db315dcac771243a083c701be9448ef3_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

db315dcac771243a083c701be9448ef3_JaffaCakes118
Size

218KB
MD5

db315dcac771243a083c701be9448ef3
SHA1

cb22c7d3c41a19192cf15a0b4ea058c9ec1f78d3
SHA256

d8a6386aad9b24d89adcfd256e7231c405410f6a80f2087d60dd693c50716220
SHA512

55a393184ca408202bd947e89bca18d9ef666437bd334ec73d6cede8b316e313a213e8e3b3d6674c17d542c1526ca4032dbe53e1b7d500d158d1f9b5a1dab7f3
SSDEEP

6144:MglL8ilO8UgbMhit8HuMi1dL7iVgg+BY:MUjMit8Hn2/iVmBY

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
db315dcac771243a083c701be9448ef3_JaffaCakes118

Files

db315dcac771243a083c701be9448ef3_JaffaCakes118
.exe windows:5 windows x86 arch:x86

cfad7c7033898de361eaa2000f31a69b

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

O:\fwAdyDplYjvNOu\fMjqbqSvqppEIw\GswfNiiVnk\zxKUtSmaJp\viiQxevpxQ.pdb

Imports

gdi32

EnumFontFamiliesW
CreateEllipticRgnIndirect
GetRgnBox
ResizePalette
CreateFontIndirectW
PatBlt
GetDIBits
RestoreDC
CreatePalette
GetLayout
BitBlt
CreateRectRgn
IntersectClipRect
GetTextExtentPointW
GetTextExtentExPointW
DeleteDC
GetPixel
SetAbortProc
SetTextColor
StretchBlt
SetDIBitsToDevice
SetTextAlign
SetPaletteEntries
CreateCompatibleBitmap
SaveDC
RealizePalette
EndDoc
CreateDiscardableBitmap
CreatePenIndirect
SetBkColor
CreatePatternBrush
CreateBitmapIndirect
CreateRoundRectRgn
SetViewportOrgEx
GetTextFaceW
Polyline
SetRectRgn
SetBkMode
SetBitmapDimensionEx
SetROP2
WidenPath
PolyBezier
StartPage
CreateCompatibleDC
GetNearestPaletteIndex
CombineRgn

kernel32

GlobalHandle
GetCurrentDirectoryW
SetEvent
GetSystemWindowsDirectoryA
HeapWalk
lstrlenW
CreateEventA
FindNextFileA
GetThreadTimes
lstrcmpA
LoadLibraryW
SetCurrentDirectoryA
GetSystemInfo
CopyFileW
HeapCreate
CancelIo
lstrcmpW
VerifyVersionInfoW
FindResourceA
GetCommConfig
DeviceIoControl
DuplicateHandle
GetSystemWindowsDirectoryW
GetModuleFileNameA
GlobalLock
DisconnectNamedPipe
GetStdHandle
GetShortPathNameW
VerSetConditionMask
GetFullPathNameW
FileTimeToLocalFileTime
FlushFileBuffers
IsBadCodePtr
LocalAlloc
SetThreadPriority
CreateFileA
LeaveCriticalSection
GetProcAddress
FindFirstFileA
GlobalFindAtomW
SetUnhandledExceptionFilter
HeapValidate
GetFileAttributesA
lstrcpyW
CreateThread
ReadFile
GetTimeFormatA
SetCommMask
IsValidLocale
GetLocaleInfoA

user32

SetMenu
GrayStringW
GetDesktopWindow
MapWindowPoints
VkKeyScanW
EnableScrollBar
FindWindowExW
SetScrollRange
DrawFrameControl
LoadBitmapW
GetSysColor
ReleaseDC
GetMenuStringW
InsertMenuA
MessageBoxA
ModifyMenuW
MapDialogRect
CharLowerW
KillTimer
SendDlgItemMessageA
GetDCEx
SetWindowLongW
SetWindowPos
CreatePopupMenu
GetKeyboardType
RegisterWindowMessageW
EnableMenuItem
HiliteMenuItem
GetCursorPos
GetUpdateRgn
LookupIconIdFromDirectory
TabbedTextOutW
GetParent
IsDialogMessageA
UnloadKeyboardLayout
GetFocus
SetMenuDefaultItem
FrameRect
DefDlgProcW
RegisterClassExA
GetMenuItemCount
DeleteMenu
MapVirtualKeyA
CallWindowProcA
MessageBoxExA
GetMessageA
SetCursor
IsCharAlphaNumericW
InternalGetWindowText
GetClassInfoA
GetNextDlgGroupItem
CreateDialogIndirectParamW
RegisterClassA
InvertRect
ShowOwnedPopups
GetWindow
RegisterClassW
MoveWindow
CallWindowProcW
GetDlgItemInt
DialogBoxParamW
GetDlgCtrlID
LoadBitmapA
GetMenuState
MonitorFromPoint
GetDlgItem
GetAsyncKeyState
CreateIconFromResource
EndTask
GetSubMenu
DialogBoxIndirectParamW
GetMessageExtraInfo
CharPrevA
DialogBoxParamA
SetUserObjectInformationW
ChangeMenuW
SetScrollPos
SetDlgItemInt
RedrawWindow
ValidateRect
IsWindow
TranslateMessage
OpenIcon
AppendMenuW
SetWindowTextA
GetWindowPlacement
CascadeWindows
GetScrollInfo
IsWindowVisible
DefDlgProcA
ScreenToClient
RegisterClassExW
wvsprintfW
GetSysColorBrush
LoadCursorA
GetTopWindow
CreateCursor
GetMenuItemID
DefFrameProcW
GetClassNameW
GetClassInfoExA
LoadAcceleratorsA
LoadMenuA
GetWindowTextA
ToUnicodeEx
InSendMessageEx
UpdateWindow
SendMessageW
SendMessageA
CharNextExA

msvcrt

_controlfp
iswctype
wcstok
realloc
ftell
wcspbrk
putchar
fputs
isspace
__set_app_type
calloc
__p__fmode
wcstod
fflush
malloc
time
wcscspn
wcstol
__p__commode
remove
wcsncmp
_amsg_exit
srand
_initterm
_ismbblead
wcscat
_XcptFilter
iswprint
strcspn
_exit
fgets
_cexit
free
mbstowcs
__setusermatherr
islower
fprintf
wcscpy
clearerr
__getmainargs
wcsstr
gets
qsort
fgetc

Exports

Exports

?DecrementProviderExW@@YGPADPAFK]A
?KillPointEx@@YGPA_NH]A

Sections

.text
Size: 192KB - Virtual size: 192KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.packed
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

cfad7c7033898de361eaa2000f31a69b

Headers

File Characteristics

PDB Paths

Imports

gdi32

kernel32

user32

msvcrt

Exports

Exports

Sections

.text Size: 192KB - Virtual size: 192KB

.packed Size: 13KB - Virtual size: 13KB

.data Size: 8KB - Virtual size: 8KB

.rsrc Size: 512B - Virtual size: 16B

.reloc Size: 2KB - Virtual size: 1KB

.text
Size: 192KB - Virtual size: 192KB

.packed
Size: 13KB - Virtual size: 13KB

.data
Size: 8KB - Virtual size: 8KB

.rsrc
Size: 512B - Virtual size: 16B

.reloc
Size: 2KB - Virtual size: 1KB