d0f92505e9a7e1196fc0515513511634_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

d0f92505e9a7e1196fc0515513511634_JaffaCakes118
Size

216KB
MD5

d0f92505e9a7e1196fc0515513511634
SHA1

9d5ebcc88fdfd000a93e8282ab7d79eacee64d4c
SHA256

36fe6b5a197ce980d4936b50f3a24e63ca7305ad3fe9a9d25a598c0c23af2106
SHA512

ede1dc89f311a030dff5aa64925d747683f83670778dbfbca73571a44bc3ae4853269a8ef7a189c51982cf85131d9d6d62d84d49eac824b441d8fb827673f595
SSDEEP

3072:+7YsOD1Nj53fIflP8p22GhaL5amKRlvUlj6rZV1T30wAVeTkwPgHcGao:+7YjB2p8p228aLDKRlGwZP0wSkkYOcP

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d0f92505e9a7e1196fc0515513511634_JaffaCakes118

Files

d0f92505e9a7e1196fc0515513511634_JaffaCakes118
.exe windows:5 windows x86 arch:x86

5d52ee9ac215bc788ec98fbb19387ca9

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

Z:\rdmojzTwWs\ijEbcyrc\JJBdePQr\uvmnduEyrkjpJ.pdb

Imports

user32

GetAsyncKeyState
KillTimer
SetWindowTextW
CreateDialogIndirectParamW
EnableMenuItem
RegisterHotKey
BeginDeferWindowPos
DrawTextExW
SetCursorPos
RegisterClassExA
IntersectRect
DefWindowProcW
GetPropW
DefDlgProcA
GetActiveWindow
DragObject
CreateCaret
EnumChildWindows
HiliteMenuItem
OpenIcon
LoadStringA
GetKeyboardLayoutList
SetDlgItemTextW
IsWindowUnicode
FillRect
ClipCursor
IsDlgButtonChecked
CharLowerW
ScrollWindowEx
ChildWindowFromPoint
DestroyWindow
SetPropW
GetScrollPos
InSendMessageEx
IsWindow
IsIconic
GetSysColorBrush
CreateIconFromResource
IsRectEmpty
CreateMenu
EndDialog
CharUpperBuffW
ExitWindowsEx
GetScrollInfo
GetClassInfoExW
ToUnicodeEx
GetDoubleClickTime
GetDlgCtrlID
DestroyIcon
GetDlgItemInt
GetMenuItemCount
GetTopWindow
GetClassLongA
DrawAnimatedRects
LoadIconW
MonitorFromPoint
IsZoomed
DestroyCaret
CharToOemBuffA
DestroyAcceleratorTable
DrawTextW
DrawStateA
IsChild
GetMessageTime
ShowOwnedPopups
GetWindowTextA
CharPrevA
CharToOemA
SetWindowLongA
LoadMenuW
GetKeyboardType
SetSysColors
MoveWindow
TrackPopupMenu
CharUpperBuffA
DialogBoxIndirectParamA
SendMessageA
SwitchToThisWindow
EqualRect
DispatchMessageA
EnableWindow
SystemParametersInfoW
EnumThreadWindows
SetActiveWindow
CreateAcceleratorTableW
SwapMouseButton
SetTimer

msvcrt

strtok
wcstok
_controlfp
malloc
iswspace
setlocale
iswdigit
__set_app_type
__p__fmode
perror
strpbrk
wcsstr
wcstombs
__p__commode
fwrite
_amsg_exit
fseek
_initterm
_acmdln
fgetc
wcscoll
isprint
ungetc
isupper
exit
_ismbblead
calloc
_XcptFilter
_exit
wcsrchr
printf
_cexit
putchar
isdigit
iswprint
__setusermatherr
__getmainargs
wcstol
fflush

gdi32

StretchDIBits
GetObjectA
GetBitmapBits
SetBitmapBits
CreateFontIndirectW
GetTextExtentPoint32W
PolyBezier
CreatePen
EndPath
FillRgn
OffsetViewportOrgEx
ExcludeClipRect
CreateSolidBrush
SetTextAlign
CreateDIBitmap
RemoveFontResourceW
TextOutW
GetPaletteEntries
LPtoDP
SetViewportOrgEx
SetLayout
Escape
GetCharWidth32W
SetMapMode
GetTextExtentPointW
GetDIBits
CreatePatternBrush
MoveToEx
GetTextExtentExPointW
LineTo
RealizePalette
SetWindowOrgEx
StartDocW
CombineRgn
GetMapMode

comdlg32

ReplaceTextW
GetSaveFileNameA
GetFileTitleW
PageSetupDlgW
GetSaveFileNameW

comctl32

ImageList_Destroy
InitCommonControlsEx
PropertySheetA
DestroyPropertySheetPage
ImageList_GetIcon

kernel32

FileTimeToDosDateTime
LoadLibraryA
GetShortPathNameA
FindFirstFileA
PulseEvent
CreateThread
BuildCommDCBAndTimeoutsW
VirtualAlloc
GetTickCount
CompareStringA
lstrcmpW
WinExec
FindResourceA
GetCPInfo
FindFirstFileW
ExitThread
CompareStringW
GetBinaryTypeA
CopyFileW
UnlockFile
ConnectNamedPipe
GetCurrentDirectoryW
LoadLibraryW
OpenFileMappingA
GetExitCodeThread
GetCurrentThreadId
GetCommProperties
HeapLock
LocalReAlloc
SearchPathW
IsDBCSLeadByte
SetHandleInformation
GlobalFree
GetCommState
IsBadStringPtrW
UnhandledExceptionFilter
GetCommandLineW
GetModuleHandleA
FormatMessageW
GlobalReAlloc
GetDateFormatA

Exports

Exports

?SleepAhHJDud@@YGKEPA_WG@Z
?SleepUDSUDlkdlsds@@YGKEPA_WG@Z
?SleepUDudjkUD@@YGKEPA_WG@Z
?SleepYDyjDuUI@@YGKEPA_WG@Z

Sections

.text
Size: 85KB - Virtual size: 84KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 19KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 1KB - Virtual size: 54KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 107KB - Virtual size: 107KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

5d52ee9ac215bc788ec98fbb19387ca9

Headers

File Characteristics

PDB Paths

Imports

user32

msvcrt

gdi32

comdlg32

comctl32

kernel32

Exports

Exports

Sections

.text Size: 85KB - Virtual size: 84KB

.data Size: 19KB - Virtual size: 18KB

.rdata Size: 1KB - Virtual size: 54KB

.rsrc Size: 107KB - Virtual size: 107KB

.reloc Size: 2KB - Virtual size: 1KB

.text
Size: 85KB - Virtual size: 84KB

.data
Size: 19KB - Virtual size: 18KB

.rdata
Size: 1KB - Virtual size: 54KB

.rsrc
Size: 107KB - Virtual size: 107KB

.reloc
Size: 2KB - Virtual size: 1KB