c19ef53d4956e3893cf707b33b3279cc_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

c19ef53d4956e3893cf707b33b3279cc_JaffaCakes118
Size

177KB
MD5

c19ef53d4956e3893cf707b33b3279cc
SHA1

0e21d62f34677ed0ec53f0813b9f67337d595f70
SHA256

c3abfadbfae5fe0f131be5dff6d55a457f6666693d80e42bd65bda1873e7450b
SHA512

960690e81fb0ea426b2bd31985a2f84f779e89a2b90272868e5ef9c2b331e0070452fe1f59bba0d2a1599e4a252ff420d602e377f3524ec45e13ada4675c512c
SSDEEP

3072:enjq26VxDpRZyotqw5f32H2zBkEpZGpfFpEKJkqvhHS0iRISSvnPIgS:eu2eXKIP2HoBAfkKFS02IxP

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c19ef53d4956e3893cf707b33b3279cc_JaffaCakes118

Files

c19ef53d4956e3893cf707b33b3279cc_JaffaCakes118
.exe windows:5 windows x86 arch:x86

5fff602c68fc99cf956107eaf8e804d3

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

U:\exgdnHqopoa\FpzxxCbCxf\QaqtKim\GyfyRrmxn.pdb

Imports

comctl32

ImageList_Draw
InitCommonControlsEx
ImageList_LoadImageW
ImageList_GetIcon
CreatePropertySheetPageW
ImageList_Remove

msvcrt

strerror
_controlfp
iswdigit
__set_app_type
wcstok
__p__fmode
__p__commode
_amsg_exit
strtoul
perror
iswspace
wcsncmp
_initterm
swscanf
qsort
fgets
isalnum
strcoll
fseek
wcstombs
_ismbblead
wcscat
towlower
_XcptFilter
malloc
strtok
_exit
mbstowcs
iswprint
ftell
wcsstr
_cexit
bsearch
srand
__setusermatherr
clearerr
setlocale
iswalpha
strcspn
calloc
localtime
wcstod
__getmainargs
wcsrchr
fputc
atol
fread

kernel32

GetTimeFormatA
ResumeThread
EnumResourceNamesA
CreateFileA
UnmapViewOfFile
GetSystemDirectoryA
DuplicateHandle
GetVersionExW
GetModuleHandleA
GetFileAttributesW
GetComputerNameA
FindResourceW
GetExitCodeThread
IsBadWritePtr
IsBadCodePtr
CreatePipe
WaitForSingleObjectEx
CreateFileMappingA
GetVersionExA
GetACP
GlobalAddAtomA
TlsFree
SetThreadLocale
TlsSetValue
LoadLibraryExW
GetSystemDefaultLangID
GetTempPathA
CloseHandle
GetCommandLineW
FileTimeToDosDateTime
DefineDosDeviceW
EscapeCommFunction
OpenEventW
CompareStringW
GetSystemWindowsDirectoryW
GlobalAlloc
CompareStringA
GetCurrentThreadId
SetCommBreak
ConvertDefaultLocale
GetShortPathNameA
HeapAlloc
GetModuleFileNameA
SuspendThread
HeapLock
GetThreadContext
CreateMailslotW
QueryDosDeviceW
LeaveCriticalSection
SetHandleInformation
DeleteFileA
CancelIo
lstrlenA
FreeLibrary

