b8bc8e7587ab1dfa08ac461fa6fb2a92_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

b8bc8e7587ab1dfa08ac461fa6fb2a92_JaffaCakes118
Size

197KB
MD5

b8bc8e7587ab1dfa08ac461fa6fb2a92
SHA1

49b9bbc6c42031eff9bacd9cb4d24d719e7341b0
SHA256

16704d4b84ad214edffb8f17a4fde5e4a1b3bfbd48de06c9e2f3b97afe859b05
SHA512

1b7c2565f54c1a6f2d216ace6b7f6cfea2de53a90eb18e3412f2396c52c02737fa53325624f39ea05f525d49cedcc1dd654de1af9ec4706fbc02bb0e29c68810
SSDEEP

3072:+HH4K3EF9Or/pFlRvfJSUm9DsAhHyEAebgHtzwut1vORIh5fie69D6dAFu5u:4YK3G9SpFlRJm95hHyESH64ERCon

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b8bc8e7587ab1dfa08ac461fa6fb2a92_JaffaCakes118

Files

b8bc8e7587ab1dfa08ac461fa6fb2a92_JaffaCakes118
.exe windows:5 windows x86 arch:x86

69c7bb1020d68e496c1313074b81dce0

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

I:\vptMdntb\eDsoTNvkudibqA\JzlvbOpexujMx\zbVaRbD\aJwogetb.pdb

Imports

user32

ExitWindowsEx
DialogBoxParamW
GetMessageTime
HideCaret
ShowCursor
LoadMenuA
DeleteMenu
wvsprintfW
CharPrevW
GetDlgCtrlID
GetSysColor
wsprintfW
SendInput
SetRectEmpty
EnumWindows
GetFocus
FindWindowExA
CharToOemW
GetClientRect
DrawMenuBar
DrawFocusRect
OpenInputDesktop
OpenDesktopW
SetPropW
InvalidateRgn
ReplyMessage
AdjustWindowRectEx
GetUserObjectInformationW
GetMessagePos
SendMessageW
SetScrollRange
AppendMenuA
ShowWindow
DialogBoxParamA
CreateCursor
GetWindowLongA
SetDlgItemTextW
SetScrollPos
InSendMessage
IsDialogMessageA
IsCharAlphaNumericW
DestroyCursor
SetRect
GetKeyState

msvcrt

_controlfp
__set_app_type
atoi
strerror
fseek
printf
__p__fmode
__p__commode
_amsg_exit
wcstok
wcschr
fclose
calloc
_initterm
_acmdln
memset
exit
_ismbblead
fwrite
_XcptFilter
_exit
wcscmp
_cexit
__setusermatherr
getc
fputc
__getmainargs
iswdigit

gdi32

SetTextAlign
CreateDiscardableBitmap
GetPaletteEntries
SetDIBColorTable
GetRgnBox
SelectPalette
CreateICW
GetPixel
FillRgn
ExcludeClipRect
GetTextMetricsW
CreatePalette
PtInRegion
CreateHalftonePalette
SetRectRgn
Escape
GetTextExtentPointW
SetPixel

kernel32

OpenEventW
GetComputerNameW
GlobalGetAtomNameW
LockFile
GetModuleHandleW
RegisterWaitForSingleObject
DuplicateHandle
WaitForMultipleObjectsEx
GetShortPathNameA
lstrcatA
GetVersionExA
OpenEventA
WaitForMultipleObjects
CreateThread
ConnectNamedPipe
QueryDosDeviceW
LCMapStringW
SetCurrentDirectoryA
GetFileAttributesExW
IsValidLanguageGroup
MoveFileA

comctl32

InitCommonControlsEx
CreatePropertySheetPageA
ImageList_Remove
ImageList_Destroy
ImageList_GetIconSize

shlwapi

PathRelativePathToA

Exports

Exports

?AddPenA@@YGPAIJPAFM*Z
?IsNotMessageOriginal@@YGEPAFM_N*Z
?ModifyThreadEx@@YGPAGJEF*Z
?SetTimeNew@@YGNFNH*Z
?RemoveArgumentW@@YGDPADPAGH*Z
?CrtListItemExW@@YGNMKKN*Z
?GetProfile@@YGPAHNPADPAH*Z
?ShowPathExW@@YGJKE*Z
?CallVersionA@@YGPAHKPAFPAI*Z
?ValidateFunctionNew@@YGIPAKPAHPAM*Z
?FormatMutexExA@@YGPAKFE*Z

Sections

.text
Size: 166KB - Virtual size: 166KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.dir_e
Size: 512B - Virtual size: 487B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.port_i
Size: 512B - Virtual size: 492B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.dbug
Size: 512B - Virtual size: 28B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.dir_i
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 95KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.dir_v
Size: 512B - Virtual size: 140B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.dir_pt
Size: 512B - Virtual size: 140B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.dir_st
Size: 14KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

69c7bb1020d68e496c1313074b81dce0

Headers

File Characteristics

PDB Paths

Imports

user32

msvcrt

gdi32

kernel32

comctl32

shlwapi

Exports

Exports

Sections

.text Size: 166KB - Virtual size: 166KB

.dir_e Size: 512B - Virtual size: 487B

.port_i Size: 512B - Virtual size: 492B

.dbug Size: 512B - Virtual size: 28B

.dir_i Size: 2KB - Virtual size: 2KB

.data Size: 2KB - Virtual size: 95KB

.dir_v Size: 512B - Virtual size: 140B

.dir_pt Size: 512B - Virtual size: 140B

.dir_st Size: 14KB - Virtual size: 13KB

.rsrc Size: 6KB - Virtual size: 6KB

.reloc Size: 2KB - Virtual size: 1KB

.text
Size: 166KB - Virtual size: 166KB

.dir_e
Size: 512B - Virtual size: 487B

.port_i
Size: 512B - Virtual size: 492B

.dbug
Size: 512B - Virtual size: 28B

.dir_i
Size: 2KB - Virtual size: 2KB

.data
Size: 2KB - Virtual size: 95KB

.dir_v
Size: 512B - Virtual size: 140B

.dir_pt
Size: 512B - Virtual size: 140B

.dir_st
Size: 14KB - Virtual size: 13KB

.rsrc
Size: 6KB - Virtual size: 6KB

.reloc
Size: 2KB - Virtual size: 1KB