d46056a611b5bb2f9a27a79cc5b39ef0_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

d46056a611b5bb2f9a27a79cc5b39ef0_JaffaCakes118
Size

212KB
MD5

d46056a611b5bb2f9a27a79cc5b39ef0
SHA1

92b16ddf9d7975a3920c2002250eb3fcbfc154a0
SHA256

a879119ebdcc8a3eaa7aa29547fd2e203f002f2e19b4a400a28a3f8945401bc6
SHA512

cc6cf8339136c9d6357e0299ad6db1535fbd45a3d5762a2f8279685fd229cabc864d20d6854483c585a149e14ca4c19c27fd5a400887a75655dacd91761e5698
SSDEEP

3072:WPsZ9Gfl9D9r4z6gjesHZnRJtf750pxvjSDKRyOOVU3l81yrCby/p5/VR0fXNtae:AmGPGbnJtf75KvjSG0HIl7wyx59Gf8

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d46056a611b5bb2f9a27a79cc5b39ef0_JaffaCakes118

Files

d46056a611b5bb2f9a27a79cc5b39ef0_JaffaCakes118
.exe windows:5 windows x86 arch:x86

7e7101ec6302199345b9033b785ed378

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

J:\otzhrZnqqvdey\xYPDTjxdwqAxks\boiJIlmQ\vyVjxRiVccrk\xebLodhau.pdb

Imports

msvcrt

_controlfp
__set_app_type
strtok
strchr
wcstoul
perror
wcstod
__p__fmode
wcscpy
strspn
wcsncpy
__p__commode
_amsg_exit
isalnum
strpbrk
fputc
time
isprint
_initterm
_acmdln
strtoul
towupper
wcslen
gmtime
atoi
exit
_ismbblead
strncmp
getenv
gets
fgetc
_XcptFilter
wcspbrk
fseek
_exit
_cexit
__setusermatherr
remove
mktime
__getmainargs

comctl32

ImageList_Remove
ImageList_AddMasked
ImageList_Create
ImageList_GetImageCount
ImageList_Destroy

user32

DestroyCursor
GetDesktopWindow
MapWindowPoints
DestroyIcon
EnumThreadWindows
PostThreadMessageA
CopyAcceleratorTableW
CheckRadioButton
GetWindowDC
SetScrollInfo
DrawIcon
wsprintfA
GetMenuState
CloseDesktop
GetClassInfoExA
CharPrevA
GetMessageW
IsIconic
InsertMenuItemW
wsprintfW
CharToOemA
GetDCEx
IsWindowVisible
MapVirtualKeyExW
FillRect
GetWindowRect
SendDlgItemMessageW
EnumChildWindows
DestroyWindow
RegisterClassW
GetNextDlgGroupItem
DialogBoxParamA
IsDialogMessageW
GetActiveWindow
GetDialogBaseUnits
ReplyMessage
FindWindowExA
LoadMenuW
GetSystemMetrics
GetKeyboardLayout
GetIconInfo
GetClassInfoA
GetWindowLongW
SetMenu
VkKeyScanW
GetWindowTextA
DragObject
IsRectEmpty
GetWindowTextLengthW
MapVirtualKeyA
TranslateMessage
CallWindowProcW
CharLowerBuffW
CreateCursor
PostThreadMessageW
GetMenuItemID
GetUpdateRgn
DefFrameProcA
RegisterClassExW
GetClientRect
GetDlgItemTextA
CharPrevW
CreateDialogIndirectParamW
GetClassInfoW
PeekMessageA
GetMenuItemRect
CharNextExA
ScrollWindowEx
GetMessageTime
InvalidateRect
EndTask
keybd_event
MapDialogRect
CopyRect
CascadeWindows
GetTopWindow
ShowOwnedPopups
RemovePropW
SetWindowLongW
GrayStringW
GetForegroundWindow
IsCharAlphaNumericW
UpdateWindow
IsCharUpperA
GetLastActivePopup
FrameRect
GetMenuItemInfoW
IsWindow

gdi32

CreateRectRgn
CreateBrushIndirect
GetWindowOrgEx
SetBitmapDimensionEx
GetCharWidth32W
EnumFontFamiliesExW
CreateFontW
GetNearestPaletteIndex
MoveToEx
SetBkMode
SetPixel
PolyBezier
GetTextExtentPointA
SaveDC
EnumFontFamiliesW
CreatePolygonRgn
GetTextAlign
GetTextExtentPointW
GetObjectW
SetDIBColorTable
BitBlt
OffsetViewportOrgEx
SetWindowExtEx
CreateDIBSection
CreateEllipticRgnIndirect
BeginPath
GetTextColor
DeleteDC
GetPaletteEntries
AddFontResourceW
Rectangle
StartPage
GetMapMode
RestoreDC
StartDocW

kernel32

SetThreadLocale
LocalReAlloc
RaiseException
SetErrorMode
SuspendThread
GetSystemDefaultLangID
HeapAlloc
ClearCommBreak
GetCPInfo
DeviceIoControl
BuildCommDCBAndTimeoutsW
CancelIo
CreateNamedPipeW
GetTempPathA
LCMapStringA
CopyFileA
CloseHandle
SetHandleInformation
SetThreadPriority
GetCurrentThreadId
SetupComm
GetShortPathNameA
LocalLock
GlobalGetAtomNameA
GetFileAttributesA
GetShortPathNameW
GetThreadPriority
GetFileAttributesW
GetFileAttributesExA
FindCloseChangeNotification
DuplicateHandle
GlobalAddAtomA
AddAtomA
IsBadReadPtr
MapViewOfFile
GetACP
CreateDirectoryW
GetAtomNameA
RemoveDirectoryW
GetTickCount
GetCurrentDirectoryW

Exports

Exports

?WaitForMultipleObjectsIUIUDSiuld@@YGKEPA_WG@Z
?WaitForMultipleObjectsJUDiuDLIJU@@YGKEPA_WG@Z
?WaitForMultipleObjectsUYDyudkjh@@YGKEPA_WG@Z
?WaitForSingleObjectYDEyuhgDU6d@@YGKEPA_WG@Z

Sections

.text
Size: 68KB - Virtual size: 67KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 18KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 2KB - Virtual size: 72KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 121KB - Virtual size: 120KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

7e7101ec6302199345b9033b785ed378

Headers

File Characteristics

PDB Paths

Imports

msvcrt

comctl32

user32

gdi32

kernel32

Exports

Exports

Sections

.text Size: 68KB - Virtual size: 67KB

.data Size: 18KB - Virtual size: 17KB

.rdata Size: 2KB - Virtual size: 72KB

.rsrc Size: 121KB - Virtual size: 120KB

.reloc Size: 2KB - Virtual size: 1KB

.text
Size: 68KB - Virtual size: 67KB

.data
Size: 18KB - Virtual size: 17KB

.rdata
Size: 2KB - Virtual size: 72KB

.rsrc
Size: 121KB - Virtual size: 120KB

.reloc
Size: 2KB - Virtual size: 1KB