cdea46a25ceae28b1e40f58f7e34eaf5_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

cdea46a25ceae28b1e40f58f7e34eaf5_JaffaCakes118
Size

220KB
MD5

cdea46a25ceae28b1e40f58f7e34eaf5
SHA1

2dde7caed10b6312506dc532bb5da692f43dee6e
SHA256

478fdb9f8781486899d232c824c4095f214f66e37b7cf221401714c076ff3818
SHA512

eca58735c453657df6c4ac93b9df80861282ac65a8cd2d2f844fcbe123ceb1109cf30f1d1e66d2d86f635a6dec8582cb5cfb2023280038358babd8ca7efd61b2
SSDEEP

6144:GghY5EeeElsEmiyFN91wAzHjKZfNbGF2u:H+5JeElAFN91fjK9ZGF2

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
cdea46a25ceae28b1e40f58f7e34eaf5_JaffaCakes118

Files

cdea46a25ceae28b1e40f58f7e34eaf5_JaffaCakes118
.exe windows:5 windows x86 arch:x86

d5963806b4a56afdee7683979bafe9b0

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

F:\tnbuoLpdLf\ygQHiwvninCuRE\kANroSbod\rgbYdEvp.pdb

Imports

gdi32

GetBitmapBits
ScaleViewportExtEx
ExcludeClipRect
SetBrushOrgEx
LineDDA
EnumFontsW
DPtoLP
TextOutA
GetCharWidth32W
GetStockObject
SetTextAlign
MoveToEx
GetNearestPaletteIndex
CreateDIBitmap
RemoveFontResourceW
CreatePenIndirect
RestoreDC
ExtTextOutA
CreatePalette
GetObjectA
SetLayout
EndDoc
CreatePolygonRgn
GetBkMode
SetViewportExtEx
PathToRegion
WidenPath
EnumFontFamiliesExW
GetDIBColorTable
GetTextMetricsW
SetDIBitsToDevice
DeleteObject
CreateFontIndirectA
CreateDIBSection
CreateBitmap
SetBkMode
PatBlt
CreateRoundRectRgn
CreatePen
GetTextColor
CreateICW
GetClipBox
TextOutW
OffsetRgn
CreatePatternBrush
SetDIBColorTable
TranslateCharsetInfo

kernel32

GetTempFileNameW
SetFileAttributesW
RemoveDirectoryW
GetTimeFormatW
SetLocalTime
TlsFree
HeapFree
AddAtomA
UnlockFile
GetCompressedFileSizeW
WinExec
GetStartupInfoA
GlobalFindAtomW
GetSystemDirectoryW
FreeLibrary
FileTimeToDosDateTime
GetFileAttributesExW
GetComputerNameExA
LoadResource
IsDBCSLeadByte
VirtualQuery
AddAtomW
DuplicateHandle
SetFileAttributesA
ConnectNamedPipe
OpenEventW
ResumeThread
SetFileTime
GetModuleFileNameW
lstrcmpiW
HeapAlloc
GetProcessHeap
SetTimerQueueTimer
FindResourceA
GlobalFree
CreateRemoteThread
FoldStringW
ClearCommError
EscapeCommFunction
LoadLibraryExW
UnhandledExceptionFilter
GetShortPathNameW
EnumResourceNamesW
GetTempPathA
TryEnterCriticalSection
IsBadStringPtrW
GetSystemDefaultUILanguage
GetVersionExA
LocalAlloc
GetUserDefaultLCID
GetComputerNameExW
SetupComm
GetCurrentThreadId
GetSystemTimeAdjustment
FreeResource
GetWindowsDirectoryW

comdlg32

GetSaveFileNameA
GetOpenFileNameA
GetFileTitleW
GetSaveFileNameW
PrintDlgExW
FindTextW

msvcrt

qsort
_controlfp
__set_app_type
strtol
strcoll
atol
fclose
__p__fmode
system
iswprint
__p__commode
isspace
fread
iswctype
getenv
towupper
strtok
strstr
_amsg_exit
iswspace
time
wcscpy
fseek
_initterm
_acmdln
fputc
exit
floor
_ismbblead
_XcptFilter
ungetc
wcscmp
bsearch
_exit
isalpha
realloc
srand
wcstod
strcpy
strncpy
strchr
_cexit
__setusermatherr
__getmainargs
fwrite