shlwapi

UrlGetPartA

user32

RemoveMenu
GetActiveWindow
ModifyMenuW
MapVirtualKeyW
GetUpdateRgn
MessageBoxA
DefWindowProcW
IsCharUpperA
AppendMenuW
CreateDialogIndirectParamW
LoadBitmapW
ShowOwnedPopups
SetForegroundWindow
LoadMenuA
GetCaretPos
SetDlgItemInt
CheckDlgButton
RegisterHotKey
CharUpperBuffA
IsCharLowerA
SetPropW
GetWindowRect
SystemParametersInfoW
SetMenu
mouse_event
DrawTextW
ToUnicodeEx
GetDCEx
LoadImageW
CheckRadioButton
GetParent
CheckMenuItem
RedrawWindow
wsprintfW
GetMessageExtraInfo
CreateIconIndirect
CallWindowProcW
PostMessageW
MapVirtualKeyA
ShowWindowAsync
CreatePopupMenu
GetSysColor
ShowCaret
PostThreadMessageW
SetMenuDefaultItem
SetUserObjectInformationW
GetSubMenu
GrayStringW
WaitForInputIdle
GetDlgItem
SetMenuItemBitmaps
EqualRect
EnumChildWindows
PeekMessageA
GetMenuItemCount
KillTimer
AdjustWindowRectEx
MessageBoxExA
GetCursorPos
BeginPaint
LoadCursorW
GetWindowLongA
AttachThreadInput
GetMonitorInfoW
CreateDialogParamA
CharNextA
CreateAcceleratorTableW
IsCharAlphaNumericW
DrawStateW
CreateIconFromResource
UnloadKeyboardLayout
DestroyCursor
LoadImageA
DialogBoxIndirectParamA
GetTopWindow
GetClassNameW
TileWindows
InSendMessageEx
GetKeyboardLayout
MessageBoxW
GetClassInfoW
IsWindowEnabled
GetMenuItemID
ShowWindow
IsDialogMessageW
IntersectRect
ChildWindowFromPoint
InsertMenuItemW
OemToCharA
FrameRect
GetMenuStringW
IsCharAlphaA
FindWindowW
DrawFocusRect
DispatchMessageW
SendInput
ArrangeIconicWindows
DrawFrameControl
ChildWindowFromPointEx
WindowFromPoint
LockWindowUpdate
GetWindowPlacement
GetKeyboardLayoutNameW
LoadAcceleratorsW
GetShellWindow
GetDoubleClickTime
ScrollWindow
CopyImage
CharNextExA
CharNextW
DestroyWindow
GetUpdateRect
TranslateAcceleratorA
LoadAcceleratorsA
LoadIconA
GetClipCursor
GetMessageTime
SetDlgItemTextA
GetKeyState
GetMessageW

comdlg32

FindTextW
PrintDlgW
GetOpenFileNameA
GetOpenFileNameW
ChooseFontW

Exports

Exports

?HistoryLoggingOn@@YGKDKPAX:O

Sections

.text
Size: 24KB - Virtual size: 23KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.cexp
Size: 512B - Virtual size: 91B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.regs
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.citab
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 2KB - Virtual size: 182KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.$dbug
Size: 512B - Virtual size: 100B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.lime
Size: 512B - Virtual size: 447B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tdat
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 140KB - Virtual size: 139KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

5fff602c68fc99cf956107eaf8e804d3

Headers

File Characteristics

PDB Paths

Imports

comctl32

msvcrt

kernel32

shlwapi

user32

comdlg32

Exports

Exports

Sections

.text Size: 24KB - Virtual size: 23KB

.cexp Size: 512B - Virtual size: 91B

.regs Size: 1KB - Virtual size: 1KB

.citab Size: 6KB - Virtual size: 5KB

.data Size: 2KB - Virtual size: 182KB

.$dbug Size: 512B - Virtual size: 100B

.lime Size: 512B - Virtual size: 447B

.tdat Size: 1KB - Virtual size: 1KB

.rsrc Size: 140KB - Virtual size: 139KB

.text
Size: 24KB - Virtual size: 23KB

.cexp
Size: 512B - Virtual size: 91B

.regs
Size: 1KB - Virtual size: 1KB

.citab
Size: 6KB - Virtual size: 5KB

.data
Size: 2KB - Virtual size: 182KB

.$dbug
Size: 512B - Virtual size: 100B

.lime
Size: 512B - Virtual size: 447B

.tdat
Size: 1KB - Virtual size: 1KB

.rsrc
Size: 140KB - Virtual size: 139KB