d041173e3285e32db1a3918e9622215b_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

d041173e3285e32db1a3918e9622215b_JaffaCakes118
Size

147KB
MD5

d041173e3285e32db1a3918e9622215b
SHA1

e63be8d617a5048b67e82b5b7500d550b3122286
SHA256

de257b0fd6a5d10a34d3fdd044e03c6a7c8b7c406d196a6d69de162190d2ce1e
SHA512

888e8dd752fc0306c7a1184f112fb91473569aae259c9a76cfb30a20ef7b3e703b63d87f56026371bd5643b0b64972bcf4b51382642b288fdd5e9a62ac2c7568
SSDEEP

3072:+nD/2pvqGx4JrXHt6bX89cNbBHzpBTALhw5Vzqsq:yetx4Jr3t67+2BHghw7f

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d041173e3285e32db1a3918e9622215b_JaffaCakes118

Files

d041173e3285e32db1a3918e9622215b_JaffaCakes118
.exe windows:5 windows x86 arch:x86

ed28a6474f8d985463c9a32ba510a77b

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

Z:\tyjSUutJ\adggdXlNrIbD\yrbAwtXlZmkfO\ndWMJgtlWWqWo.pdb

Imports

comdlg32

GetOpenFileNameA
GetSaveFileNameA
GetSaveFileNameW
GetFileTitleW

kernel32

GlobalMemoryStatus
GetModuleFileNameW
GetComputerNameExW
ResetEvent
TlsGetValue
VirtualFree
SearchPathA
LocalSize
GetSystemDirectoryW
SetSystemTimeAdjustment
EnumResourceTypesA
SetThreadPriority
GetThreadPriority
CompareFileTime
GetModuleHandleA
CreateNamedPipeW
GlobalCompact
GetComputerNameW
QueryDosDeviceW
AddAtomA
GlobalGetAtomNameA
GetAtomNameW
GetFileTime
HeapFree
MoveFileExW
LocalFree
GetSystemDirectoryA
OpenFile
GetSystemDefaultUILanguage
GlobalUnlock
WaitCommEvent
VirtualQuery
LoadLibraryExA
CancelIo
EscapeCommFunction
SetCommTimeouts
IsDBCSLeadByteEx
SetHandleCount
GlobalAddAtomA
GlobalSize
FindResourceExA
DeviceIoControl
GetFileAttributesW
GetAtomNameA
SetCurrentDirectoryW
GlobalHandle
IsBadCodePtr
GetCommProperties
FindClose
LeaveCriticalSection
SetCommMask
LoadLibraryW
GetCurrentThread
OpenEventA
WriteFile
FormatMessageW
MulDiv

msvcrt

puts
_controlfp
fgetc
__set_app_type
printf
swprintf
fread
isspace
wcschr
time
wcstok
strspn
strtol
iswspace
isalnum
rand
__p__fmode
system
__p__commode
malloc
wcstol
_amsg_exit
clearerr
remove
mktime
realloc
_initterm
_acmdln
iswxdigit
exit
_ismbblead
_XcptFilter
ungetc
isprint
strchr
_exit
getenv
atoi
strrchr
strtok
isalpha
clock
fclose
iswprint
_cexit
__setusermatherr
wcscmp
__getmainargs
strstr

