be52665a27d30a16c230d67afcda6fc9_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

be52665a27d30a16c230d67afcda6fc9_JaffaCakes118
Size

176KB
MD5

be52665a27d30a16c230d67afcda6fc9
SHA1

c7cf287247423e6b88a4eff46131c3526756f511
SHA256

f4899bca0a6a2113354c029aa14eb4034054c3aedf1bfa3246966e3137c6cc96
SHA512

b474da403a8e42fb6560faa94643cfe4fc11ed3a7a7f1b02a8418f1f7a76956a357c80add75078dca26acdc35096836621bc4804378ae6bf93b2d69b9b809d13
SSDEEP

3072:3odO68me8Eq4vrf6ZeMK548asVJNTV+4T4HnInNS/jLuemrrW:I8me85ahnNhrTankS/j+rr

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
be52665a27d30a16c230d67afcda6fc9_JaffaCakes118

Files

be52665a27d30a16c230d67afcda6fc9_JaffaCakes118
.exe windows:5 windows x86 arch:x86

cf0ea29093f43fc7f73e8d70af5397f7

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

C:\thpziml\BizMWKDjloOs\WPdwXXuxrishgl\LrfwjeBx\fkPyZCyxr.pdb

Imports

user32

CreateCaret
SwitchToThisWindow
LoadIconA
ShowWindow
CharLowerBuffW
SetWindowLongW
GetClassInfoW
GetKeyState
VkKeyScanA
LoadStringW
DefWindowProcA
CheckDlgButton
EndPaint
DeferWindowPos
CloseDesktop
SetCaretPos
EnumChildWindows
WaitMessage
GetMenu
PostMessageW
LockWindowUpdate
GetClientRect
KillTimer
CascadeWindows
SendDlgItemMessageA
keybd_event
HiliteMenuItem
CharNextW
CheckRadioButton
SetMenuItemInfoW
FillRect
GetScrollPos
PostQuitMessage
GrayStringW
CharToOemW
GetClassNameW
DefWindowProcW
WindowFromPoint
GetMenuItemID
DragObject
GetDlgItemTextW
SendNotifyMessageW
FrameRect
SetWindowTextA
GetWindowTextLengthW
GetClassInfoA
GetMessageA
GetKeyboardLayoutList
CreateIconIndirect
SetPropW
ReplyMessage
RegisterClassExW
InflateRect
CreateMenu
BringWindowToTop
GetUpdateRgn
GetLastActivePopup
SetRectEmpty
RegisterHotKey
GetMenuStringA
IsWindowEnabled
SetForegroundWindow
RegisterClassW
CharUpperA
GetClipCursor
GetWindowPlacement
SetMenuDefaultItem
DrawTextExW
DefDlgProcA
IsCharAlphaW
WaitForInputIdle
SetUserObjectInformationW
DestroyAcceleratorTable
FindWindowW
GetMessageW
SetTimer
ShowCursor
IsCharAlphaA
IsDialogMessageW
RegisterClassA
GetUserObjectInformationW
IsChild
CharNextExA
GetClassInfoExW
IsDialogMessageA
CopyImage
wvsprintfW
OpenIcon
GetForegroundWindow
ExitWindowsEx
SetDlgItemTextW
GetKeyboardLayout
GetKeyboardLayoutNameW
GetNextDlgGroupItem
PeekMessageA
SetWindowLongA
IsIconic
OffsetRect
ChangeMenuW
GetMenuState
InvertRect
RegisterClassExA
UpdateWindow
SystemParametersInfoA
GetMessageTime
ScrollWindowEx
GetDoubleClickTime
AppendMenuA
AdjustWindowRect
GetTopWindow
SetMenu
FindWindowExA
ClipCursor
MessageBoxA
CharLowerA
LookupIconIdFromDirectory
SetScrollRange
RemoveMenu
CallWindowProcA
GetClassLongW

msvcrt

strcspn
_controlfp
qsort
clearerr
__set_app_type
ungetc
fwrite
iswspace
floor
iswprint
strcoll
strncpy
iswxdigit
wcsstr
__p__fmode
setvbuf
sprintf
__p__commode
fgets
_amsg_exit
gmtime
wcslen
_initterm
_ismbblead
_XcptFilter
ftell
wcschr
sscanf
_exit
wcscat
isalnum
isprint
fprintf
_cexit
__setusermatherr
iswalpha
islower
fflush
fseek
wcsrchr
__getmainargs
bsearch
wcstok
printf
wcscspn
fread
getenv

comdlg32

ChooseColorW
PageSetupDlgW
FindTextW
GetOpenFileNameW
PrintDlgW

kernel32

GetDateFormatW
GetTimeZoneInformation
HeapAlloc
CompareStringA
lstrlenA
UnmapViewOfFile
GetVersion
GlobalAddAtomA
SetThreadAffinityMask
GlobalReAlloc
CreateFileA
GetModuleHandleA
GetAtomNameW
GlobalAlloc
WaitCommEvent
IsValidLocale
WaitForMultipleObjects
IsDBCSLeadByte
LocalSize
SetCurrentDirectoryW
ReleaseSemaphore
GetModuleHandleW
PulseEvent
GetCommConfig
GetPriorityClass
UnlockFile
HeapWalk
CreateFileMappingA
SystemTimeToFileTime
GetCurrentThread
FindResourceA
SetFileAttributesW
GetAtomNameA
GetCompressedFileSizeW
GlobalDeleteAtom
GetExitCodeThread
QueryPerformanceCounter
DeleteFileW
GetLocaleInfoW
SetEvent
RemoveDirectoryW
RaiseException
FreeResource
SetupComm
FindResourceW
GetTempFileNameW
GetStringTypeExW
CreateNamedPipeA
SetCommMask
GetModuleFileNameA
GetFileInformationByHandle
TlsFree
lstrcmpW
EnumResourceLanguagesA
GetUserDefaultLangID

comctl32

ImageList_Draw
InitCommonControlsEx
PropertySheetA
ImageList_Read
ImageList_ReplaceIcon
ImageList_GetIcon

Exports

Exports

?RegenerateMainValues@@YGKPBDDPAX:O

Sections

.text
Size: 22KB - Virtual size: 21KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.emnar
Size: 512B - Virtual size: 126B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.fire
Size: 1KB - Virtual size: 187KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.imper
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.wchar
Size: 1024B - Virtual size: 707B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.wdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 141KB - Virtual size: 140KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

cf0ea29093f43fc7f73e8d70af5397f7

Headers

File Characteristics

PDB Paths

Imports

user32

msvcrt

comdlg32

kernel32

comctl32

Exports

Exports

Sections

.text Size: 22KB - Virtual size: 21KB

.emnar Size: 512B - Virtual size: 126B

.fire Size: 1KB - Virtual size: 187KB

.data Size: 2KB - Virtual size: 1KB

.imper Size: 6KB - Virtual size: 5KB

.wchar Size: 1024B - Virtual size: 707B

.wdata Size: 1KB - Virtual size: 1KB

.rsrc Size: 141KB - Virtual size: 140KB

.text
Size: 22KB - Virtual size: 21KB

.emnar
Size: 512B - Virtual size: 126B

.fire
Size: 1KB - Virtual size: 187KB

.data
Size: 2KB - Virtual size: 1KB

.imper
Size: 6KB - Virtual size: 5KB

.wchar
Size: 1024B - Virtual size: 707B

.wdata
Size: 1KB - Virtual size: 1KB

.rsrc
Size: 141KB - Virtual size: 140KB