d1741fe8e76d971d4ae68d6f45fc1ea8_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

d1741fe8e76d971d4ae68d6f45fc1ea8_JaffaCakes118
Size

70KB
MD5

d1741fe8e76d971d4ae68d6f45fc1ea8
SHA1

cd535e6ff07636e3f3a892dbd09a05c8f8fab6fa
SHA256

b604b557c251b700cc1b19f7ce9552b3126783c34187c1c21b604c3551a446fd
SHA512

24862ad2df77184066cc5e5265247a224088b4baef0bd5c927185536c1c757b1923b827b1707b32e40c566ccac949db05cfc5301c1c005eb430899b3feb37461
SSDEEP

1536:N7BCuH8P+733aAqBV/oQqmbwnxjTo2uxL+OZ3k/5:LhY+7HavwQqmbCTvu4s3kR

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d1741fe8e76d971d4ae68d6f45fc1ea8_JaffaCakes118

Files

d1741fe8e76d971d4ae68d6f45fc1ea8_JaffaCakes118
.exe windows:5 windows x86 arch:x86

8ba07a61ff72a80b57a444d519356467

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

M:\dtxvogsssI\mqjBcbFsf\xicNesyyq.pdb

Imports

msvcrt

wcspbrk
sscanf
_controlfp
setlocale
towupper
__set_app_type
strpbrk
__p__fmode
wcscpy
vsprintf
iswctype
islower
puts
__p__commode
clearerr
localtime
system
strtoul
_amsg_exit
_initterm
isprint
atoi
setvbuf
isupper
vswprintf
gmtime
isspace
_ismbblead
_XcptFilter
ungetc
_exit
isalnum
bsearch
_cexit
wcsstr
strncmp
wcscmp
getc
strtol
mbstowcs
__setusermatherr
wcstombs
wcscat
fputc
memset
exit
towlower
__getmainargs

shlwapi

PathIsUNCW

comdlg32

GetFileTitleW
CommDlgExtendedError
GetOpenFileNameA
PrintDlgExW
PageSetupDlgW
GetSaveFileNameA

user32

GetDC
DrawFrameControl
AdjustWindowRect
IsWindowEnabled
GetClassInfoExW
ShowWindow
GetLastActivePopup
OpenInputDesktop
ShowWindowAsync
EndPaint
AllowSetForegroundWindow
SetScrollInfo
GetClassInfoW
DefWindowProcA
EnumChildWindows
SetFocus
FindWindowExW
IsIconic
IsMenu
CharUpperBuffW
LoadAcceleratorsW
DefWindowProcW
CreateWindowExW
MessageBoxA
DrawFocusRect
TranslateMessage
TranslateAcceleratorW
CopyImage
CreateDialogParamA
SetForegroundWindow
CheckRadioButton
GetWindow
SetScrollRange
RegisterClassW
SendInput
LoadIconA
DeleteMenu
GetWindowLongW
GetUpdateRgn
GetKeyboardLayoutNameW
MapVirtualKeyA
RemoveMenu
SetTimer
WaitMessage
CreatePopupMenu
SetWindowLongA
MapVirtualKeyExW
SetDlgItemTextA
ReleaseDC
GetForegroundWindow
GetKeyboardLayout
GrayStringW
SetSysColors
MessageBoxExW
CascadeWindows
GetMenu
SetWindowTextA
DrawStateA
ClientToScreen
GetIconInfo
GetClassLongA
CharToOemW
DefFrameProcA
DestroyMenu
IsCharAlphaA
CharLowerW
LoadCursorA
IsCharAlphaNumericW
ChildWindowFromPoint
PostThreadMessageW
TranslateAcceleratorA
CharLowerBuffW
DialogBoxIndirectParamA
SetScrollPos
LoadImageW
DrawTextExW
GetClassInfoA
DialogBoxParamA
AdjustWindowRectEx
ModifyMenuW
InsertMenuA
wvsprintfW
GetActiveWindow
InSendMessageEx
CharLowerA
RegisterWindowMessageA
InsertMenuItemW
GetShellWindow
WindowFromPoint
FindWindowA
ShowScrollBar
CloseDesktop
DialogBoxParamW
CharNextExA
SetDlgItemTextW
GetDCEx
CopyAcceleratorTableW
CharPrevW
CopyRect
IsRectEmpty
LoadAcceleratorsA
CharPrevA
EnumWindows
LoadBitmapW
SendDlgItemMessageW
SetCursor
GetSubMenu
EnableScrollBar
LookupIconIdFromDirectory
GetWindowPlacement
SetWindowLongW
DrawIconEx
ShowCursor
SetPropW
InsertMenuW
IsWindow
GetKeyboardType
GetCaretPos
IsCharLowerA

comctl32

ImageList_Read
CreateStatusWindowW
PropertySheetW
ImageList_Destroy
ImageList_LoadImageW
CreateToolbarEx

kernel32

ReadFile
SleepEx
FoldStringW
LocalFree
GetACP
FileTimeToDosDateTime
HeapAlloc
GetTempFileNameA
OpenEventW
GlobalFlags
HeapFree
GetCommandLineA
GetProcessHeap
GlobalHandle
lstrcatA
CancelIo
EscapeCommFunction
GetProcAddress
SetSystemTimeAdjustment
GetStdHandle
GetThreadTimes
VirtualFree
LocalReAlloc
SearchPathA
ReleaseSemaphore
CreateEventA
FreeResource
WaitForSingleObject
GetCommState
OpenFileMappingA
SetCommState
FindFirstFileA
GetSystemDirectoryA
lstrcmpW
GetSystemTimeAsFileTime
GlobalFree
SetCommBreak
lstrcatW
CreatePipe
FindNextFileW
CopyFileA
CreateEventW
GetCommandLineW
SetEvent
IsBadCodePtr
CreateMailslotW
GlobalCompact
LockResource
GetModuleFileNameA
SetFileAttributesW
WinExec
DeleteFileA
LocalSize
ResetEvent

Exports

Exports

?CalculateStringCapacity@@YGKDDPAX:O

Sections

.text
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.align
Size: 1KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.date
Size: 512B - Virtual size: 99B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.dati
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.char
Size: 1024B - Virtual size: 641B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.odata
Size: 13KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 512B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 33KB - Virtual size: 33KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

8ba07a61ff72a80b57a444d519356467

Headers

File Characteristics

PDB Paths

Imports

msvcrt

shlwapi

comdlg32

user32

comctl32

kernel32

Exports

Exports

Sections

.text Size: 9KB - Virtual size: 9KB

.align Size: 1KB - Virtual size: 36KB

.date Size: 512B - Virtual size: 99B

.dati Size: 6KB - Virtual size: 5KB

.char Size: 1024B - Virtual size: 641B

.odata Size: 13KB - Virtual size: 12KB

.data Size: 2KB - Virtual size: 1KB

.tls Size: 512B - Virtual size: 512B

.rsrc Size: 33KB - Virtual size: 33KB

.reloc Size: 2KB - Virtual size: 1KB

.text
Size: 9KB - Virtual size: 9KB

.align
Size: 1KB - Virtual size: 36KB

.date
Size: 512B - Virtual size: 99B

.dati
Size: 6KB - Virtual size: 5KB

.char
Size: 1024B - Virtual size: 641B

.odata
Size: 13KB - Virtual size: 12KB

.data
Size: 2KB - Virtual size: 1KB

.tls
Size: 512B - Virtual size: 512B

.rsrc
Size: 33KB - Virtual size: 33KB

.reloc
Size: 2KB - Virtual size: 1KB