ddd6d2cd26d797907b512dca92aad607_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

ddd6d2cd26d797907b512dca92aad607_JaffaCakes118
Size

189KB
MD5

ddd6d2cd26d797907b512dca92aad607
SHA1

d32bbd52cdbb058aab5d564c577fcac3c2bc7a32
SHA256

35c1d5f7cacf94de4343f114f13cabfb0079ddef924def871edd50d5a5d7ea00
SHA512

ca7a54704ec409b2f94cbc5db8bd42651c7275cfe7b446c708117b1b4aeb46b54a37a687d6f8d05bf6620f9b11a2ed36bacb204b792308bf71a928f10bc98c2c
SSDEEP

3072:sM1RxL8PoGsFd7PvpmTqzWo4nLFa6hdhtEHhtqm6qzK9/rMeirqN2YiN:j/LTv314nLjdhtEBtqm6fQeirg2Z

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ddd6d2cd26d797907b512dca92aad607_JaffaCakes118

Files

ddd6d2cd26d797907b512dca92aad607_JaffaCakes118
.exe windows:5 windows x86 arch:x86

d915b6b87bd6717fa942187782a2b5eb

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

X:\oxwDarwilxKwwV\HqijbUWd\jjyDHiEdnP\tMGvdNbsBTgl\qgnXnlDfbxPJM.pdb

Imports

gdi32

GetCurrentObject
SetDIBitsToDevice
CreateBitmapIndirect
StretchBlt
CreateRectRgnIndirect
RoundRect
SetROP2
CreateBrushIndirect
EnumFontFamiliesW
StartPage
PathToRegion
GetDeviceCaps
RestoreDC
BitBlt
EnumFontsW
GetTextColor
CreateCompatibleDC
UnrealizeObject
CreateRectRgn
DeleteObject
GetCharWidth32W
EndPage
StretchDIBits
ScaleWindowExtEx
SetMapMode
SelectObject
GetViewportOrgEx
SetPaletteEntries
CreateFontA
WidenPath
AddFontResourceW
ExtTextOutA
LineTo
CreateHatchBrush
SetStretchBltMode
PtVisible
SetBitmapBits
TextOutW
ResizePalette
GetTextExtentPoint32A
PatBlt
GetStockObject
SetWindowExtEx
CreateCompatibleBitmap
GetTextAlign
GetTextFaceW
GetRgnBox
GetTextCharsetInfo
GetPaletteEntries
GetMapMode
GetPixel

shlwapi

StrChrIA

msvcrt

ungetc
clock
_controlfp
fwrite
clearerr
__set_app_type
__p__fmode
towlower
wcsstr
gets
fgetc
qsort
__p__commode
remove
strpbrk
getenv
setvbuf
_amsg_exit
putc
wcsrchr
_initterm
isdigit
_acmdln
swprintf
exit
iswprint
strspn
isxdigit
sscanf
strtok
_ismbblead
_XcptFilter
srand
malloc
wcstok
fprintf
wcscpy
rand
vsprintf
ftell
_exit
_cexit
wcscat
wcscspn
sprintf
fclose
__setusermatherr
__getmainargs

kernel32

GlobalSize
ConvertDefaultLocale
CopyFileW
DeviceIoControl
CreateFileMappingA
GetStdHandle
UnlockFile
SetSystemTimeAdjustment
GetFileAttributesA
IsBadStringPtrW
LoadLibraryA
WaitForMultipleObjects
IsBadReadPtr
DeleteFileA
GlobalGetAtomNameW
UnhandledExceptionFilter
DuplicateHandle
HeapReAlloc
LoadResource
SetFileAttributesW
GetLocalTime
GetCommModemStatus
GetUserDefaultUILanguage
TerminateThread
GetWindowsDirectoryA
GetFileSize
lstrcpynA
WriteFile
LockFile
HeapFree
TransactNamedPipe
FindResourceExW
IsBadWritePtr
SetThreadContext
FlushFileBuffers
FindClose
GlobalFindAtomW
GlobalMemoryStatusEx
GetThreadPriority
lstrlenA
GetModuleHandleA
OpenFileMappingA
VirtualFree
lstrcmpiA
GetFileAttributesExW
GetCommandLineA
ReadFile
FindResourceExA
CopyFileA
CreateFileA
EscapeCommFunction
GetModuleFileNameA
SetCommState
IsValidLocale
GetTimeZoneInformation
OpenEventA

