dabc7bb454c1e0c16de3420d9113730c_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

dabc7bb454c1e0c16de3420d9113730c_JaffaCakes118
Size

1.1MB
MD5

dabc7bb454c1e0c16de3420d9113730c
SHA1

6d6d5302e40c5608e4bcaa6ba6d6340875a1f60a
SHA256

aa041c4421c00d4998e52f42cce4d4bd30a3b76587410ad2b65d223a389463bf
SHA512

1bc9f405e6d1e4dfafbb286dd74ccdf071f563f9890f406419f4a4bc3f1bcf7cc4ce8b9250889bb308018d4af32b242557fc904481f13a31c2e197cdfca30dc3
SSDEEP

24576:7NVVkPkAbdm9Xm2Df9k7Xdfr1Djus4H98lMXXl4EkYQ//uaXn9b:7TVtAb8m2TAVNju5K2Hlvwe49

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
dabc7bb454c1e0c16de3420d9113730c_JaffaCakes118

Files

dabc7bb454c1e0c16de3420d9113730c_JaffaCakes118
.exe windows:5 windows x86 arch:x86

459960cb5af5fd8f5c68c6bb0bcbcd06

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

Z:\nvAeygoqi\jFJslhM\HDcwedfGE.pdb

Imports

shlwapi

UrlIsA

user32

DrawIcon
wsprintfA
FrameRect
SetWindowPos
ValidateRect
TabbedTextOutW
GetWindowPlacement
GetTopWindow
InsertMenuA
DefWindowProcW
IsIconic
DestroyWindow
PostThreadMessageA
InvertRect
GetWindowRect
LookupIconIdFromDirectory
GetMenuCheckMarkDimensions
IntersectRect
AllowSetForegroundWindow
ShowWindow
MonitorFromRect
KillTimer
GetCaretPos
SetParent
SetUserObjectInformationW
SetMenu
CharToOemA
GetAltTabInfoA
ScrollWindow
LoadCursorW
ReleaseDC
DefFrameProcA
DestroyCaret
GetNextDlgGroupItem
GetFocus
IsCharUpperA
ArrangeIconicWindows
GetDlgItemTextW
GetShellWindow
ChildWindowFromPoint
IsZoomed
GetMessageW
OpenDesktopW
SetWindowLongW
CharNextA
OpenInputDesktop
GetMessageA
GetMenuItemInfoW
AppendMenuW
wsprintfW
EqualRect
ChildWindowFromPointEx
GetClassInfoExW
GetSysColor
InvalidateRect
GetClassInfoA
CreateWindowExW
OemToCharBuffA
AppendMenuA
LoadStringA
GetScrollPos
IsDialogMessageA
GetMenuStringA
SetWindowPlacement
MapVirtualKeyA
MapWindowPoints
SetCursorPos
DestroyMenu
GetActiveWindow
GetWindow
HiliteMenuItem
GetKeyboardLayoutNameW
BeginDeferWindowPos
ToUnicodeEx
SetWindowTextW
WaitMessage
SetForegroundWindow
CloseDesktop
CascadeWindows
LoadCursorA
GetMessageTime
SendDlgItemMessageA
MessageBoxA
CreateIconFromResource
GetClassNameW
GetWindowLongA
MapVirtualKeyW
GetUserObjectInformationA
GetMenuItemID
SetRect
EnableMenuItem
LoadIconW
SetScrollPos
CharUpperBuffA
CallWindowProcW
CheckMenuRadioItem
GetDC
DefFrameProcW
WindowFromPoint
GetMessageExtraInfo
GetUpdateRgn
GetClassLongW
ActivateKeyboardLayout
DrawAnimatedRects
EnableScrollBar
DragObject
SendMessageTimeoutA
GetMenuState
TranslateMessage
CharLowerBuffW
LoadMenuA
GetClassLongA
SendNotifyMessageW
EndPaint
FindWindowExW
VkKeyScanW
UpdateWindow
IsCharAlphaW
CopyRect
CreateCaret
RegisterHotKey

msvcrt

_controlfp
__set_app_type
__p__fmode
clock
isupper
strcspn
fputc
printf
fgetc
__p__commode
_amsg_exit
strerror
_initterm
wcscoll
localtime
towlower
wcscmp
wcscat
gmtime
ftell
qsort
iswxdigit
atol
wcsstr
ungetc
wcstok
_ismbblead
gets
towupper
_XcptFilter
_exit
_cexit
fprintf
wcschr
vswprintf
strtoul
__setusermatherr
swscanf
strcoll
vsprintf
__getmainargs
realloc
strchr
malloc
wcsrchr
exit
toupper

kernel32

CompareFileTime
HeapLock
DefineDosDeviceW
GetVersionExA
GetModuleFileNameA
HeapFree
UnmapViewOfFile
FindResourceW
GlobalMemoryStatusEx
RegisterWaitForSingleObject
GetSystemDirectoryA
GetOverlappedResult
LockFile
GetNumberFormatA
CreateWaitableTimerA
FreeLibrary
GetHandleInformation
QueryPerformanceCounter
GetTempFileNameW
GlobalDeleteAtom
GetStringTypeExW
GetCurrentDirectoryW
lstrcpynW
HeapAlloc
FindFirstFileA
WaitForSingleObject
GetCommProperties
LoadLibraryA
GetComputerNameExA
SetHandleInformation
GetTimeFormatA
lstrcatA
GetProcessHeap
SetEndOfFile
IsBadCodePtr
AddAtomW
GetSystemDefaultLangID
GlobalLock
lstrcpyA
WaitCommEvent
GetComputerNameA
FileTimeToLocalFileTime
lstrlenW
CopyFileW
CompareStringA
RemoveDirectoryA
GetDateFormatW
GetFileAttributesExA
EnterCriticalSection
ReleaseSemaphore
GetLongPathNameW
EnumSystemLocalesA
FlushViewOfFile
SetLocalTime
GetModuleHandleW
GetCommTimeouts
MulDiv

Exports

Exports

?BinaryRedirectNetDYuyhDBH@@YGKGE[D

Sections

.text
Size: 21KB - Virtual size: 20KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 8KB - Virtual size: 4.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 512B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1.1MB - Virtual size: 1.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

459960cb5af5fd8f5c68c6bb0bcbcd06

Headers

File Characteristics

PDB Paths

Imports

shlwapi

user32

msvcrt

kernel32

Exports

Exports

Sections

.text Size: 21KB - Virtual size: 20KB

.data Size: 8KB - Virtual size: 4.1MB

.tls Size: 512B - Virtual size: 512B

.rsrc Size: 1.1MB - Virtual size: 1.1MB

.reloc Size: 2KB - Virtual size: 1KB

.text
Size: 21KB - Virtual size: 20KB

.data
Size: 8KB - Virtual size: 4.1MB

.tls
Size: 512B - Virtual size: 512B

.rsrc
Size: 1.1MB - Virtual size: 1.1MB

.reloc
Size: 2KB - Virtual size: 1KB