ba74b47729ad7a83038613894bc809fd_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

ba74b47729ad7a83038613894bc809fd_JaffaCakes118
Size

223KB
MD5

ba74b47729ad7a83038613894bc809fd
SHA1

c95c2e109ab8c933b06007d13d515001b890f6e3
SHA256

e1058c6a1adcfa59fa25132d52c18bb69d9ce39d864fad179ee9881a9fe7b689
SHA512

6c393e5b4700dfae608b1d053bd329e3e227903741e67f085f976e6bea9f060b33162853841049e9df50d79376b3327f566a2a82779b3f6ade27e2a3e4c71b36
SSDEEP

3072:jl2nJr7QcPTvQqOxnWkm468r/QDb7B4OPcirSrWph7jEaH3/KdMe0cM23hibZw:jAB7QcTnOxn+n4OPcjrc33SB0cMWiC

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ba74b47729ad7a83038613894bc809fd_JaffaCakes118

Files

ba74b47729ad7a83038613894bc809fd_JaffaCakes118
.exe windows:5 windows x86 arch:x86

e4e6f64bff3ce012f6ebfa092cb5db7e

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

E:\mfFtGYhcvGl\slheAQGJij\VwxPWmR\ftCfqez.pdb

Imports

comctl32

ImageList_Write
ImageList_AddMasked
ImageList_SetIconSize
ImageList_Remove
ImageList_Draw

gdi32

GetTextExtentPoint32A
StretchDIBits
OffsetRgn
DPtoLP
Rectangle
GetROP2
TextOutW
SetDIBits
Escape
CreateCompatibleDC
SetStretchBltMode
SelectClipRgn
CombineRgn
TranslateCharsetInfo
GetViewportOrgEx
SetWindowOrgEx
SetLayout
CreateRectRgnIndirect
GetNearestPaletteIndex
EndPage
SetPixel
RoundRect
PolyBezier
WidenPath
AddFontResourceW
LineDDA
StartDocW
CreatePen
SetBrushOrgEx
SetROP2
ResizePalette
ExcludeClipRect
CreateRectRgn
SelectObject
GetBitmapBits

msvcrt

wcsncpy
clearerr
localtime
vswprintf
isalnum
_controlfp
__set_app_type
ftell
__p__fmode
__p__commode
atoi
_amsg_exit
strpbrk
_initterm
_acmdln
wcsncmp
strchr
perror
realloc
strtok
wcstombs
atol
strstr
fseek
putc
gmtime
exit
_ismbblead
_XcptFilter
_exit
isspace
_cexit
puts
__setusermatherr
strtoul
__getmainargs
getc
iswspace
wcspbrk

kernel32

GetComputerNameW
ReadFile
FindNextChangeNotification
lstrcatA
HeapUnlock
EnumResourceTypesA
WaitForMultipleObjectsEx
GlobalLock
FindCloseChangeNotification
SetCommTimeouts
GlobalMemoryStatusEx
DeleteFileW
HeapLock
GetWindowsDirectoryA
ConvertDefaultLocale
FindResourceW
CreateSemaphoreW
CreateNamedPipeW
AddAtomA
GetCurrentThread
GetVersion
BuildCommDCBAndTimeoutsW
CreateMutexW
FindFirstFileA
SearchPathW
GetComputerNameExW
ResetEvent
GetBinaryTypeA
GetThreadContext
GetDateFormatA
VirtualQuery
GetWindowsDirectoryW
GlobalGetAtomNameA
CreateSemaphoreA
IsBadCodePtr
LeaveCriticalSection
PulseEvent
lstrcpyA
GetThreadLocale
lstrcmpW

user32

EnumThreadWindows
MessageBoxExW
IsCharLowerA
GetAsyncKeyState
GetClassLongW
SetScrollPos
IntersectRect
ToUnicodeEx
GetForegroundWindow
InsertMenuItemW
SetCursor
GetKeyboardLayoutNameW
UnionRect
SendInput
GetSysColorBrush
CreateDialogParamA
SetCursorPos
TranslateMessage
RegisterClassExA
GetClassInfoA
DestroyCursor
ChildWindowFromPoint
InternalGetWindowText
GetUpdateRgn
EndPaint
SendDlgItemMessageW
IsChild
LoadMenuW
GetClipCursor
CreateWindowExA
SendNotifyMessageW
GetUpdateRect
SetScrollRange
DeferWindowPos
MonitorFromRect
CheckDlgButton
DrawAnimatedRects
SetWindowRgn
LoadIconA
TrackPopupMenu
ReleaseDC
keybd_event
CallWindowProcW
GetUserObjectInformationW
CreateWindowExW
CharLowerBuffW
GrayStringW
TrackPopupMenuEx
DestroyAcceleratorTable
DestroyWindow
BeginDeferWindowPos
AllowSetForegroundWindow
RegisterHotKey
EnumChildWindows
GetScrollInfo
GetKeyNameTextW
IsWindowUnicode
GetWindowTextLengthW
GetWindowRect
DestroyIcon
GetMenuItemInfoW
GetMessageTime
SetSysColors
RemovePropW
LoadStringA
ActivateKeyboardLayout
AppendMenuA
DrawStateA
PeekMessageW
InvalidateRgn
GetDlgCtrlID
ModifyMenuW
SetClassLongW
GetNextDlgTabItem
GetCursorPos
WaitForInputIdle
IsRectEmpty
KillTimer
MessageBoxW
IsDialogMessageA
SetWindowLongW
GetDlgItem
DragObject
WindowFromPoint
EqualRect
UnloadKeyboardLayout

comdlg32

ChooseColorW
PageSetupDlgW
FindTextW
ReplaceTextW

Exports

Exports

?ReleaseSemaphoreQWiieiuIUDf@@YGKEPA_WG@Z
?ReleaseSemaphoreUDIOijlkdLI@@YGKEPA_WG@Z
?ReleaseSemaphoreUDSuJDJKDOIUD@@YGKEPA_WG@Z
?ReleaseSemaphoreUkudkKJDiu@@YGKEPA_WG@Z

Sections

.text
Size: 89KB - Virtual size: 88KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 129KB - Virtual size: 128KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 1KB - Virtual size: 62KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e4e6f64bff3ce012f6ebfa092cb5db7e

Headers

File Characteristics

PDB Paths

Imports

comctl32

gdi32

msvcrt

kernel32

user32

comdlg32

Exports

Exports

Sections

.text Size: 89KB - Virtual size: 88KB

.data Size: 129KB - Virtual size: 128KB

.rdata Size: 1KB - Virtual size: 62KB

.rsrc Size: 512B - Virtual size: 16B

.reloc Size: 2KB - Virtual size: 1KB

.text
Size: 89KB - Virtual size: 88KB

.data
Size: 129KB - Virtual size: 128KB

.rdata
Size: 1KB - Virtual size: 62KB

.rsrc
Size: 512B - Virtual size: 16B

.reloc
Size: 2KB - Virtual size: 1KB