c2a6040591c504379720a4e76111372e_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

c2a6040591c504379720a4e76111372e_JaffaCakes118
Size

242KB
MD5

c2a6040591c504379720a4e76111372e
SHA1

b72bcd78ac864cf11d43117734b55c75ec37df59
SHA256

1d3e4135e3fa1741890d5562c8b8102d2b7537ec52b101f59036d8332731fb0d
SHA512

ebdacb9467caae45a774e73ad5500fc5d8c6d96d05228aaefd76405f21878856a142fddec69ac4502d6ccdfc5c32059498d462b4dc93375650261c9bb26939d0
SSDEEP

6144:wfbHyGnmDWVK9D4qOpgRvh0FmX2WCnxY0OQQ1xIJhOg:wfeDeU8qOpgRvWFhWyYd

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c2a6040591c504379720a4e76111372e_JaffaCakes118

Files

c2a6040591c504379720a4e76111372e_JaffaCakes118
.exe windows:5 windows x86 arch:x86

e0d16c6c6c3f433bb87dd6b5a10ad11a

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

G:\lEdrhOEwbeCf\nilugzLajr\rabngjdeyx\rArBasnvj\MUohsuE.pdb

Imports

msvcrt

wcsstr
iswalpha
_controlfp
isxdigit
__set_app_type
putc
wcspbrk
__p__fmode
__p__commode
_amsg_exit
wcstol
setlocale
_initterm
_acmdln
fgets
exit
_ismbblead
_XcptFilter
atoi
fflush
_exit
system
_cexit
__setusermatherr
wcscoll
__getmainargs

user32

ShowWindowAsync
CreateIconFromResource
CharLowerW
InsertMenuItemW
RegisterClassA
GetActiveWindow
ToUnicodeEx
MessageBoxExW
SendMessageA
SendNotifyMessageW
RegisterWindowMessageA
CreateDialogParamW
IsDialogMessageW
SetWindowLongW
RegisterHotKey
GetSubMenu
RedrawWindow
ReleaseDC
SetActiveWindow
CloseDesktop
UpdateWindow
GetUserObjectInformationW
TileWindows
LoadAcceleratorsA
TrackPopupMenuEx
FindWindowA
RegisterClassExA
GetMenuStringW
PostQuitMessage
MapDialogRect
ActivateKeyboardLayout
GrayStringW
IsCharAlphaNumericW
DialogBoxIndirectParamW
GetMenuItemInfoW
EnableMenuItem
GetDlgItem
PostThreadMessageW
SetDlgItemInt
GetScrollPos
CreateDialogParamA
IsIconic

gdi32

CreateHalftonePalette
ScaleWindowExtEx
StartPage
GetTextFaceW
ExtTextOutA
RemoveFontResourceW
GetNearestPaletteIndex
CreateEllipticRgnIndirect
OffsetViewportOrgEx
Escape
RectVisible
StretchDIBits
PathToRegion
EnumFontFamiliesExW
SetBitmapDimensionEx
SetROP2
TextOutW
GetTextExtentPointA

comctl32

ImageList_Read
CreateStatusWindowW
ImageList_Draw
CreatePropertySheetPageA
ImageList_AddMasked

shlwapi

StrToIntExA
ord29

kernel32

LoadLibraryExW
VirtualQuery
GetModuleHandleA
DeleteFileA
SetLastError
CreateNamedPipeW
CreateMutexA
InitializeCriticalSection
GetTickCount
GetSystemDirectoryA
ConnectNamedPipe
SetFileTime
WaitForMultipleObjectsEx
LoadLibraryExA
TransactNamedPipe
IsBadWritePtr
SetCommBreak
RaiseException
FindResourceExA
GetTimeFormatA
LoadLibraryW

Exports

Exports

?CopyFilePathEx@@YGPAKDGPAFPAH~U
?ValidateCommandLineNew@@YGPAXF~U
?ModifyDateEx@@YGJF~U
?PutMemoryOriginal@@YGGPAF~U
?IncrementTaskW@@YGPAXIPAGEH~U
?DumpDigitalDataCBhJEB@@YGKGHE@Z

Sections

.text
Size: 20KB - Virtual size: 20KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.init
Size: 512B - Virtual size: 512B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tedat
Size: 512B - Virtual size: 489B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tidat
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.alloc
Size: - Virtual size: 187KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 211KB - Virtual size: 211KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e0d16c6c6c3f433bb87dd6b5a10ad11a

Headers

File Characteristics

PDB Paths

Imports

msvcrt

user32

gdi32

comctl32

shlwapi

kernel32

Exports

Exports

Sections

.text Size: 20KB - Virtual size: 20KB

.init Size: 512B - Virtual size: 512B

.tedat Size: 512B - Virtual size: 489B

.tidat Size: 3KB - Virtual size: 2KB

.rdata Size: 1KB - Virtual size: 1KB

.data Size: 2KB - Virtual size: 1KB

.alloc Size: - Virtual size: 187KB

.rsrc Size: 211KB - Virtual size: 211KB

.reloc Size: 2KB - Virtual size: 2KB

.text
Size: 20KB - Virtual size: 20KB

.init
Size: 512B - Virtual size: 512B

.tedat
Size: 512B - Virtual size: 489B

.tidat
Size: 3KB - Virtual size: 2KB

.rdata
Size: 1KB - Virtual size: 1KB

.data
Size: 2KB - Virtual size: 1KB

.alloc
Size: - Virtual size: 187KB

.rsrc
Size: 211KB - Virtual size: 211KB

.reloc
Size: 2KB - Virtual size: 2KB