d0b8d7c66aa395b8f98008053e6635b2_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

d0b8d7c66aa395b8f98008053e6635b2_JaffaCakes118
Size

141KB
MD5

d0b8d7c66aa395b8f98008053e6635b2
SHA1

9a58b9f2f927d6735d3e22a2bd287f303e198810
SHA256

cf342feb912674711e7a7b68076d088cb7b93edc88a732760518a59e9d7063f0
SHA512

1cee537b074f3a7d09b290654bd97374045493ec201e2012ad1f3d7bfa54030c3da454f28230dc1c0a45620689e4acc2efda6b9d84e0c34124ba1deb2edefa13
SSDEEP

3072:ooDNfhBVJjdqyM19KrETJ7HOQYmzD1PJblsaFYJYyrz:oQJNJJy104TJ7HVYmzD1RZvFdyn

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d0b8d7c66aa395b8f98008053e6635b2_JaffaCakes118

Files

d0b8d7c66aa395b8f98008053e6635b2_JaffaCakes118
.exe windows:5 windows x86 arch:x86

954407c124a70039e7b5255e8b25d883

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

T:\szNialogg\UJvfGaCw\aOXbYgDwEbJx\qgVScaoFxy\hpDsSbPf.pdb

Imports

user32

FindWindowExW
ClientToScreen
CharUpperW
DialogBoxIndirectParamA
GetClassLongA
IsCharAlphaA
CallWindowProcW
VkKeyScanW
DestroyCaret
LockWindowUpdate
LoadImageA
GetSystemMenu
MapVirtualKeyExW
wvsprintfA
MapWindowPoints
SetWindowPlacement
DrawTextW
MonitorFromRect
ReleaseDC
ScrollWindow
GetMenuItemCount
DefDlgProcW
GetScrollInfo
LoadMenuW
ChildWindowFromPoint
CharNextA
CreateDialogParamA
GetMenuItemRect
EnableScrollBar
DrawIcon
DrawMenuBar
SetMenuDefaultItem
CascadeWindows
FrameRect
SetSysColors
CharUpperBuffW
CharUpperA
EndDialog
CreateCursor
PostMessageA
ClipCursor
IsDialogMessageA
DispatchMessageA
GetMenuCheckMarkDimensions
InvalidateRect
CharUpperBuffA
RegisterWindowMessageA
DestroyIcon
DrawTextExW
EnumThreadWindows
IsCharUpperA
CheckMenuItem
GetMenuItemID
GetMenuStringA
AdjustWindowRectEx
wsprintfA
CreatePopupMenu
TabbedTextOutW
SetDlgItemTextA
RedrawWindow
GetDCEx
ActivateKeyboardLayout
wsprintfW
CreateDialogIndirectParamW
LoadStringW
InsertMenuA
GetMessageA
GetDC
CreateAcceleratorTableW
LoadBitmapA
IsDialogMessageW
ShowCaret
MapDialogRect
LoadIconA
CharLowerBuffW
GetDoubleClickTime
SendDlgItemMessageW
GetDlgItemTextA
SendMessageW
GetShellWindow
GetSubMenu
CharLowerW
AllowSetForegroundWindow
IsCharLowerA
GetMenuState

msvcrt

_controlfp
vswprintf
strtoul
__set_app_type
__p__fmode
__p__commode
mbstowcs
isalnum
wcscspn
strcspn
vsprintf
system
_amsg_exit
_initterm
_ismbblead
_XcptFilter
_exit
fclose
iswspace
wcstol
isdigit
_cexit
swprintf
strtol
mbtowc
strspn
getenv
swscanf
sprintf
mktime
__setusermatherr
tolower
fwrite
exit
__getmainargs
putchar

shlwapi

UrlGetLocationA
UrlIsOpaqueW

kernel32

IsValidLanguageGroup
VerSetConditionMask
DuplicateHandle
ConvertDefaultLocale
FindFirstFileW
GetModuleFileNameA
CreateFileA
lstrcmpiA
FreeLibrary
SetFilePointer
CreateNamedPipeA
GetSystemDirectoryW
CreateWaitableTimerA
SetLocalTime
IsDBCSLeadByteEx
DeleteCriticalSection
CreateThread
GetStartupInfoW
GetFileType
SuspendThread
QueryDosDeviceW
OpenEventW
MoveFileExW
LockResource
GetFileAttributesA
GetSystemWindowsDirectoryA
GetTempPathW
CompareFileTime
GetTimeFormatA
CreateFileMappingW
RaiseException
IsBadStringPtrW
VirtualQuery
GetACP
SearchPathW
lstrcmpiW
GetCurrentThreadId
GetVersionExW
lstrcpyW
LoadLibraryW

Exports

Exports

?HistoryLoggingOn@@YGKDKPAX:O

Sections

.text
Size: 24KB - Virtual size: 23KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdbg
Size: 512B - Virtual size: 111B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.iplan
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.eplan
Size: 512B - Virtual size: 91B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.run
Size: 1024B - Virtual size: 593B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.0dat
Size: 105KB - Virtual size: 104KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ram
Size: - Virtual size: 123KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

954407c124a70039e7b5255e8b25d883

Headers

File Characteristics

PDB Paths

Imports

user32

msvcrt

shlwapi

kernel32

Exports

Exports

Sections

.text Size: 24KB - Virtual size: 23KB

.rdbg Size: 512B - Virtual size: 111B

.iplan Size: 4KB - Virtual size: 4KB

.eplan Size: 512B - Virtual size: 91B

.run Size: 1024B - Virtual size: 593B

.0dat Size: 105KB - Virtual size: 104KB

.data Size: 3KB - Virtual size: 2KB

.ram Size: - Virtual size: 123KB

.rsrc Size: 2KB - Virtual size: 1KB

.text
Size: 24KB - Virtual size: 23KB

.rdbg
Size: 512B - Virtual size: 111B

.iplan
Size: 4KB - Virtual size: 4KB

.eplan
Size: 512B - Virtual size: 91B

.run
Size: 1024B - Virtual size: 593B

.0dat
Size: 105KB - Virtual size: 104KB

.data
Size: 3KB - Virtual size: 2KB

.ram
Size: - Virtual size: 123KB

.rsrc
Size: 2KB - Virtual size: 1KB