user32

GetUpdateRect
DispatchMessageW
SetMenu
GetActiveWindow
GetDlgCtrlID
CheckMenuRadioItem
SetWindowLongW
GetDlgItemTextA
GetMenuItemCount
LoadAcceleratorsW
GetMenuCheckMarkDimensions
GetLastActivePopup
ArrangeIconicWindows
DrawTextA
CharNextA
FindWindowW
CharNextExA
SetCaretPos
GetMessageW
IsCharAlphaNumericW
IsDialogMessageW
GetAsyncKeyState
IsDlgButtonChecked
SetWindowPlacement
GetSystemMenu
DialogBoxIndirectParamW
GetWindowTextLengthW
DrawFocusRect
SetWindowLongA
PostThreadMessageW
MapDialogRect
GetMenuStringW
DrawTextExW
CheckDlgButton
IsChild
ChildWindowFromPointEx
PtInRect
ShowCursor
GetClassInfoExA
SetScrollInfo
SendMessageTimeoutA
InsertMenuItemW
LoadIconW
GrayStringW
GetKeyboardLayout
SetPropW
DrawAnimatedRects
LockWindowUpdate
IsWindow
RegisterHotKey
DefDlgProcW
ScrollWindow
TranslateAcceleratorA
ShowWindowAsync
SetUserObjectInformationW
SendInput
PostThreadMessageA
DrawTextW
GetMessagePos
SetDlgItemTextA
CreatePopupMenu
GetMenuItemID
EnableMenuItem
UpdateWindow
SetWindowPos
GetWindowLongA
DrawFrameControl
RegisterClassA
GetKeyNameTextW
WaitForInputIdle
CopyAcceleratorTableW
CreateDialogParamA
TileWindows
GetWindow
DefDlgProcA
SetClassLongW
BeginPaint
DialogBoxIndirectParamA
keybd_event
IsRectEmpty
GetScrollPos
InvalidateRgn
DragObject
MapVirtualKeyA
CheckRadioButton
PostMessageA
GetTopWindow
GetPropW
OemToCharBuffA
SetWindowTextA
GetMonitorInfoW
SetRectEmpty
GetCursorPos
GetDesktopWindow
CharPrevA
DrawStateA
CallWindowProcA
SendDlgItemMessageA
ExitWindowsEx
GetParent
AttachThreadInput
RegisterWindowMessageA
SetFocus
ReplyMessage
CreateIconFromResource
MapWindowPoints
GetIconInfo
SendMessageA
InvalidateRect
IsCharAlphaW
GetClipCursor

Exports

Exports

?CallFileOriginal@@YGPAHPAFFPAHN]A
?IncrementNameOriginal@@YGGFPAJEPAM]A
?EnumRectNew@@YGX_NPAEM]A
?EnumMutantOld@@YGGPAI_N]A
?ModifyValue@@YGGPAMD]A
?LoadAnchorW@@YGPAXHN]A
?OnProject@@YGI_N]A
?OnCommandLineNew@@YGIFPAD]A
?InsertHeightEx@@YGPANI]A
?KillSemaphoreExW@@YGJPAH]A
?InsertListW@@YGEPAMGG]A
?ShowRectExA@@YGKH]A
?RtlWindowOriginal@@YGKPAJGPAH]A
?ShowNameExW@@YGPAKDEG]A
?InstallDateTimeExW@@YGPAKDFPAJ]A
?OnMutantExA@@YGEMPAGK]A
?InvalidateComponentOriginal@@YGPAXIPAIFPAJ]A
?DeleteAnchor@@YGFM]A
?EnumObjectOriginal@@YGPAEKIG]A
?IsProcessExW@@YGPAHPAMJPAKPAD]A
?IsFilePathExW@@YGMFJPAG]A
?InstallThreadEx@@YGKDPADD]A
?InstallTaskNew@@YGKPAKPAIG]A
?HideConfigA@@YGFEPAFPAG]A
?CancelVersion@@YGEPAM]A
?IsFunctionW@@YGME]A
?DeleteComponentA@@YGPADHJ]A
?CrtCharOriginal@@YGPANPAEE]A
?ModifyOptionExW@@YGPAXDD_NPAM]A
?CloseMessageEx@@YGEDM]A
?ScreenNew@@YGMGFPAG]A
?EnumExpressionEx@@YGKHPAMPAD]A
?HideTimerOld@@YGPAMPAFDM]A
?ModifyArgumentA@@YGPAXIPAG]A
?RtlPen@@YGPAJDGPAN]A
?GenerateProfileEx@@YGIDHK]A

Sections

.text
Size: 193KB - Virtual size: 192KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 23KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d5963806b4a56afdee7683979bafe9b0

Headers

File Characteristics

PDB Paths

Imports

gdi32

kernel32

comdlg32

msvcrt

user32

Exports

Exports

Sections

.text Size: 193KB - Virtual size: 192KB

.data Size: 23KB - Virtual size: 23KB

.rsrc Size: 512B - Virtual size: 16B

.reloc Size: 2KB - Virtual size: 1KB

.text
Size: 193KB - Virtual size: 192KB

.data
Size: 23KB - Virtual size: 23KB

.rsrc
Size: 512B - Virtual size: 16B

.reloc
Size: 2KB - Virtual size: 1KB