user32

GetDoubleClickTime
CreateCursor
SetUserObjectInformationW
ClientToScreen
CallWindowProcA
CopyRect
GetWindowPlacement
EndPaint
RegisterWindowMessageW
SetParent
IsCharUpperA
UnloadKeyboardLayout
IsIconic
GetClientRect
SetForegroundWindow
LoadStringW
DrawTextExW
GetWindowLongA
GetMenuState
CascadeWindows
BeginPaint
GetMenuStringW
GetMonitorInfoW
LoadMenuA
GetKeyState
IsChild
InsertMenuW
DialogBoxIndirectParamW
GetForegroundWindow
DispatchMessageA
GetTopWindow
GetKeyboardType
GetDlgCtrlID
mouse_event
GetMenu
SetCursor
OpenDesktopW
SetScrollPos
CloseDesktop
ReleaseDC
SetDlgItemTextW
IsWindowEnabled
SetWindowTextA
ChildWindowFromPointEx
FillRect
SendMessageTimeoutA
ClipCursor
TranslateAcceleratorA
RegisterClassExW
IsDlgButtonChecked
PeekMessageA
GetCursorPos
GetMenuCheckMarkDimensions
GetClassLongW
GetUserObjectInformationW
wvsprintfA
GetNextDlgTabItem
AppendMenuA
CharUpperA
GetDC
GetMessageTime
GetScrollPos
CreateDialogParamA
ValidateRect
HideCaret
GetWindowLongW
DeferWindowPos
DefWindowProcW
SendDlgItemMessageA
DispatchMessageW
SetTimer
GetKeyNameTextW
MonitorFromPoint
MessageBoxExW
SendMessageTimeoutW
WaitForInputIdle
GetCaretPos
GetParent
GetWindowTextA
SetMenuItemInfoW
IsCharAlphaW
SetMenuItemBitmaps
FindWindowA
LoadBitmapW
CharLowerA
OemToCharBuffA
DestroyCursor
SetRect
SetWindowPlacement
MessageBoxW
InSendMessageEx
GetMenuItemRect
MoveWindow
CharNextExA
CheckMenuRadioItem
EnumThreadWindows
CharNextA
AllowSetForegroundWindow
FindWindowW
GetKeyboardLayoutNameW
MapVirtualKeyExW
PostMessageW
RegisterClassExA
AttachThreadInput
GetMenuItemCount
SwitchToThisWindow
GetClassLongA
ActivateKeyboardLayout
ReplyMessage
IsZoomed
MessageBoxA
OpenIcon
CreatePopupMenu
DialogBoxParamA
DialogBoxIndirectParamA
PostQuitMessage
BeginDeferWindowPos
IsCharLowerA
DefWindowProcA
GetClassInfoA
SetDlgItemTextA
CreateAcceleratorTableW

