U
?ModifyDataOriginal@@YGXPAKM&U
?ValidateClassA@@YGXH&U
?GenerateDate@@YGPAMGMH_N&U
?DecrementEventW@@YGXJ&U
?FindVersionNew@@YGHPAFJ&U
?GetListA@@YGFDPAD&U
?CloseSectionW@@YGPA_NPAEPAJPAE&U
?CloseEventExA@@YGIJPADPAJE&U
?CancelTimeNew@@YGPANPAKPAGPADE&U
?DeleteFilePath@@YGEFG_NPAD&U
?IsNotHeightW@@YG_NEM&U
?IsTimeEx@@YGPAXDDG&U
?AddProjectA@@YGE_NPAG&U
?GenerateProfileOld@@YGFN&U
?CrtStateW@@YGHJPAGG&U
?CopyStringA@@YGDPAK&U
?RemoveAnchorW@@YGHI&U
?CancelTextOriginal@@YGXJ&U
?SendWidth@@YGPAXIMK&U
?DecrementModuleExA@@YGD_NJK&U
?ValidateNameExA@@YG_NIE&U
?ValidateMonitorExW@@YGPAIPAIM&U
?CloseDataExW@@YGXDPAFEK&U
?InvalidateStateA@@YGJKD&U
?OnKeyNameExW@@YGGFFKPA_N&U
?SendMonitor@@YGEHHPAG&U
?InsertFilePathNew@@YGHPAE&U
?LoadSystemW@@YGIGPAI&U
?CancelSectionNew@@YGEI&U
?CancelProvider@@YGFPAJH&U

Sections

.text
Size: 95KB - Virtual size: 95KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.imp
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.exp
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.byte1
Size: 512B - Virtual size: 32B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.code
Size: 512B - Virtual size: 32B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.byte0
Size: 512B - Virtual size: 44B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 6KB - Virtual size: 47KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 104KB - Virtual size: 104KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

c7af12f88bd31d695a0b2b9b4b2247c7

Headers

File Characteristics

PDB Paths

Imports

gdi32

kernel32

user32

msvcrt

Exports

Exports

Sections

.text Size: 95KB - Virtual size: 95KB

.imp Size: 1KB - Virtual size: 1KB

.exp Size: 1KB - Virtual size: 1KB

.byte1 Size: 512B - Virtual size: 32B

.code Size: 512B - Virtual size: 32B

.byte0 Size: 512B - Virtual size: 44B

.data Size: 13KB - Virtual size: 13KB

.rdata Size: 6KB - Virtual size: 47KB

.rsrc Size: 104KB - Virtual size: 104KB

.reloc Size: 2KB - Virtual size: 1KB

.text
Size: 95KB - Virtual size: 95KB

.imp
Size: 1KB - Virtual size: 1KB

.exp
Size: 1KB - Virtual size: 1KB

.byte1
Size: 512B - Virtual size: 32B

.code
Size: 512B - Virtual size: 32B

.byte0
Size: 512B - Virtual size: 44B

.data
Size: 13KB - Virtual size: 13KB

.rdata
Size: 6KB - Virtual size: 47KB

.rsrc
Size: 104KB - Virtual size: 104KB

.reloc
Size: 2KB - Virtual size: 1KB