daf9cd83825b59fba202d154e99e76b8_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

daf9cd83825b59fba202d154e99e76b8_JaffaCakes118
Size

218KB
MD5

daf9cd83825b59fba202d154e99e76b8
SHA1

25cbaa61b33d11fe43c2107ddb11bad443a467c5
SHA256

1049dbd28141cdd35da23e06b8e43d5eb5f8156cf5b24dd9892f6372d5de6bd0
SHA512

f3cf66d588f9cfb26e4353547ce926113b34ffb1fffdd13eb6fc2dd2948388160a4f8cb30d89b1de0e67262b330de1a8c09530d69dd75b902ce03bfb503b41a3
SSDEEP

3072:dgjJ80MnN8EFumgj+0vYMw6NoI/uTsdatnlSi+ngEFH3n5ueAoJnEG4a2aLf/4uP:dgj2N8heT6NLMsWgp5ZseAq4aL

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
daf9cd83825b59fba202d154e99e76b8_JaffaCakes118

Files

daf9cd83825b59fba202d154e99e76b8_JaffaCakes118
.exe windows:5 windows x86 arch:x86

36efdf1f9b5caf0927ee216f7f5767f4

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

J:\iMNjvRYQbwgxp\vKZShnEqw\cjrtfkPDvpcKk\xboVfAqxhfNcxK.pdb

Imports

gdi32

GetROP2
LineTo
AddFontResourceW
EnumFontFamiliesExW
CreateBrushIndirect
MoveToEx
CreateBitmap
BeginPath
GetFontData
GetTextColor
EndPage
CreateHalftonePalette
StretchBlt
Ellipse
SelectObject
CombineRgn
CreatePatternBrush
CreateFontIndirectA
ExcludeClipRect
Rectangle
TextOutW
CreateRectRgn
LPtoDP
CreateFontW
Polyline
EndPath
SetBkColor
CreateDIBSection
ExtTextOutA
GetObjectA
RestoreDC
BitBlt
CreateSolidBrush
GetDeviceCaps
StretchDIBits

msvcrt

mbtowc
atol
_controlfp
wcschr
fgets
srand
setvbuf
__set_app_type
__p__fmode
__p__commode
_amsg_exit
_initterm
_acmdln
exit
wcstoul
_ismbblead
wcstok
_XcptFilter
vswprintf
towupper
iswalpha
qsort
clearerr
fputc
_exit
_cexit
__setusermatherr
strtol
iswdigit
fprintf
mktime
__getmainargs
wcslen
wcscspn
strrchr
strncmp
ungetc
iswspace
wcscat

user32

ArrangeIconicWindows
WaitForInputIdle
CharUpperA
IsZoomed
GetKeyboardType
CreatePopupMenu
OpenInputDesktop
DrawAnimatedRects
TranslateAcceleratorA
DefWindowProcA
GetTopWindow
CreateAcceleratorTableW
wvsprintfA
InsertMenuA
LoadMenuA
InsertMenuItemW
ValidateRect
PtInRect
GetClassLongA
EnableScrollBar
BeginPaint
CharNextExA
PostThreadMessageW
SetSysColors
GetClassInfoW
DrawStateA
SetCursorPos
FindWindowExW
SetTimer
LoadCursorA
GetDesktopWindow
LoadBitmapW
TranslateAcceleratorW
CreateDialogParamW
DestroyMenu
IsCharAlphaNumericW
CopyRect
SetPropW
SetScrollPos
LoadAcceleratorsW
DrawFrameControl
InvalidateRgn
CreateIconFromResource
InSendMessageEx
RegisterClassExA
SetActiveWindow
CharLowerBuffW
InvertRect
CharToOemW
GetNextDlgGroupItem
PeekMessageA
CharUpperW
DestroyIcon
DeferWindowPos
CharToOemA
IsCharAlphaW
OemToCharA
DestroyCursor
DeleteMenu
ClipCursor
DestroyAcceleratorTable
GetMessageExtraInfo
OpenDesktopW
ReleaseDC
GetClassInfoA
SystemParametersInfoA
PostThreadMessageA
FillRect
SendNotifyMessageW
EqualRect
CreateMenu
IsDialogMessageW
GetMenuItemCount
ChildWindowFromPoint
GetWindowLongA
VkKeyScanW
ChangeMenuW
MapDialogRect
LoadCursorW
SetRectEmpty
GetDoubleClickTime
CascadeWindows
SendDlgItemMessageA
MapVirtualKeyW
GetClassInfoExW
IsDialogMessageA
IsWindowEnabled
SetWindowLongW