Exports

Exports

?CallDataNew@@YGPAXHEEF]A
?DeleteListItemExW@@YGPAJD]A
?IsNotDirectoryExA@@YGX_NNPA_NPAF]A
?ShowWindowEx@@YGPA_NPAIPAHPAHJ]A
?KillDirectoryA@@YGFPAKFIF]A
?IsValidTextOriginal@@YGFJD]A
?DecrementDataNew@@YGGD]A
?InvalidateFolderNew@@YGXJFPAMPAI]A
?ModifyTextOld@@YGPAEEPAN]A
?LoadPointerA@@YGGPAGMI]A
?SetDevice@@YGXHH]A
?GetHeightNew@@YGPAHPAKJG]A
?GenerateMediaTypeExA@@YGEPAFED]A
?FreeHeader@@YGIPAEMM]A
?CrtDialogOriginal@@YGXPAJ_NK]A
?CloseProjectOriginal@@YGEJ]A
?CancelDialogOld@@YGMMPAK]A
?GetProfile@@YGKD_NG]A
?DateTimeA@@YGXIKPAEPAM]A
?ClosePointOld@@YGXI]A
?IsValidTimer@@YGGE]A
?KillPointerExW@@YGIJD]A
?PutScreenW@@YGFGI]A
?KillPathA@@YGNNPAMPAFH]A
?DestinationSysCounterDnDHuuey@@YGKGHE@Z
?ShowTask@@YGJPAKFI]A
?KillListItemOld@@YGPAXGMPAN]A
?SetSizeExA@@YGPADPADH]A
?CopyCommandLineEx@@YGDIPAEDPAJ]A
?GetTextA@@YGGKIPAE]A
?AddFolderW@@YGMFG]A
?PutPenA@@YGJPAFFPA_NH]A
?DeleteHeightExA@@YGDPAJPAKPAI]A
?EnumComponentNew@@YGHH]A
?DeleteSectionNew@@YGPAFKI]A
?ShowPointer@@YGPAJPAKGPAM]A
?ValidateListItemExA@@YGHPAKH]A
?FilePathA@@YGXEGPAH]A
?IsNotVersionOld@@YGPAFPAENGD]A
?CallMediaTypeOld@@YGPAEPAEPAJGH]A
?GlobalDirectoryNew@@YGPAFPAE]A
?HideSizeNew@@YGKM]A
?DeleteStringA@@YGPAHDEE]A
?IsPointOld@@YGPAKK]A
?RtlValueA@@YGXIFPADM]A
?KillValueEx@@YGI_NFD]A
?KillThreadEx@@YGNF]A
?FreeThreadA@@YGPANFFPAK]A
?FreeSystemEx@@YGMINPAE]A
?IncrementSemaphoreA@@YGIPAKPAHF]A
?HideDialogExA@@YGKPAJ]A
?GetAnchorA@@YGMDKF]A
?FormatMonitorEx@@YGPANPAMDPAM]A
?CloseHeaderEx@@YGXNHPAE]A
?InsertWidthA@@YGPAJK]A
?AddMutexOld@@YGXFKPADD]A
?FilePath@@YGPAXPAKPAI]A
?CloseSize@@YGMFPAI]A
?GenerateMutex@@YGHFPAIK]A
?DeleteStringOld@@YGPAJPAIN]A
?CloseDataExW@@YGFEJPAM]A
?CrtFolderW@@YGXH]A
?IsValidWindow@@YGPA_NPAF]A
?LoadFullNameExA@@YGXF]A
?ValidateExpressionExW@@YGPAHKPAK]A
?FindTimerOriginal@@YGFPA_NGPAE]A
?FormatStateExW@@YGPAXPAJG]A
?ModifyVersionExA@@YGPAFD]A
?SemaphoreEx@@YGFPAEJ]A
?InvalidateMessage@@YGGGM]A
?PutPointEx@@YGXGKPAEPAG]A
?KillSystemExW@@YGDPAFPAHFPAE]A
?AddComponentA@@YGPAXF]A
?LoadSemaphoreW@@YGMGPAH]A
?ValidateArgumentW@@YGXPAKE]A
?CrtSemaphoreOld@@YGMKK]A
?OnKeyboardExW@@YGPAFHHPAJ]A
?IncrementFolderPath@@YGDMEJE]A
?String@@YGIDI]A
?EnumScreenExW@@YGFPAJJ]A
?FindFunctionW@@YGIJ]A
?ValidateDialogEx@@YGXPAGKPAG]A
?GetKeyNameOriginal@@YGDD]A
?ValidateMonitorW@@YGJJPANG]A
?ValidateDataExA@@YGXPAIIGPA_N]A
?FreeCommandLineExW@@YGKGPAF_N]A