user32

OpenInputDesktop
BringWindowToTop
IsCharAlphaNumericW
GetKeyboardLayout
ExitWindowsEx
RegisterClassExW
UnloadKeyboardLayout
GetScrollRange
SetCursor
PostThreadMessageA
GetKeyboardLayoutNameW
InflateRect
TranslateAcceleratorA
LoadAcceleratorsA
GetKeyState
DrawTextExW
MapDialogRect
OpenDesktopW
ChangeMenuW
SetMenuItemBitmaps
CharLowerBuffW
InsertMenuA
ClientToScreen
GetUserObjectInformationW
CreateIconIndirect
DefWindowProcW
SetScrollRange
SendMessageTimeoutA
SystemParametersInfoA
SetRectEmpty
SendMessageA
DefDlgProcW
DialogBoxParamW
GetActiveWindow
GetSubMenu
GetWindowRect
GetMenuItemID
CopyRect
TrackPopupMenu
SetSysColors
KillTimer
IsCharAlphaW
GetCursorPos
ScrollWindow
GetNextDlgGroupItem
VkKeyScanW
DragObject
IsMenu
GetPropW
GetSysColor
CharUpperA
BeginPaint
PostQuitMessage
ReleaseDC
GetForegroundWindow
CloseDesktop
DrawIconEx
RegisterHotKey
GetMenuItemCount
FindWindowA
MoveWindow
LookupIconIdFromDirectory
IsIconic
LoadImageW
GetAltTabInfoW
EnableWindow
SetForegroundWindow
IsCharUpperA
IsWindow
EnableMenuItem
SetMenuDefaultItem
LoadMenuW
EnumWindows
ScreenToClient
GetClipCursor
OemToCharBuffA
GetDialogBaseUnits
ShowOwnedPopups
CreateDialogIndirectParamW
CopyImage
InvertRect
IsChild
GetMonitorInfoW
GetScrollPos
MessageBoxExW
IsDlgButtonChecked
FindWindowExW
GetMenuCheckMarkDimensions
DrawStateA
IsDialogMessageA
OemToCharA
ShowWindow
GetMessageW
SetCursorPos
DestroyMenu
UnionRect
DispatchMessageA
LoadIconW
SetWindowTextA
GetClassLongW
RegisterWindowMessageW
LoadImageA
CreatePopupMenu
MessageBoxW
DefWindowProcA
AttachThreadInput
TileWindows
CharNextExA
GetMenuStringA
SetDlgItemInt
GetClassInfoW
IsDialogMessageW
DrawTextA
SendDlgItemMessageA
MapVirtualKeyW
LoadCursorW
DrawFocusRect
InsertMenuItemW
DialogBoxIndirectParamW
SetWindowPlacement
FrameRect

gdi32

ExtTextOutA
GetDIBColorTable
Polyline
CreateSolidBrush
GetPixel
SelectObject
LPtoDP
SetTextColor
SetBkMode
CombineRgn
SetTextAlign
MoveToEx
SetMapMode
RoundRect
SetBrushOrgEx
BeginPath
GetFontData
DPtoLP
SetBitmapDimensionEx
CreateRoundRectRgn
CreateDIBSection
SetPixel
GetCurrentObject
GetBitmapBits
CreatePatternBrush
GetDIBits
Escape
SetViewportOrgEx
CreateFontA
CreateBrushIndirect
GetTextAlign
CreateHalftonePalette
GetTextCharsetInfo
TranslateCharsetInfo
GetClipBox
GetTextExtentPoint32W
CreateBitmap
GetRgnBox
EnumFontsW
SetBkColor
CreatePen
ScaleViewportExtEx
GetSystemPaletteUse
WidenPath
CreateEllipticRgnIndirect
CreatePenIndirect
Ellipse
SetLayout
CreateRectRgn
Polygon
SetWindowExtEx

Exports

Exports

?FormatPoint@@YGPANPADPAJ]A
?BitCounterArrayIdeDunAs@@YGKGE@Z
?EnumFilePathOriginal@@YGFPAF]A

Sections

.text
Size: 20KB - Virtual size: 20KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 4KB - Virtual size: 132KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 120KB - Virtual size: 119KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ed28a6474f8d985463c9a32ba510a77b

Headers

File Characteristics

PDB Paths

Imports

comdlg32

kernel32

msvcrt

user32

gdi32

Exports

Exports

Sections

.text Size: 20KB - Virtual size: 20KB

.data Size: 4KB - Virtual size: 132KB

.rsrc Size: 120KB - Virtual size: 119KB

.reloc Size: 1KB - Virtual size: 1KB

.text
Size: 20KB - Virtual size: 20KB

.data
Size: 4KB - Virtual size: 132KB

.rsrc
Size: 120KB - Virtual size: 119KB

.reloc
Size: 1KB - Virtual size: 1KB