bbbaaba0291d92f82dd1068c999f148a_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

bbbaaba0291d92f82dd1068c999f148a_JaffaCakes118
Size

221KB
MD5

bbbaaba0291d92f82dd1068c999f148a
SHA1

cbf35d3a13112fad6d3da95f228e5fb220f8e612
SHA256

f02ccf3177c4d7c148ec636335872acada811842d4591480f230b816ffdcf2ec
SHA512

8ccaae022ae9e6f3a4d234148bd7199927636bef12048345bc0e1fd4d837d052585bf8e82d2a483d038d3fd0767295944d3bac99327a02fff336e3e84f082912
SSDEEP

6144:ELqw6uxEFtp3fr3OvpD1UeSJRQcVx+T2JqLDk7O:fw6Iitpz3O/kVx+SgM

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
bbbaaba0291d92f82dd1068c999f148a_JaffaCakes118

Files

bbbaaba0291d92f82dd1068c999f148a_JaffaCakes118
.exe windows:5 windows x86 arch:x86

67c5858d3e534ef91589ec284a251055

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

N:\vWgzEyuiUqxRj\cJRhelsudx\csAEieK\IpXiBRXykMbyX\feerzyeQB.pdb

Imports

comdlg32

GetOpenFileNameW
FindTextW
CommDlgExtendedError
PrintDlgExW
GetOpenFileNameA

gdi32

DPtoLP
SetMapMode
CreatePatternBrush
GetNearestColor
RemoveFontResourceW
ExcludeClipRect
EndDoc
EnumFontFamiliesExW
GetBkMode
UnrealizeObject
CreateRectRgnIndirect
GetWindowOrgEx
TextOutW
LineDDA
CreateFontA
GetBitmapBits
SetViewportOrgEx
GetTextExtentPointW
CreateDCW
CreateEllipticRgnIndirect
GetPaletteEntries
CreateCompatibleDC
OffsetRgn
GetNearestPaletteIndex
CreateDIBitmap
GetDIBColorTable
SetViewportExtEx
GetRgnBox
TranslateCharsetInfo
CreateFontW
GetTextMetricsW
PatBlt
SetBrushOrgEx
GetTextFaceW
Ellipse
SetBitmapBits
GetPixel
Polyline
GetTextExtentPoint32W
OffsetViewportOrgEx
CreateICW
StretchDIBits
PtInRegion
AddFontResourceW
CreateBrushIndirect
ExtFloodFill
ScaleViewportExtEx

user32

LoadBitmapA
CharUpperA
DrawFrameControl
AttachThreadInput
ShowScrollBar
RegisterClassExW
IntersectRect
DestroyAcceleratorTable
ReleaseDC
MessageBoxExW
CharUpperBuffA
CharPrevW
GetActiveWindow
SetMenuItemInfoW
GetSystemMetrics
LockWindowUpdate
SetMenu
BeginPaint
CallWindowProcA
ShowCaret
LoadAcceleratorsW
GetScrollRange
SetActiveWindow
GetWindowPlacement
SendNotifyMessageW
ShowWindowAsync
DestroyWindow
LoadCursorA
GetKeyboardType
SetWindowLongA
GetFocus
CreateWindowExA
SetLastErrorEx
ModifyMenuW
GetDoubleClickTime
CharLowerA
WindowFromPoint
RegisterWindowMessageW
AllowSetForegroundWindow
ShowCursor
AppendMenuA
wvsprintfW
GetPropW
GetDCEx
GetUpdateRect
SetPropW
DeleteMenu
LoadAcceleratorsA
EqualRect
SendMessageA
CharUpperBuffW
FillRect
GrayStringW
mouse_event
EnableWindow
GetKeyboardLayoutList
BeginDeferWindowPos
AdjustWindowRect
DestroyIcon
CreateDialogParamW
RegisterClassW
SetDlgItemInt
MonitorFromPoint
TranslateMessage
OpenInputDesktop
IsChild
MessageBoxW
SetWindowPlacement
IsWindowEnabled
GetDlgItem
InsertMenuW
GetSysColorBrush
GetClassNameW
keybd_event
CheckRadioButton
DrawStateA
FindWindowExA
TrackPopupMenuEx
LoadImageA
ReplyMessage
LoadBitmapW
CharNextExA
SetDlgItemTextW
GetClassLongA
GetNextDlgTabItem
DispatchMessageA
FindWindowExW
IsIconic
DrawEdge
InternalGetWindowText
DeferWindowPos
SwitchToThisWindow
GetKeyNameTextW
SwapMouseButton
DrawIconEx
DrawMenuBar
CreateAcceleratorTableW
DrawTextExW
GetClassInfoA
EndTask
SetUserObjectInformationW
EndDialog
MapVirtualKeyW
TranslateAcceleratorW
IsZoomed
BringWindowToTop
InflateRect
SetCursorPos
DestroyCursor
IsCharLowerA
SetScrollPos

msvcrt

getc
wcscat
_controlfp
rand
__set_app_type
sprintf
printf
isspace
__p__fmode
time
__p__commode
strtol
_amsg_exit
isalnum
_initterm
wcscspn
_acmdln
wcscoll
srand
fwrite
strcoll
fprintf
exit
isxdigit
gmtime
vswprintf
_ismbblead
fseek
bsearch
_XcptFilter
_exit
mbstowcs
strncmp
iswalpha
isupper
strpbrk
wcsncpy
swprintf
_cexit
iswprint
wcstod
__setusermatherr
towupper
vsprintf
ungetc
__getmainargs

