b875f167d50614f072dd44781735a0a8_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

b875f167d50614f072dd44781735a0a8_JaffaCakes118
Size

171KB
MD5

b875f167d50614f072dd44781735a0a8
SHA1

f3e158063a77e52d24c895b4892d89c9e22b8b95
SHA256

d7faa0dd54a1292e42aa092d4d632efd6116d738cd89341ecf75d1e442405ecc
SHA512

2a941c66639f3c9f04d9b27ec046a3125670e5d254203bd3d1ad8e79a5516540cf7a39f7e1eaca97695a2381cbcb756e8864f483aad7ad2bb689540556dc2b0a
SSDEEP

3072:mUBGr35DOb59DBohBi1OzYfB0sQaNn2x16on1Ov/V+dfw5coPiKkvucdnOlmM:mCK3dej6BtYDQa0D6on1OcF7oPinjOlm

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b875f167d50614f072dd44781735a0a8_JaffaCakes118

Files

b875f167d50614f072dd44781735a0a8_JaffaCakes118
.dll windows:5 windows x86 arch:x86

c3fe91049c87f3015815fd80c815351a

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

M:\vtZywaaxpnj\nzqyxvRTzjj\ushvuhRFdqijSh.pdb

Imports

msvcrt

wcsrchr
wcscspn
fseek
_controlfp
wcschr
wcstod
__set_app_type
swscanf
__p__fmode
__p__commode
_amsg_exit
rand
putchar
atol
towupper
_initterm
_ismbblead
_XcptFilter
fgets
bsearch
strstr
fputc
exit
_exit
printf
malloc
swprintf
_cexit
strncmp
isdigit
calloc
toupper
system
iswdigit
time
fwrite
wcscoll
wcscat
iswctype
__setusermatherr
__getmainargs
fflush
isprint
strpbrk

kernel32

VirtualFree
LocalReAlloc
HeapUnlock
GetProcAddress
FormatMessageA
SetThreadPriority
DefineDosDeviceW
GetCommTimeouts
FileTimeToSystemTime
QueryPerformanceCounter
CreateThread
lstrlenW
FindResourceA
IsDBCSLeadByte
FileTimeToLocalFileTime
WaitForSingleObjectEx
GetAtomNameW
SetSystemTime
SetThreadAffinityMask
HeapCreate
CreateDirectoryW
GetNumberFormatW
GetSystemTimeAdjustment
OpenFileMappingW
GetUserDefaultLCID
FlushViewOfFile
lstrcmpA
GetModuleFileNameW
ExitThread
EnumResourceNamesW
TryEnterCriticalSection
GetUserDefaultLangID
RaiseException
SetThreadExecutionState
GetSystemDirectoryA
SetFileAttributesW
CreateEventW
TlsSetValue
GetCommandLineA
WaitCommEvent
SetCommBreak
GlobalAddAtomA
OpenFileMappingA
GetModuleHandleExW
FlushFileBuffers
TlsFree
DeleteFileW
SetCommState
CreateNamedPipeW
GetCommState
GlobalAddAtomW

comdlg32

FindTextW
ChooseFontW
CommDlgExtendedError
ChooseColorW

comctl32

ImageList_GetImageCount
CreateToolbarEx
CreatePropertySheetPageA
ImageList_Create
ImageList_AddMasked
ImageList_Write

user32

wvsprintfW
LoadMenuA
CreateDialogIndirectParamW
LoadStringW
GetScrollInfo
SendDlgItemMessageW
ActivateKeyboardLayout
ShowCursor
MessageBoxA
CreateIconFromResource
ShowCaret
SendNotifyMessageW
GetMenuItemRect
CharToOemA
CheckMenuItem
TranslateAcceleratorA
RegisterClassA
SetDlgItemInt
InvertRect
ShowScrollBar
CharToOemBuffA
OffsetRect
GetWindowLongW
FillRect
PostThreadMessageA
LoadCursorA
OemToCharA
MonitorFromRect
BringWindowToTop
ChangeMenuW
GetSubMenu
LoadIconW
CreateMenu
IsIconic
SetCursor
EndPaint
CallWindowProcW
IsRectEmpty
IsCharAlphaNumericW
MessageBoxW
SystemParametersInfoA
RegisterWindowMessageW
CheckDlgButton
GetMenuItemInfoW
SystemParametersInfoW
DrawIconEx
GetWindow
GetUserObjectInformationW
DeleteMenu
DialogBoxIndirectParamW
InternalGetWindowText
IsWindow
SetForegroundWindow
PeekMessageA
SetSysColors
InsertMenuA
GetMenuItemID
KillTimer
CharToOemW
ClientToScreen
MonitorFromPoint
SetWindowRgn
LoadMenuW
GetSystemMetrics
IsWindowVisible
DestroyWindow
CreateDialogParamW
DrawIcon
AppendMenuW
CascadeWindows
GetClassInfoA
PostMessageA
LookupIconIdFromDirectory
FindWindowExW
GetWindowRect
GetWindowDC
UnionRect
RegisterClassW
LoadAcceleratorsA
FindWindowExA
CreateCaret
DestroyIcon
DrawStateA
mouse_event
CopyRect
OpenIcon
SetPropW
GetKeyboardLayout
LoadImageW
LoadIconA
GetScrollRange
SendMessageW
SetRectEmpty
IsDialogMessageA
GetNextDlgTabItem
FindWindowW
IsChild
EnableScrollBar
MapDialogRect
DefFrameProcW
PostMessageW
SetDlgItemTextA
PostQuitMessage
IsWindowUnicode
ClipCursor
GetMessageTime
EnumChildWindows
MessageBoxExW
RemoveMenu

gdi32

PtVisible
GetTextColor
UnrealizeObject
CreateDCW
TranslateCharsetInfo
CreatePenIndirect
StretchBlt
PolyBezier
CreateRectRgnIndirect
SetDIBColorTable
SelectObject
CreateHalftonePalette
SetPaletteEntries
GetTextMetricsA
EndDoc
RectVisible
CreateFontIndirectA
CreateBitmap
CreateDIBitmap
RealizePalette
TextOutA
GetROP2
GetPixelFormat
TextOutW
EnumFontFamiliesW
SelectClipRgn
ScaleViewportExtEx
SetDIBits
GetTextFaceW
GetStockObject
MoveToEx
GetCharWidth32W
ExtFloodFill
CreateICW
IntersectClipRect
GetTextCharsetInfo
CreateFontA
LPtoDP
CreateRoundRectRgn
GetRgnBox
GetCurrentObject
CreateBrushIndirect
SetBkColor
GetObjectA
BeginPath

Exports

Exports

?FindSizeOld@@YGMPADJPAEF<V

Sections

.text
Size: 145KB - Virtual size: 145KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 22KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

c3fe91049c87f3015815fd80c815351a

Headers

File Characteristics

PDB Paths

Imports

msvcrt

kernel32

comdlg32

comctl32

user32

gdi32

Exports

Exports

Sections

.text Size: 145KB - Virtual size: 145KB

.data Size: 22KB - Virtual size: 21KB

.rsrc Size: 512B - Virtual size: 16B

.reloc Size: 2KB - Virtual size: 1KB

.text
Size: 145KB - Virtual size: 145KB

.data
Size: 22KB - Virtual size: 21KB

.rsrc
Size: 512B - Virtual size: 16B

.reloc
Size: 2KB - Virtual size: 1KB