b85e2319042971143ba4818bbabd9871_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

b85e2319042971143ba4818bbabd9871_JaffaCakes118
Size

137KB
MD5

b85e2319042971143ba4818bbabd9871
SHA1

a122cf7208fa667c97dc6597ec4054d2f31e9013
SHA256

63b2cc8d01799881c4c55e51a5bdaac07d0bc091d3bbb96983f9279e4f20fa2c
SHA512

ca7e96033454f4271507c419953ba838fc64fcbe0f27532b93f1e3cad744a12cba5abc146fe26dbe4fa2e983575b238ec73a145b5ddff336907ad95c6a158840
SSDEEP

3072:C45s428N/ah4t2JamMVpoEMqOJXjZo8tNJfSKfqbuxf:jLN/ahXarSSOVjtzftSbQ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b85e2319042971143ba4818bbabd9871_JaffaCakes118

Files

b85e2319042971143ba4818bbabd9871_JaffaCakes118
.exe windows:5 windows x86 arch:x86

c4b67b30f2c2cad8285c215aea242b0d

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

S:\hMblnhdBU\cqhvXylKxqwd\uvcFXwI.pdb

Imports

user32

GetKeyState
IsCharAlphaNumericW
wsprintfA
GetDlgCtrlID
DialogBoxParamA
SendMessageW
EnableWindow
SetSysColors
LoadMenuA
RegisterClassExW
GetKeyboardLayout
GetCaretPos
ShowCursor
SetWindowTextA
CreateWindowExW
CreateIconFromResource
DragObject
GetLastActivePopup
GetDoubleClickTime
GetKeyboardType
CopyAcceleratorTableW
GetClassLongA
GetMenuItemInfoW
RegisterClassA
GetDlgItem
SetCursor
DefDlgProcA
SetFocus
RegisterClassW
GetKeyboardLayoutList
LoadIconA
GetClassInfoExA
PostMessageW
GetPropW
DeferWindowPos
GetUpdateRgn
MessageBoxA
MapWindowPoints
CreateCaret
DefWindowProcA
SetUserObjectInformationW
DrawStateW
SetWindowPlacement
LoadBitmapW
SetMenuItemBitmaps
CharToOemBuffA
GetActiveWindow
SetWindowLongW
DrawTextA
EndPaint
ClientToScreen
SetCaretPos
SetMenu
LoadBitmapA
GetDCEx
GetMenuStringA
LoadStringW
ToUnicodeEx
MonitorFromPoint
EnumChildWindows
TrackPopupMenu
CharLowerW
GetFocus
IsWindowEnabled
GetMenuItemID
AdjustWindowRect
InsertMenuW
GetMenuItemRect
OemToCharA
BringWindowToTop
SendNotifyMessageW
DialogBoxParamW
CopyImage
DefDlgProcW
OpenIcon
InternalGetWindowText
ExitWindowsEx
GetAsyncKeyState
ShowScrollBar
GetWindowLongA
LoadAcceleratorsA
FindWindowExA
GetMenuStringW
WindowFromPoint
CharToOemA
CreateDialogParamW
GetMenuItemCount
GetShellWindow
wsprintfW
SetWindowLongA
LockWindowUpdate
GetUserObjectInformationW
CharUpperW
mouse_event
GetScrollRange
ClipCursor
keybd_event
CharPrevW
SetClassLongW
ShowWindowAsync
CheckRadioButton
AppendMenuW
DrawStateA
DestroyCaret
GetForegroundWindow
LoadCursorA
TranslateAcceleratorA
CreateDialogParamA
TranslateMessage
InvalidateRgn
MoveWindow
GetClientRect
SetScrollInfo
CharNextExA
DialogBoxIndirectParamA
CreateAcceleratorTableW
SetScrollPos
ValidateRect
GetKeyNameTextW
DrawIconEx

kernel32

GetAtomNameA
IsDBCSLeadByte
HeapAlloc
SearchPathW
CancelWaitableTimer
ConvertDefaultLocale
FoldStringW
CreateThread
GetNumberFormatA
GetShortPathNameW
DuplicateHandle
DeleteFileW
lstrlenW
TlsGetValue
HeapLock
GetShortPathNameA
SetThreadAffinityMask
CreateSemaphoreW
IsValidLanguageGroup
OutputDebugStringA
GetCommState
SetFileTime
FindResourceA
RegisterWaitForSingleObject
LoadLibraryExW
GetSystemTimeAsFileTime
GlobalSize
FindFirstFileA
LocalAlloc
HeapValidate
VerifyVersionInfoW
GetAtomNameW
CreateSemaphoreA
GetCommTimeouts
lstrcatW
LocalSize
GetProcAddress
GetACP
GetComputerNameA
GetThreadTimes
MoveFileW
GetUserDefaultLCID
LoadLibraryA
SetupComm
GetComputerNameW
ExitThread
AddAtomA
GlobalUnlock
GetTickCount
GetTempPathA
VirtualQuery
lstrcatA
GetModuleHandleA
SetThreadLocale
lstrlenA
LocalFree

shlwapi

StrToIntW

msvcrt

fseek
strncpy
fwrite
isxdigit
sscanf
_controlfp
atoi
__set_app_type
sprintf
__p__fmode
__p__commode
atol
iswspace
wcscoll
floor
free
getenv
fprintf
strerror
strcpy
strchr
remove
_amsg_exit
_initterm
_ismbblead
wcsncpy
tolower
srand
gets
wcscat
strpbrk
wcstol
strstr
_XcptFilter
_exit
_cexit
strtok
mbstowcs
clock
__setusermatherr
fgets
strtol
strncmp
__getmainargs
wcstod
swscanf
strcspn

Exports

Exports

?RedirectOutput@@YGK_KHE:O

Sections

.text
Size: 20KB - Virtual size: 19KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.itab
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.etab
Size: 512B - Virtual size: 85B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.input
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 2KB - Virtual size: 108KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 104KB - Virtual size: 103KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

c4b67b30f2c2cad8285c215aea242b0d

Headers

File Characteristics

PDB Paths

Imports

user32

kernel32

shlwapi

msvcrt

Exports

Exports

Sections

.text Size: 20KB - Virtual size: 19KB

.itab Size: 6KB - Virtual size: 5KB

.etab Size: 512B - Virtual size: 85B

.input Size: 2KB - Virtual size: 2KB

.data Size: 2KB - Virtual size: 108KB

.rsrc Size: 104KB - Virtual size: 103KB

.reloc Size: 1KB - Virtual size: 1KB

.text
Size: 20KB - Virtual size: 19KB

.itab
Size: 6KB - Virtual size: 5KB

.etab
Size: 512B - Virtual size: 85B

.input
Size: 2KB - Virtual size: 2KB

.data
Size: 2KB - Virtual size: 108KB

.rsrc
Size: 104KB - Virtual size: 103KB

.reloc
Size: 1KB - Virtual size: 1KB