?IncrementPointOld@@YGDPAEFKK]A
?CancelRectA@@YGPAMHPAIGJ]A
?ValidateList@@YGN_NGPAI]A
?CallAnchorExA@@YGNEI_NH]A
?CopyFolderPathA@@YGIEPAFFJ]A
?InvalidateAppNameW@@YGNPAJPAMPAEPAJ]A
?RemoveKeyNameOriginal@@YGMI]A
?IncrementCommandLineNew@@YGHJMPAMG]A
?FindAppNameNew@@YGDGDD]A
?IsValidCommandLineW@@YGX_NHE]A
?SetSemaphoreNew@@YGIDPAGJ]A
?ValidateKeyNameOld@@YGJPAE]A
?InvalidateKeyName@@YGGPAFJ]A
?EnumDateOriginal@@YG_NPAGDE]A
?ModifyValueEx@@YGEEPAGPAGPAF]A
?CloseScreenExW@@YGXJD]A
?IncrementFolderPathEx@@YGJIPAH]A
?RemoveCommandLineW@@YGMFJF]A
?CrtListNew@@YGKFGPAGH]A
?GlobalSemaphoreExA@@YGXF]A
?ModifyProjectEx@@YGMEPAIPAM]A
?OnDirectoryNew@@YGHPAJDPAE]A
?CancelMonitorExW@@YGXFPAGN]A
?HidePathExW@@YGXPAIE]A
?OnDataExW@@YGNEPAIJ]A
?ScreenExW@@YGPAMPAMKPAD]A
?InvalidateSemaphoreExA@@YGNPAFIM]A
?IsNotPathW@@YGDD]A
?IsAnchorExW@@YGPAFGPANJM]A
?PutFolderPathExA@@YGFPAMEGE]A
?InstallMonitorExW@@YGFD]A
?IncrementString@@YGHPAHINJ]A
?ValidateTextExA@@YGXIEPAJ]A
?FormatArgumentNew@@YGPAFGG]A
?EnumFileOriginal@@YGFMGI]A
?InvalidateAppNameOld@@YGK_N]A
?DeleteKeyboardEx@@YGPAGPA_N]A
?IncrementDateTimeOriginal@@YGPAE_N]A
?GenerateClassExA@@YGPAJEIPAJ]A
?CancelSemaphoreNew@@YGPANND]A
?SetTaskW@@YGPAXPANNG]A
?FormatPathOld@@YGPADGKJ]A
?KillMutant@@YGPAMMJ]A
?DeleteModuleNew@@YGDM]A
?CopyObjectW@@YGPAFG]A
?GlobalData@@YGPAXPAIDMM]A
?DeleteSizeNew@@YGEKJGM]A
?IsValidExpressionOriginal@@YGGJPAKPAH]A
?EnumPathEx@@YGPAGM]A
?InstallMessageExW@@YGXFDIG]A
?GlobalSectionExA@@YGPAFJPAEPADI]A
?GetCharOriginal@@YGXNE]A
?IsDevice@@YGIG]A
?InsertComponentNew@@YGEPAJPAIPAF]A
?SetFilePathA@@YGPAGPAIMKPAE]A
?IsDataW@@YGM_NJE]A
?FindWindowInfoEx@@YGG_N]A
?HideTimeW@@YGXGPAG]A
?SendFunctionOld@@YGEEDGPAG]A
?IsValidConfigNew@@YGGE]A
?CallList@@YGNPADPAMPADM]A
?SetValueA@@YGHHJ]A
?RemoveScreenExW@@YGPA_NIKPADF]A
?IsNotDialogOriginal@@YGPAMPAEJPAGPAI]A
?ShowFilePathEx@@YGDHD]A
?FreeTaskA@@YGKPAD]A
?FindProjectA@@YGHHK]A
?AddCommandLineA@@YGPADPAF]A
?GlobalStateOld@@YGPAKPAIPAJ]A
?RtlOptionA@@YGHMMPAEK]A
?DecrementScreenOld@@YGXFPAH]A
?CloseObjectEx@@YGJEPAKE]A
?LoadProviderOriginal@@YGXJ]A
?ModifyFullName@@YGIPAME]A
?ShowExpressionW@@YGNJDF]A
?ModifyMutexExW@@YGXPAJMHPAD]A
?FreeMessageA@@YGPAGIPADK]A
?IsValidTextOld@@YGDK]A
?EnumSizeEx@@YGXHFPAEK]A
?EnumSemaphoreExW@@YGKNPAHM]A
?ShowMonitorExA@@YGPAKIPAF_NI]A
?ShowMessageW@@YGMPAFPAD]A
?FindProviderExW@@YGIM_NPANH]A
