ba65c8a4f16969465a5b11137aca884e_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

ba65c8a4f16969465a5b11137aca884e_JaffaCakes118
Size

206KB
MD5

ba65c8a4f16969465a5b11137aca884e
SHA1

f4064e93eb02d748a9aa5031fb1a0f9602ef1ab4
SHA256

238a3fec331af1e7ef2db4dac68d05e28eaa6236f88d02caf47fb0c7c8392514
SHA512

405a7537f0f03fec94298dfe5ad048b39ed1d943ddb8b2bc689ebc33b9117f0bd453f90b78b2cf5c854e7af1a15dac35d3d577d03b0cc574dd35b80c53b0349d
SSDEEP

3072:r8pIZRtf4rG+g+H45EoTLZ19grIkrtT8YBKBJvgsZaSUc8Y6YqJxabBFZG:r5XQy+miA9grIkZgYBKvvvZME68bBFM

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ba65c8a4f16969465a5b11137aca884e_JaffaCakes118

Files

ba65c8a4f16969465a5b11137aca884e_JaffaCakes118
.exe windows:5 windows x86 arch:x86

6621b835561a627389e22b3a321633d8

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

Q:\xXmcfvgzt\EFJbjgah\jwlbdhpabwe.pdb

Imports

user32

RegisterClassW
GetScrollPos
LoadBitmapA
ClipCursor
SetMenuDefaultItem
SetSysColors
IsWindowVisible
GetWindow
IsWindowEnabled
OpenIcon
LoadCursorA
TranslateAcceleratorW
CreatePopupMenu
CharUpperA
IsWindowUnicode
GetMessageExtraInfo
CloseDesktop
OpenInputDesktop
SystemParametersInfoA
SetMenuItemInfoW
ReleaseDC
InvalidateRect
SwitchToThisWindow
KillTimer
keybd_event
CheckRadioButton
IsRectEmpty
IsCharAlphaNumericW
DrawMenuBar
TabbedTextOutW
GetDCEx
SetWindowRgn
DestroyAcceleratorTable
SetPropW
PtInRect
SetUserObjectInformationW
PeekMessageA
CharToOemW
InflateRect
DrawIcon
DrawFrameControl
GetNextDlgGroupItem
SendInput
DefFrameProcA
DefWindowProcA
DialogBoxParamA
RegisterClassA
CopyAcceleratorTableW
GetSystemMenu
DrawStateW
FindWindowA
CreateWindowExA
EnableWindow
CharUpperW
RegisterHotKey
AdjustWindowRectEx
MessageBoxW
MessageBoxExA
GetTopWindow
SetMenu
FindWindowExA
LoadMenuA
MessageBoxA
EqualRect
ToUnicodeEx
GetWindowTextLengthW
TileWindows
GetClipCursor
MapDialogRect
LoadStringA
HiliteMenuItem
GetMenuItemCount
LookupIconIdFromDirectory
IntersectRect
GetDoubleClickTime
GetKeyboardType
GetAsyncKeyState
CharLowerBuffW
DialogBoxParamW
CharLowerW
ChangeMenuW
LockWindowUpdate
IsWindow
MapVirtualKeyExW
SetRectEmpty
GetClassLongA
MapWindowPoints
TranslateAcceleratorA
CheckMenuRadioItem
SetScrollInfo
AllowSetForegroundWindow
DispatchMessageA
CharNextW
FrameRect
OffsetRect
InvalidateRgn
SetForegroundWindow
SetActiveWindow
IsChild
UnloadKeyboardLayout
IsIconic
GetMenuStringA
LoadMenuW
RegisterWindowMessageW
SetCursor
GetMessageW
GetForegroundWindow
CreateDialogParamW
GetClassLongW

kernel32

RemoveDirectoryW
LeaveCriticalSection
SetFileAttributesW
VirtualQuery
HeapCreate
SetCurrentDirectoryA
OpenEventA
lstrlenA
GetThreadLocale
UnhandledExceptionFilter
VirtualFree
GetComputerNameA
CreateEventW
CancelIo
UnmapViewOfFile
Sleep
GetLastError
GetProcAddress
FreeLibrary
GetDateFormatA
GetTimeFormatA
VerifyVersionInfoW
GlobalReAlloc
CreateMailslotW
SetCommTimeouts
GetSystemTime
GetSystemDirectoryW
IsBadReadPtr
HeapAlloc
EnumResourceTypesA
LoadLibraryExA
CompareStringA
SetErrorMode
CreateRemoteThread
GlobalFlags
WaitForSingleObject
GetNumberFormatW
WideCharToMultiByte
GetSystemDefaultUILanguage
GetWindowsDirectoryW
AddAtomA
ClearCommError
lstrcmpiA
SetThreadContext
CreateWaitableTimerA
lstrcmpiW
CreateFileW
SizeofResource
LoadLibraryW
GetACP
LockFile

comdlg32

ChooseFontW
PrintDlgW
GetOpenFileNameW
FindTextW

msvcrt

_controlfp
__set_app_type
__p__fmode
fgetc
__p__commode
mbstowcs
_amsg_exit
fseek
_initterm
wcstok
isalnum
time
wcscat
strcpy
strcoll
wcstombs
clearerr
strcspn
strchr
swscanf
_ismbblead
qsort
towlower
malloc
system
wcspbrk
vswprintf
_XcptFilter
vsprintf
fputc
localtime
fflush
wcschr
_exit
calloc
setvbuf
isprint
ungetc
wcstoul
_cexit
bsearch
__setusermatherr
__getmainargs
putchar

comctl32

InitCommonControlsEx
ImageList_LoadImageW
CreatePropertySheetPageW
ImageList_ReplaceIcon
ImageList_GetIconSize
ImageList_GetIcon

gdi32

EnumFontFamiliesExW
SetDIBColorTable
ExtTextOutW
CreateICW
CombineRgn
DeleteDC
GetDeviceCaps
GetBitmapBits
SaveDC
BeginPath
GetTextExtentPoint32A
CreatePolygonRgn
CreateDIBitmap
DeleteObject
GetPixel
CreateBrushIndirect
GetTextMetricsA
CreateBitmap
SetBitmapDimensionEx
CreateFontIndirectA
SelectPalette
RoundRect
CreateSolidBrush
GetCurrentObject
CreateRectRgn
SetAbortProc
SelectClipRgn
CreateFontW
EnumFontsW
GetFontData
MoveToEx
GetPaletteEntries
TextOutW
SetBitmapBits
PatBlt
OffsetViewportOrgEx
FillRgn
CreateEllipticRgnIndirect
GetTextExtentPointW
ResizePalette
SetBrushOrgEx
OffsetRgn
TextOutA
RealizePalette

shlwapi

PathFindExtensionA

Exports

Exports

?GenerateState@@YGPAJPAFHMPAF<V

Sections

.text
Size: 68KB - Virtual size: 67KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 134KB - Virtual size: 199KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

6621b835561a627389e22b3a321633d8

Headers

File Characteristics

PDB Paths

Imports

user32

kernel32

comdlg32

msvcrt

comctl32

gdi32

shlwapi

Exports

Exports

Sections

.text Size: 68KB - Virtual size: 67KB

.data Size: 134KB - Virtual size: 199KB

.rsrc Size: 512B - Virtual size: 16B

.reloc Size: 2KB - Virtual size: 1KB

.text
Size: 68KB - Virtual size: 67KB

.data
Size: 134KB - Virtual size: 199KB

.rsrc
Size: 512B - Virtual size: 16B

.reloc
Size: 2KB - Virtual size: 1KB