bd5bffe3ff87cf14eafe3b2c75937518_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

bd5bffe3ff87cf14eafe3b2c75937518_JaffaCakes118
Size

147KB
MD5

bd5bffe3ff87cf14eafe3b2c75937518
SHA1

47045709656ee808f7775ecfbcd025c018bb2d2d
SHA256

3c1e37f95c8708170784dfb4ee23f452be1050bf8be1a62460e51747b52dcac5
SHA512

16456e3eae67bda3e54bf2db5b2a0835b4646596fa8a242c19032a5e6f25cb1976eb2d22190540cc0fe9a435cb68e27949b918046889e589fe1ade653d7fbc44
SSDEEP

3072:QMND6UvZHk2Rq+d+UtChevQckwMe44rZDbzTt:D62k21+fOrMHcBn

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
bd5bffe3ff87cf14eafe3b2c75937518_JaffaCakes118

Files

bd5bffe3ff87cf14eafe3b2c75937518_JaffaCakes118
.exe windows:5 windows x86 arch:x86

de559323adc443ca2504ffebdc2b52b9

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

T:\zqWOgAT\luFarJrS\ekqNgqfovhciq\gYKwySRybmDd.pdb

Imports

msvcrt

_controlfp
towupper
__set_app_type
wcsncmp
fread
wcspbrk
__p__fmode
fwrite
tolower
towlower
isxdigit
gmtime
rand
iswctype
isspace
__p__commode
strtoul
_amsg_exit
_initterm
_ismbblead
localtime
fputc
_XcptFilter
strpbrk
fputs
wcstombs
_exit
time
sscanf
ftell
swscanf
strtok
strerror
wcstod
mbtowc
_cexit
__setusermatherr
wcscpy
strncmp
__getmainargs
setlocale
malloc
strtol
calloc
fclose
printf
mktime

user32

RemoveMenu
GetDoubleClickTime
GetForegroundWindow
GetKeyboardType
OffsetRect
LoadCursorW
ShowOwnedPopups
SetWindowLongA
SetScrollPos
GetSysColor
GetMessageW
LoadAcceleratorsW
GetMessageExtraInfo
GetMonitorInfoW
AppendMenuA
EnableMenuItem
HideCaret
SetMenu
SetUserObjectInformationW
GetMenuCheckMarkDimensions
GetKeyboardLayoutNameW
DrawEdge
GetParent
CheckRadioButton
SetCursorPos
ChildWindowFromPoint
RegisterHotKey
OpenDesktopW
RegisterClassW
GetMessageA
PostMessageA
GetMessagePos
SetMenuDefaultItem
MapVirtualKeyA
GetAsyncKeyState
LoadAcceleratorsA
SwitchToThisWindow
ModifyMenuW
GetWindowLongA
CharToOemBuffA
GetScrollPos
IsCharAlphaW
InvalidateRect
InsertMenuItemW
FindWindowExA
IsCharAlphaA
CharUpperA
GetMenuState
GetMessageTime
CharNextExA
IsCharUpperA
SendMessageW
CharLowerBuffW
GetMenuItemCount
GetSystemMetrics
CheckMenuItem
TrackPopupMenu
InSendMessage
VkKeyScanA
ClipCursor
SetScrollRange
FrameRect
CharToOemW
LoadIconA
SetPropW
IsZoomed
GetWindowPlacement
FillRect
TileWindows
keybd_event
SetDlgItemInt
LoadStringW
BringWindowToTop
DestroyWindow
EqualRect
PostQuitMessage
DestroyCaret
LookupIconIdFromDirectory
CreateCaret
SendDlgItemMessageA
MessageBoxW
wsprintfA
GetClassInfoW
GetMenuItemInfoW
DialogBoxParamW
DefFrameProcW
RegisterClassExA
SendDlgItemMessageW
GetClassNameW
LoadImageW
SetActiveWindow
HiliteMenuItem
IsCharAlphaNumericW
DefFrameProcA
GetKeyNameTextW
CharNextW
PostThreadMessageW
DrawStateA
CharNextA
SetWindowPos
DestroyMenu
IsDlgButtonChecked
mouse_event
TranslateAcceleratorA
UpdateWindow
DrawIconEx
ClientToScreen
SendInput
InsertMenuW
DefDlgProcW
LoadBitmapA
CallWindowProcW
ExitWindowsEx
SendMessageTimeoutA
CharPrevA
SetMenuItemInfoW
ScrollWindowEx
InvalidateRgn
TranslateMessage
ToUnicodeEx
ShowCaret

kernel32

GetDateFormatA
ExitThread
IsValidLocale
CallNamedPipeW
WaitForMultipleObjects
SetHandleInformation
MoveFileW
lstrcmpiW
SetEvent
GetComputerNameW
GetStdHandle
lstrcmpW
GetFullPathNameW
GetThreadContext
SetCommState
CreateRemoteThread
OpenFileMappingA
GlobalAddAtomA
GetExitCodeThread
lstrcpyA
WaitForSingleObjectEx
GetSystemDefaultUILanguage
GetAtomNameA
SetCommBreak
LocalFree
GetModuleFileNameA
HeapSize
DeleteCriticalSection
HeapWalk
SetLocalTime
GetTempPathW
SetFileAttributesA
EnterCriticalSection
SetWaitableTimer
CreateMailslotW
GetThreadPriority
FileTimeToSystemTime
RaiseException
SetupComm
IsBadWritePtr
CompareStringA
CreateFileMappingW
SetFilePointer
WaitForSingleObject
GetBinaryTypeW
SetMailslotInfo
GetFileAttributesW
lstrlenA
GetComputerNameExA
lstrcmpA
GetModuleHandleA
FormatMessageW
lstrcpynA
GetProcAddress

comdlg32

ReplaceTextW
FindTextW
ChooseColorW
PrintDlgW
GetOpenFileNameA
CommDlgExtendedError

comctl32

ImageList_Create
InitCommonControlsEx
CreatePropertySheetPageW
ImageList_Read
DestroyPropertySheetPage
ImageList_LoadImageW

Exports

Exports

?RegenerateMainValues@@YGKPBDDPAX:O

Sections

.text
Size: 22KB - Virtual size: 22KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.emnar
Size: 512B - Virtual size: 126B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.fire
Size: 1KB - Virtual size: 104KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.imper
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.wchar
Size: 512B - Virtual size: 335B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.wdata
Size: 512B - Virtual size: 192B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 113KB - Virtual size: 112KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

de559323adc443ca2504ffebdc2b52b9

Headers

File Characteristics

PDB Paths

Imports

msvcrt

user32

kernel32

comdlg32

comctl32

Exports

Exports

Sections

.text Size: 22KB - Virtual size: 22KB

.emnar Size: 512B - Virtual size: 126B

.fire Size: 1KB - Virtual size: 104KB

.data Size: 2KB - Virtual size: 1KB

.imper Size: 6KB - Virtual size: 5KB

.wchar Size: 512B - Virtual size: 335B

.wdata Size: 512B - Virtual size: 192B

.rsrc Size: 113KB - Virtual size: 112KB

.text
Size: 22KB - Virtual size: 22KB

.emnar
Size: 512B - Virtual size: 126B

.fire
Size: 1KB - Virtual size: 104KB

.data
Size: 2KB - Virtual size: 1KB

.imper
Size: 6KB - Virtual size: 5KB

.wchar
Size: 512B - Virtual size: 335B

.wdata
Size: 512B - Virtual size: 192B

.rsrc
Size: 113KB - Virtual size: 112KB