c913b30b9b1a8274e965fb5797683471_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

c913b30b9b1a8274e965fb5797683471_JaffaCakes118
Size

216KB
MD5

c913b30b9b1a8274e965fb5797683471
SHA1

6790ce27fde2f889d9ca3cc867173a8f01ca75c9
SHA256

492bdf4d1d295031302e4918d907cc93b16e85683b634c43520e27681c76cba9
SHA512

ec001cd0ca9cf9ee0f61070f7a767c380c703b6c30b1472096d78b1da554aafd362a86d394f41c7bbd9086ee3c980da773474344ca7a1efd821137a045f49ca6
SSDEEP

6144:v0aFNX2UR1ztkEC9cR9tInQC0BSaLDbW:MO2URdtkEoM9t6z0BTf

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c913b30b9b1a8274e965fb5797683471_JaffaCakes118

Files

c913b30b9b1a8274e965fb5797683471_JaffaCakes118
.exe windows:5 windows x86 arch:x86

95407da0cccd63dc5a4c5d944c462a3e

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

U:\kxFbAnr\uhifukauoq\BcHHiIkg\dncnzWbSEmOzA.pdb

Imports

gdi32

SetPixel
GetTextCharsetInfo
CreateDiscardableBitmap
SelectPalette
DPtoLP
SetBitmapDimensionEx
LPtoDP
CreateRectRgn
ScaleViewportExtEx
CreateFontIndirectW
SetWindowExtEx
CreateRoundRectRgn
GetPaletteEntries
CreatePatternBrush
GetTextMetricsA
TextOutW
GetSystemPaletteEntries
Rectangle
GetTextAlign
DeleteObject
SetPaletteEntries
GetCharWidth32W
CreateFontIndirectA
PtVisible
GetNearestColor
CreatePenIndirect
CreateRectRgnIndirect
CreateSolidBrush
PtInRegion
RoundRect
FillRgn
GetTextMetricsW
GetDIBits
StartPage
SetViewportOrgEx
SetDIBits
GetBkMode

kernel32

GetFileInformationByHandle
SetUnhandledExceptionFilter
DeleteAtom
CancelWaitableTimer
SetFileApisToOEM
SetSystemTimeAdjustment
GetSystemTimeAdjustment
FlushFileBuffers
HeapReAlloc
SetThreadExecutionState
LeaveCriticalSection
GetVersionExA
IsValidLanguageGroup
EnumResourceNamesW
GetFileTime
GetShortPathNameW
GlobalDeleteAtom
GetCommModemStatus
lstrlenA
VerSetConditionMask
UnmapViewOfFile
GetUserDefaultLCID
SuspendThread
EscapeCommFunction
ExitThread
SetHandleInformation
SetMailslotInfo
SetCommBreak
GlobalFindAtomW
WideCharToMultiByte
GetLastError
GetLongPathNameW
GetModuleFileNameA
lstrcpynA
InitializeCriticalSection
SetCommTimeouts
LocalSize
GlobalFlags
EnumSystemLocalesA

user32

CallWindowProcA
DestroyAcceleratorTable
GetDlgItemInt
DrawStateA
ToUnicodeEx
FindWindowExA
SetRectEmpty
IsCharLowerA
OemToCharA
InflateRect
SetLastErrorEx
GetKeyboardLayoutList
ArrangeIconicWindows
RegisterClassExW
TabbedTextOutW
EqualRect
EnumChildWindows
HideCaret
GetWindowRect
MapVirtualKeyExW
GetMenu
FindWindowW
InvalidateRect
MessageBoxW
RegisterHotKey
CheckRadioButton
MessageBoxA
CreateDialogIndirectParamW
DeleteMenu
IsDialogMessageA
BringWindowToTop
SetWindowPos
GetMessageA
GetWindowTextA
IsMenu
GetMenuItemRect
ReplyMessage
UnloadKeyboardLayout
CreateDialogParamW
SetRect
SetDlgItemInt
ScreenToClient
IsWindow
GetMenuItemCount
CreateWindowExA
GetMessageExtraInfo
GetMenuStringW
AppendMenuW
TrackPopupMenuEx
SetWindowTextW
CreateAcceleratorTableW
SetForegroundWindow
GetMessageTime
LoadCursorA
CharLowerA
SendMessageA
CreatePopupMenu
IsCharAlphaNumericW
ShowWindow
GetDialogBaseUnits
SetUserObjectInformationW
GetTopWindow
CreateCursor
GetClassLongA
SendMessageW
SendDlgItemMessageW
LoadIconA
ScrollWindow
IsRectEmpty
DrawIcon
FindWindowExW
DragObject
CallWindowProcW
LoadStringA
GetClassInfoExW
CharPrevA
ReleaseDC
DefDlgProcA
ClipCursor
CharToOemW
wvsprintfA
ShowCaret
OffsetRect
CharNextExA
HiliteMenuItem
DrawTextExW
GetDlgItemTextA
TileWindows

