c96a7f0501a733056d95be4bf996a1d1_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

c96a7f0501a733056d95be4bf996a1d1_JaffaCakes118
Size

215KB
MD5

c96a7f0501a733056d95be4bf996a1d1
SHA1

bad8f511d681969931220878f73ea7441f9e74bf
SHA256

32f08e21cbbd57efe64c17ff292db15d6f09711f308a740a3be33fa6bce38504
SHA512

64afac7c060a0e3deda51597aebd711ee9a2cffb40762a5e4039625e5d189d9ec603336f2b1fc40907995c5354a89caabcdc03b5469e2bfcba9c7e2389836267
SSDEEP

3072:sxhD2qb18JPYo/Xw2kTWHiIh2hKw7IFZc5LvCGBo3bjxuHNHZi0fbX4k/Ul0ZauT:sb2PJPYmNoWO9kU0V41ZioXki

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c96a7f0501a733056d95be4bf996a1d1_JaffaCakes118

Files

c96a7f0501a733056d95be4bf996a1d1_JaffaCakes118
.exe windows:5 windows x86 arch:x86

936e597770a95ddf3c853e913b861673

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

S:\zuUcYsodhDt\achxbPElcw\upvoufosAYxZJ\mnMdsdWzcRjkcE\dltIfrNbvey.pdb

Imports

msvcrt

_controlfp
__set_app_type
mktime
fgets
vswprintf
isxdigit
ungetc
__p__fmode
__p__commode
fputs
_amsg_exit
realloc
_initterm
_acmdln
exit
_ismbblead
_XcptFilter
_exit
fprintf
perror
_cexit
__setusermatherr
fgetc
__getmainargs

user32

EnumChildWindows
CallWindowProcA
SetMenu
DrawStateA
SendDlgItemMessageW
ChangeMenuW
GetForegroundWindow
DrawTextW
CreateDialogIndirectParamW
CheckRadioButton
PostThreadMessageA
MapWindowPoints
GetIconInfo
CreateCaret
DefDlgProcW
GetKeyboardLayoutNameW
SendDlgItemMessageA
KillTimer
CharNextExA
GetActiveWindow
SetRectEmpty
IsDlgButtonChecked
DestroyCaret
GetWindowTextA
SetScrollRange
LoadMenuA
RegisterWindowMessageA
DefFrameProcW
AttachThreadInput
ScrollWindowEx
AdjustWindowRectEx
GetCaretPos
GetKeyNameTextW
ActivateKeyboardLayout
InternalGetWindowText
DefFrameProcA

kernel32

lstrcatW
GetAtomNameA
IsBadStringPtrA
TransactNamedPipe
SetErrorMode
FindResourceA
GetStdHandle
GetComputerNameExW
ExitThread
GlobalLock
DeleteFileA
FindResourceExA
CreateEventW
GetTempFileNameW
SleepEx
lstrlenA
ResetEvent
SetHandleInformation
CreateMailslotW

gdi32

GetCurrentObject
GetBkMode
GetPixel
CreateFontIndirectW
StretchDIBits
StartPage
PolyBezier
AbortDoc
CreateBitmapIndirect
GetTextMetricsA
RestoreDC
CreatePalette
PathToRegion
CreateHatchBrush
GetPaletteEntries
BitBlt

Exports

Exports

?LeaveCriticalSectionGDhkyjkjhHFJlF@@YGKEPA_WG@Z

Sections

.text
Size: 167KB - Virtual size: 166KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.diag_x
Size: 512B - Virtual size: 28B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.diag_y
Size: 512B - Virtual size: 95B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.div
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idat
Size: 512B - Virtual size: 396B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.imul
Size: 512B - Virtual size: 227B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.plus
Size: 512B - Virtual size: 476B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.minus
Size: 512B - Virtual size: 140B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 36KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

936e597770a95ddf3c853e913b861673

Headers

File Characteristics

PDB Paths

Imports

msvcrt

user32

kernel32

gdi32

Exports

Exports

Sections

.text Size: 167KB - Virtual size: 166KB

.diag_x Size: 512B - Virtual size: 28B

.diag_y Size: 512B - Virtual size: 95B

.data Size: 3KB - Virtual size: 2KB

.div Size: 2KB - Virtual size: 2KB

.idat Size: 512B - Virtual size: 396B

.imul Size: 512B - Virtual size: 227B

.plus Size: 512B - Virtual size: 476B

.minus Size: 512B - Virtual size: 140B

.rsrc Size: 36KB - Virtual size: 36KB

.reloc Size: 2KB - Virtual size: 1KB

.text
Size: 167KB - Virtual size: 166KB

.diag_x
Size: 512B - Virtual size: 28B

.diag_y
Size: 512B - Virtual size: 95B

.data
Size: 3KB - Virtual size: 2KB

.div
Size: 2KB - Virtual size: 2KB

.idat
Size: 512B - Virtual size: 396B

.imul
Size: 512B - Virtual size: 227B

.plus
Size: 512B - Virtual size: 476B

.minus
Size: 512B - Virtual size: 140B

.rsrc
Size: 36KB - Virtual size: 36KB

.reloc
Size: 2KB - Virtual size: 1KB