?LoadFilePathEx@@YGPAENEGI]A
?InsertProfileExW@@YGDIHD]A
?FormatListItemEx@@YGNHPAG]A
?CancelFullNameEx@@YG_NHF]A
?CopyValueEx@@YGDPADPAEE]A
?IsNotKeyboardExA@@YG_NJ]A
?SendSystem@@YGFGPAIPAE]A
?FormatProfileOriginal@@YGFFPAHPAFK]A
?CopyTextExA@@YGXGPAHGPA_N]A
?ShowArgumentW@@YGPAKPAHPAMM]A
?PointerNew@@YGEDEIPAJ]A
?ShowHeightOld@@YGPA_NPAJ]A
?CallFileOld@@YGPAXEPAFN]A
?GlobalEventNew@@YGPANJ]A
?Message@@YGFPAD]A
?ValidateMutexExA@@YGPANJ]A
?PutSystemExW@@YGHG]A
?SetTaskOld@@YGJGENPAE]A
?InstallSemaphoreEx@@YGPAKND]A
?DecrementStringOriginal@@YGPAXK]A
?IsValidMutantEx@@YGGD]A
?PutWindowInfoOriginal@@YGFHPAKJH]A
?IncrementArgumentNew@@YGHIPAME]A
?PutStringNew@@YG_NGPAEPADD]A
?SendObjectNew@@YGHJG]A
?RtlWindowW@@YGMPAJ]A
?KillMonitorNew@@YGPAKII]A
?DeleteObjectW@@YGPA_NPAD]A
?KillPath@@YGKEKIPAH]A
?CloseFilePathEx@@YGPANDFF]A
?DeleteProjectW@@YGPAHPADKPAJM]A
?RtlHeaderExA@@YGXGD]A
?SetMemoryW@@YGD_N]A
?AddModuleW@@YGPAIKDGPAD]A
?GenerateListItemW@@YGXF]A
?EnumHeightA@@YGMH]A
?EnumRectA@@YGPAIGPAFG]A
?InstallObjectA@@YGPAHIPAJ]A
?CloseNameExA@@YGPAGKHF]A
?ShowDialogA@@YGEPAJ]A
?GlobalSemaphoreOriginal@@YGPAJN]A
?OnSystemNew@@YGEFIPAD]A
?IncrementDirectoryExW@@YGPAXK]A
?IsNotTimer@@YGPAH_N]A
?SetListItemExA@@YGXN]A
?IsNotAnchorNew@@YGPAE_N]A
?GlobalMutantA@@YGKN]A
?HideModuleExA@@YGXPAFPAKDPA_N]A
?RectExW@@YGPAMKEPAG]A
?LoadSystem@@YGPAIHI_N]A
?GetMutantExW@@YGMEDPAD]A
?InvalidateAnchorExA@@YG_NKK]A
?DeleteScreenOld@@YGGM]A
?GetConfigEx@@YGXJJH]A
?AddText@@YGPAHJIPAMI]A
?DeleteStringExA@@YGMGJ]A
?IsValidThreadA@@YGPAXDKI]A

Sections

.text
Size: 31KB - Virtual size: 30KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.zimp
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 4KB - Virtual size: 249KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 146KB - Virtual size: 145KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d915b6b87bd6717fa942187782a2b5eb

Headers

File Characteristics

PDB Paths

Imports

gdi32

shlwapi

msvcrt

kernel32

user32

Exports

Exports

Sections

.text Size: 31KB - Virtual size: 30KB

.zimp Size: 6KB - Virtual size: 5KB

.data Size: 4KB - Virtual size: 249KB

.rsrc Size: 146KB - Virtual size: 145KB

.reloc Size: 1KB - Virtual size: 1KB

.text
Size: 31KB - Virtual size: 30KB

.zimp
Size: 6KB - Virtual size: 5KB

.data
Size: 4KB - Virtual size: 249KB

.rsrc
Size: 146KB - Virtual size: 145KB

.reloc
Size: 1KB - Virtual size: 1KB