d028a211075f0beddcd571ebb7b7bc1d_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

d028a211075f0beddcd571ebb7b7bc1d_JaffaCakes118
Size

140KB
MD5

d028a211075f0beddcd571ebb7b7bc1d
SHA1

56938d705dd6b1a3b5de4be8ea6b120901336660
SHA256

7bd44e7fc4a39f72580984c1fef5d39f93c26f8b900cfe61b2d8e90762d84cb9
SHA512

ce7cd022c57219c466828d5ce49571a6a5ba1d5a8844a9ec25dfcfd759b072e1bbe7eeb9b5f60108759c65523586b973227da92a110ebf25946787861bedec03
SSDEEP

3072:J0kUXLaKguMtkq6KxKmvXBN565Uy4JcjIGql2pwOau0QNR6Lnne4HqWv4rFR:J0keamMtx6KxKgBNoUTJGUl22xQX+nPC

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d028a211075f0beddcd571ebb7b7bc1d_JaffaCakes118

Files

d028a211075f0beddcd571ebb7b7bc1d_JaffaCakes118
.dll windows:5 windows x86 arch:x86

ab4867d6db58b69fd96c0cf93858bc2f

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

P:\uusEsHvydZsNM\XxZtvGex\yyydrJo\hoiplDypCrrwAU\rhBpwubtzzTqsA.pdb

Imports

user32

CreateCursor
MessageBoxW
DefWindowProcA
GetMenuItemInfoW
OemToCharBuffA
CheckRadioButton
GetClassLongA
GetClientRect
IsCharAlphaNumericW
GetScrollRange
GetMenuItemID
FindWindowW
SetUserObjectInformationW
GetWindowTextLengthW
LoadIconA
IsZoomed
SetCursor
IsDialogMessageA
BeginPaint
AllowSetForegroundWindow
CharLowerW
GetMenuItemRect
MessageBoxExA
TrackPopupMenuEx
OpenDesktopW
AppendMenuW
SetActiveWindow
CopyRect
UpdateWindow
InSendMessage
GetDCEx
DrawIconEx
WaitMessage
CreateAcceleratorTableW
DialogBoxIndirectParamA
ArrangeIconicWindows
TabbedTextOutW
SetFocus
RemovePropW
mouse_event
DestroyCaret
SetPropW
SetDlgItemInt
DestroyAcceleratorTable
LoadImageA
PostMessageA
CreateDialogIndirectParamW
ActivateKeyboardLayout
LoadStringW
GetMonitorInfoW
wvsprintfW
GetForegroundWindow
ClipCursor
AdjustWindowRectEx
SetCursorPos
GetWindowDC
IsWindow
GetClassNameW
SetWindowRgn
SetWindowLongW
ShowWindowAsync
GetAsyncKeyState
SetParent
DrawTextW
SetWindowTextA
GrayStringW
LoadMenuW
CallMsgFilterA
DrawIcon
ReplyMessage
GetSubMenu
RegisterWindowMessageA
RegisterHotKey
DispatchMessageW
GetSysColor
DefDlgProcW
InflateRect
GetScrollInfo
SetTimer
BeginDeferWindowPos
CopyImage
TileWindows
LoadCursorA
SendNotifyMessageW
InternalGetWindowText
ShowWindow

msvcrt

wcstod
bsearch
puts
_controlfp
clock
__set_app_type
__p__fmode
__p__commode
_amsg_exit
strlen
localtime
fread
wcslen
_initterm
_acmdln
exit
_ismbblead
wcstoul
time
realloc
_XcptFilter
iswalpha
isxdigit
wcsncmp
free
isalpha
gets
_exit
calloc
swscanf
_cexit
isalnum
wcspbrk
floor
fwrite
__setusermatherr
swprintf
__getmainargs
strtoul
iswxdigit
isspace

shlwapi

PathAddExtensionA

gdi32

SetDIBitsToDevice
CreateFontIndirectA
EnumFontFamiliesW
CreateDiscardableBitmap
CreateBitmapIndirect
GetCharWidth32W
SaveDC
GetClipBox
GetTextColor
SelectClipRgn
SetTextAlign
GetRgnBox
CreateICW
CreateHalftonePalette
GetObjectW
RestoreDC
SetDIBits
TextOutW
TranslateCharsetInfo
CreateCompatibleDC
GetROP2
ScaleViewportExtEx
GetPath
SetWindowExtEx
CreatePenIndirect
DeleteObject
Escape
GetPixel
GetSystemPaletteUse
GetTextMetricsW
SelectObject
SetViewportExtEx
GetMapMode
GetTextExtentPoint32W
CreateCompatibleBitmap
GetPaletteEntries

kernel32

CreateMutexA
lstrlenW
FindFirstFileW
GetCompressedFileSizeW
GlobalAlloc
GetUserDefaultUILanguage
SetHandleInformation
OpenEventW
MoveFileExW
LocalLock
GetSystemDirectoryA
GetCurrentThreadId
LCMapStringA
QueryDosDeviceW
ClearCommBreak
GetTimeFormatA
SetLastError
ReadFile
GlobalGetAtomNameA
OpenEventA
GlobalMemoryStatusEx
SetupComm
CreateWaitableTimerW
lstrlenA
WaitForSingleObjectEx
OpenSemaphoreW
GetThreadLocale
GetCurrentDirectoryW
GetFileAttributesExW
LoadLibraryA
GetBinaryTypeW
GetUserDefaultLCID
CopyFileW
SetLocalTime
GetStringTypeExW
DeleteFileW
GetThreadPriority
ReleaseSemaphore
CreateSemaphoreA
GetShortPathNameW

Exports

Exports

?MessageBoxDhijudjuIDF@@YGKPA_WK@Z
?MessageBoxHDFjhfkdjHJDF@@YGKPA_WK@Z
?MessageBoxKJHDKJhkdjHDKHj@@YGKPA_WK@Z
?MessageBoxKJKhjkfdkjhKJHhkj@@YGKPA_WK@Z

Sections

.text
Size: 104KB - Virtual size: 103KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.strs
Size: 1024B - Virtual size: 565B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.post
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tmpd0
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tmpd1
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tmpd2
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rdata
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ab4867d6db58b69fd96c0cf93858bc2f

Headers

File Characteristics

PDB Paths

Imports

user32

msvcrt

shlwapi

gdi32

kernel32

Exports

Exports

Sections

.text Size: 104KB - Virtual size: 103KB

.strs Size: 1024B - Virtual size: 565B

.post Size: 13KB - Virtual size: 13KB

.data Size: 2KB - Virtual size: 23KB

.tmpd0 Size: 2KB - Virtual size: 2KB

.tmpd1 Size: 1KB - Virtual size: 1KB

.tmpd2 Size: 1KB - Virtual size: 1KB

.rdata Size: 5KB - Virtual size: 5KB

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 2KB - Virtual size: 1KB

.text
Size: 104KB - Virtual size: 103KB

.strs
Size: 1024B - Virtual size: 565B

.post
Size: 13KB - Virtual size: 13KB

.data
Size: 2KB - Virtual size: 23KB

.tmpd0
Size: 2KB - Virtual size: 2KB

.tmpd1
Size: 1KB - Virtual size: 1KB

.tmpd2
Size: 1KB - Virtual size: 1KB

.rdata
Size: 5KB - Virtual size: 5KB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 2KB - Virtual size: 1KB