msvcrt

calloc
time
ftell
_controlfp
clock
__set_app_type
__p__fmode
__p__commode
_amsg_exit
wcscat
_initterm
wcstok
wcsncmp
strstr
ungetc
iswprint
perror
wcscpy
_acmdln
clearerr
gets
floor
fflush
toupper
exit
_ismbblead
isdigit
towupper
_XcptFilter
sscanf
swprintf
_exit
_cexit
towlower
vsprintf
printf
__setusermatherr
__getmainargs

Exports

Exports

?InstallPenEx@@YGPAGNPAKEE&U
?IsMutex@@YGHFF&U
?CancelPenW@@YGHPAKKKM&U
?ModifyStringEx@@YGGPAIPAIPAJ&U
?GetMutexExW@@YGEPAMGE&U
?InvalidateProfileOriginal@@YGHPAGPAK&U
?ValidateDateTime@@YGXPAGPAIMM&U
?ModifyListEx@@YGPADJ&U
?CancelRectNew@@YGG_NPAE&U
?Char@@YGPADPAIG_N&U
?LoadCommandLineExW@@YGXD&U
?SetTaskEx@@YGMHPAE&U
?CloseWindowInfoEx@@YGJJPAHPAN&U
?OnMemoryExA@@YG_NPAEPAJ&U
?DeleteAppNameExA@@YGEF&U
?InstallStringOriginal@@YGXPAE&U
?EnumProcess@@YGGPADM&U
?ValidateDeviceExW@@YGPAHPAN&U
?IsSizeOld@@YGFEPAG&U
?InstallDirectoryOriginal@@YGHGFPAH&U
?IsValidObjectW@@YGXPAJ&U
?CallDataExA@@YGX_N&U
?KillValueEx@@YGDGPAG&U
?EnumSystemOld@@YGPAKPAMFNG&U
?DecrementKeyNameOld@@YGPAEDN&U
?InvalidateProviderOld@@YGXMPAK&U
?GetChar@@YGXIIF&U
?KillProviderEx@@YGEPAIJ&U
?ValidatePointerOld@@YGKPAJG&U
?IsMessageOriginal@@YGKII&U
?DecrementTimer@@YGIGKDM&U
?RemoveNameEx@@YGPAXPAJPAMMPAK&U
?SendFile@@YGPAXGPAHEG&U
?IncrementSectionNew@@YGPAXPAI&U
?FormatMonitorOld@@YGKPAFI&U
?SetListOld@@YGPAHHPANK&U

Sections

.text
Size: 71KB - Virtual size: 71KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.imdat
Size: 1024B - Virtual size: 824B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.edata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 5KB - Virtual size: 71KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 120KB - Virtual size: 119KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

95407da0cccd63dc5a4c5d944c462a3e

Headers

File Characteristics

PDB Paths

Imports

gdi32

kernel32

user32

msvcrt

Exports

Exports

Sections

.text Size: 71KB - Virtual size: 71KB

.imdat Size: 1024B - Virtual size: 824B

.edata Size: 1KB - Virtual size: 1KB

.data Size: 13KB - Virtual size: 13KB

.rdata Size: 5KB - Virtual size: 71KB

.rsrc Size: 120KB - Virtual size: 119KB

.reloc Size: 2KB - Virtual size: 1KB

.text
Size: 71KB - Virtual size: 71KB

.imdat
Size: 1024B - Virtual size: 824B

.edata
Size: 1KB - Virtual size: 1KB

.data
Size: 13KB - Virtual size: 13KB

.rdata
Size: 5KB - Virtual size: 71KB

.rsrc
Size: 120KB - Virtual size: 119KB

.reloc
Size: 2KB - Virtual size: 1KB