kernel32

lstrlenA
CreateFileA
WriteFile
SetSystemTime
SetCommState
FileTimeToLocalFileTime
GetThreadPriority
GetLocaleInfoW
GetCurrentProcessId
SetEvent
SetCommTimeouts
ExitThread
GetCommandLineW
OpenProcess
GetShortPathNameW
OpenFile
GetFileAttributesExA
GetLocalTime
GlobalReAlloc
HeapFree
TerminateThread
CreateDirectoryA
LoadLibraryExA
GetFileInformationByHandle
RegisterWaitForSingleObject
DeleteFileW
UnmapViewOfFile
GetCurrentDirectoryW
GlobalCompact
FindFirstFileW
VerifyVersionInfoW
CreateWaitableTimerW
GetSystemWindowsDirectoryW
SleepEx
RemoveDirectoryW
ClearCommError
GlobalLock
EnumResourceNamesA
SetFileAttributesA
CreateMutexW
GetExitCodeProcess
TlsGetValue
lstrcmpW
VerSetConditionMask
GetOverlappedResult
GetTimeZoneInformation
GlobalFindAtomW
GetSystemWindowsDirectoryA
GetModuleHandleA
GetCommConfig
GetAtomNameW
ReadConsoleInputW
DeleteCriticalSection
ReleaseSemaphore
GetNumberFormatW

Exports

Exports

?InvalidateKeyboardNew@@YGM_NPAIPAEH&U
?CloseFunctionOld@@YGPAXPAGPAF&U
?SendCommandLineExW@@YGPAXIPAI&U
?GlobalHeaderW@@YGPAXHPAE&U
?ConfigEx@@YGIF&U
?PutDirectoryExA@@YGPAHFDK&U
?KillPathNew@@YGNPAKGPA_N&U
?RtlMutex@@YGEFGE&U
?RemoveArgumentExW@@YGPAJKD&U
?GlobalClassExA@@YGPAKPAEPAMIM&U
?FreeDialogA@@YGPAXMPAMPAG&U
?RemoveTimeEx@@YGPAXPAMPAH&U
?GlobalPointW@@YGPAGE&U
?LoadKeyboardNew@@YGPAJK&U
?ShowPointNew@@YGNPAHPAIH&U
?CallHeightNew@@YGJI&U
?CloseDirectoryExW@@YGPA_NJF&U
?HideListItemOriginal@@YGPAIPAJJ&U
?CallStateNew@@YGPA_NIH&U
?CloseFolderPathA@@YGKJPADPAD&U
?ValueA@@YGPAHGE&U
?CopyValueEx@@YGPAXPAMPAM&U
?GlobalMutantW@@YGKIPAJ&U
?FolderA@@YGPADJD&U
?ValidateTaskOriginal@@YGGPADGE&U
?ShowSystemOld@@YGPAJPAJF&U
?GenerateMemoryExW@@YGGDPAH&U
?SetKeyboardExA@@YGFGNNJ&U
?PutKeyboardEx@@YGPAJ_N&U
?CrtFunctionOld@@YGMPAEIPADPAM&U
?CancelComponentA@@YGMKF_N&U
?IsValidCharExA@@YGPAXGMDE&U
?RemoveWindowEx@@YGPAED&U
?DecrementPointerW@@YGGPAG&U

Sections

.text
Size: 192KB - Virtual size: 192KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tbl_i
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tbl_e
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bitdat2
Size: 512B - Virtual size: 32B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bitdat0
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bitdat1
Size: 512B - Virtual size: 44B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.vptr4
Size: 512B - Virtual size: 32B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 1024B - Virtual size: 829B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

67c5858d3e534ef91589ec284a251055

Headers

File Characteristics

PDB Paths

Imports

comdlg32

gdi32

user32

msvcrt

kernel32

Exports

Exports

Sections

.text Size: 192KB - Virtual size: 192KB

.tbl_i Size: 1KB - Virtual size: 1KB

.tbl_e Size: 1KB - Virtual size: 1KB

.bitdat2 Size: 512B - Virtual size: 32B

.bitdat0 Size: 5KB - Virtual size: 5KB

.bitdat1 Size: 512B - Virtual size: 44B

.vptr4 Size: 512B - Virtual size: 32B

.data Size: 13KB - Virtual size: 13KB

.rdata Size: 1024B - Virtual size: 829B

.rsrc Size: 512B - Virtual size: 16B

.reloc Size: 2KB - Virtual size: 2KB

.text
Size: 192KB - Virtual size: 192KB

.tbl_i
Size: 1KB - Virtual size: 1KB

.tbl_e
Size: 1KB - Virtual size: 1KB

.bitdat2
Size: 512B - Virtual size: 32B

.bitdat0
Size: 5KB - Virtual size: 5KB

.bitdat1
Size: 512B - Virtual size: 44B

.vptr4
Size: 512B - Virtual size: 32B

.data
Size: 13KB - Virtual size: 13KB

.rdata
Size: 1024B - Virtual size: 829B

.rsrc
Size: 512B - Virtual size: 16B

.reloc
Size: 2KB - Virtual size: 2KB