comctl32

CreateToolbarEx
ImageList_Remove
ImageList_AddMasked
ImageList_LoadImageW
CreateStatusWindowW

kernel32

CreateEventW
OpenSemaphoreW
RaiseException
FindFirstFileA
CreateRemoteThread
SetSystemTimeAdjustment
IsBadReadPtr
RemoveDirectoryW
HeapUnlock
GetTempPathA
lstrcpynW
TlsSetValue
GetFileType
GetCommModemStatus
GetLocaleInfoW
FindResourceW
GetTimeFormatA
lstrlenW
lstrcpyW
HeapFree
GetNumberFormatA
CreateDirectoryW
FormatMessageA
IsValidLanguageGroup
GetModuleFileNameW
MapViewOfFile
MoveFileA
CreateEventA
CreateSemaphoreW
IsBadWritePtr
GetExitCodeThread
SizeofResource
GetSystemWindowsDirectoryW
GetCommandLineW
lstrcmpA
QueryDosDeviceW
GetFileSize
SetThreadAffinityMask
GetOEMCP
OpenFileMappingA
GetHandleInformation

Exports

Exports

?FreeHeightEx@@YGXD&U
?OptionW@@YGIG&U
?GetWindowInfoOld@@YGPAEPAI&U
?GlobalRectOriginal@@YGM_NK&U
?DeleteStateOriginal@@YGEPAJ&U
?KillSection@@YGDPAMHFPAD&U
?LoadSystemEx@@YGDPAIPAJDH&U
?LoadModule@@YGEGPAGPAMI&U
?RemoveComponent@@YGDG&U
?PutStringExA@@YGPAHDNJPAD&U
?InvalidateScreenW@@YGIPAH&U
?HideWindowExW@@YGGNKF&U
?GenerateMediaTypeOld@@YGFD&U
?FormatFunctionW@@YGPAXPAI&U
?GetWidthExA@@YGHDJ&U
?GetHeaderOriginal@@YGDJ&U
?FreeDataW@@YG_N_ND&U
?KillAnchorOld@@YGPAIED&U
?InstallWindowExA@@YGDF&U
?SetStateEx@@YGXPAE&U
?RtlOptionOriginal@@YGFPAIPAH&U
?OnDataNew@@YGPADPAGME&U
?ModifyTimeEx@@YGFFG&U
?IsNotConfigEx@@YGKPAIJK&U
?FreeComponentEx@@YGXPAM&U
?ShowPenOld@@YGHDN&U
?DecrementProviderEx@@YGFF&U
?LoadProjectOriginal@@YGPAMPAHMPAKF&U
?CrtMutexExW@@YGHPAI&U
?CrtMediaTypeEx@@YGPAJDIPAKD&U
?EnumThreadOriginal@@YGDJJDI&U
?SetMemoryNew@@YGPAFMF&U
?HideFunctionEx@@YGDPAEHJM&U
?EnumExpressionOriginal@@YGGPA_NFJ&U
?GlobalPointerExA@@YGXPAIMJ&U
?DecrementMemory@@YGEMPADI&U

Sections

.text
Size: 84KB - Virtual size: 83KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.imdat
Size: 1024B - Virtual size: 852B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.edata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 5KB - Virtual size: 58KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 109KB - Virtual size: 109KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

36efdf1f9b5caf0927ee216f7f5767f4

Headers

File Characteristics

PDB Paths

Imports

gdi32

msvcrt

user32

comctl32

kernel32

Exports

Exports

Sections

.text Size: 84KB - Virtual size: 83KB

.imdat Size: 1024B - Virtual size: 852B

.edata Size: 1KB - Virtual size: 1KB

.data Size: 13KB - Virtual size: 13KB

.rdata Size: 5KB - Virtual size: 58KB

.rsrc Size: 109KB - Virtual size: 109KB

.reloc Size: 2KB - Virtual size: 1KB

.text
Size: 84KB - Virtual size: 83KB

.imdat
Size: 1024B - Virtual size: 852B

.edata
Size: 1KB - Virtual size: 1KB

.data
Size: 13KB - Virtual size: 13KB

.rdata
Size: 5KB - Virtual size: 58KB

.rsrc
Size: 109KB - Virtual size: 109KB

.reloc
Size: 2KB - Virtual size: 1KB