c27c4922acdb86d4f7153e4af47ba293_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

c27c4922acdb86d4f7153e4af47ba293_JaffaCakes118
Size

61KB
MD5

c27c4922acdb86d4f7153e4af47ba293
SHA1

d6f972cc45b64c3fdfd3730f8711b0aac9cf0b36
SHA256

49ab9eaad75b10569f9d61b0745001fc9fac4f3c3d3d52af3601622681a389c2
SHA512

17584ab4e690f2298df40472daa7e04fe4a5a2812223c22d6810e5f63d970af43b9d145b7aec8a558f51c83c564943711c60491f3385dd7d4dc1678db903dd3e
SSDEEP

1536:cr5lUN64sXxDx+OqHhZKJHPE8Tlx5UtV+zg6aAcv:ce6VxD0ZKO8TI+z

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c27c4922acdb86d4f7153e4af47ba293_JaffaCakes118

Files

c27c4922acdb86d4f7153e4af47ba293_JaffaCakes118
.exe windows:5 windows x86 arch:x86

11c746cc2131c8aaa588b3606476d0f3

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

X:\qmleuzqjmyskuk\mrrjPoy\gxWNnQQha\HJhElEjm.pdb

Imports

kernel32

GetModuleFileNameA
HeapWalk
lstrcmpiW
FormatMessageA
lstrlenA
VirtualProtect
lstrcmpW
CreateDirectoryA
EnterCriticalSection
DeleteFileW
SetUnhandledExceptionFilter
CancelIo
CreateNamedPipeW
DefineDosDeviceW
GetLocaleInfoW
GetCommandLineW
MulDiv
GlobalUnlock
GetModuleHandleA
LoadResource
GetHandleInformation
SetThreadAffinityMask
GetModuleHandleW
CreateFileMappingA
GetCommState
SetCommBreak
CopyFileA
SearchPathW
LeaveCriticalSection
SetMailslotInfo
GlobalMemoryStatus
UnlockFile
SizeofResource
DeleteCriticalSection
SetSystemTime
SetNamedPipeHandleState
AddAtomA
FlushViewOfFile
GetLastError
SetCommMask

msvcrt

time
system
strtok
_controlfp
wcsncmp
__set_app_type
wcstoul
__p__fmode
atol
__p__commode
_amsg_exit
gets
_initterm
_ismbblead
_XcptFilter
fprintf
rand
strstr
_exit
wcscat
ungetc
localtime
atoi
_cexit
wcstok
isalnum
vswprintf
fputs
sscanf
wcsstr
__setusermatherr
strtoul
iswspace
fclose
getenv
__getmainargs

shlwapi

UrlGetLocationA

user32

SwitchToThisWindow
InSendMessage
DestroyCursor
GetWindowTextA
GetSysColor
GetMessageA
ShowWindow
GetClassInfoA
GrayStringW
SetWindowPlacement
DrawTextExW
IsWindowVisible
GetMessagePos
DestroyMenu
GetCaretPos
WindowFromPoint
DrawIcon
GetDlgItemTextW
MessageBoxA
DrawFrameControl
CharUpperBuffA
SystemParametersInfoA
SetDlgItemTextA
MapVirtualKeyA
MapDialogRect
RegisterWindowMessageA
OpenInputDesktop
TranslateAcceleratorW
CharNextW
ScrollWindow
FindWindowW
EnumThreadWindows
SendMessageA
GetParent
CreateIconIndirect
MapVirtualKeyExW
DrawMenuBar
LoadImageA
GetClientRect
GetNextDlgGroupItem
GetMessageTime
PeekMessageA
wsprintfW
CreateAcceleratorTableW
GetUserObjectInformationA
ScrollWindowEx
IsCharLowerA
FindWindowExA
GetDlgItemInt
SendMessageW
InvertRect
GetSubMenu
TileWindows
SendDlgItemMessageA
EndDialog
LoadImageW
RedrawWindow
CharToOemW
DragObject
InsertMenuA
GetMenuStringA
RemoveMenu
WaitMessage
GetDC
GetFocus
IsWindowEnabled
ClipCursor
ModifyMenuW
ShowCaret
LookupIconIdFromDirectory
CreateMenu
InvalidateRect
MessageBoxW
GetWindowRect
GetShellWindow
CharLowerA
mouse_event
IsDlgButtonChecked
LoadCursorW
SendMessageTimeoutA
IsMenu
OemToCharA
RegisterWindowMessageW
GetMenu
DefFrameProcA
IsCharAlphaA

Exports

Exports

?HistoryLoggingOn@@YGKDKPAX:O

Sections

.text
Size: 24KB - Virtual size: 23KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdbg
Size: 512B - Virtual size: 101B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.iplan
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.eplan
Size: 512B - Virtual size: 91B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.run
Size: 1024B - Virtual size: 570B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.0dat
Size: 24KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ram
Size: - Virtual size: 38KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tls
Size: 512B - Virtual size: 512B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

11c746cc2131c8aaa588b3606476d0f3

Headers

File Characteristics

PDB Paths

Imports

kernel32

msvcrt

shlwapi

user32

Exports

Exports

Sections

.text Size: 24KB - Virtual size: 23KB

.rdbg Size: 512B - Virtual size: 101B

.iplan Size: 4KB - Virtual size: 4KB

.eplan Size: 512B - Virtual size: 91B

.run Size: 1024B - Virtual size: 570B

.0dat Size: 24KB - Virtual size: 23KB

.data Size: 3KB - Virtual size: 2KB

.ram Size: - Virtual size: 38KB

.tls Size: 512B - Virtual size: 512B

.rsrc Size: 2KB - Virtual size: 1KB

.text
Size: 24KB - Virtual size: 23KB

.rdbg
Size: 512B - Virtual size: 101B

.iplan
Size: 4KB - Virtual size: 4KB

.eplan
Size: 512B - Virtual size: 91B

.run
Size: 1024B - Virtual size: 570B

.0dat
Size: 24KB - Virtual size: 23KB

.data
Size: 3KB - Virtual size: 2KB

.ram
Size: - Virtual size: 38KB

.tls
Size: 512B - Virtual size: 512B

.rsrc
Size: 2KB - Virtual size: 1KB