de836b4de457bef02feb79c812fd22a4_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

de836b4de457bef02feb79c812fd22a4_JaffaCakes118
Size

145KB
MD5

de836b4de457bef02feb79c812fd22a4
SHA1

1c515afb5d08e615e9fa7674a859d74051765e27
SHA256

84297ebbd6b6d32843760fc4aec36a9d5df281df1340ade3e0a8a0857b474444
SHA512

9d38d59bbe83ed8ac610ab86d4489b8115a170b9b6647100fd2127d839a7afd65ad04ca9de3108d898d963cf2e262003f3df81048e01a61344e8aa48f9c6eb90
SSDEEP

3072:rMi736pDQ82Ihtp/QTTkyMPNDeplw83LMslAM7C5WUqWEBVbbdds:rj36pHhzI0yMFiXP3LMslAM7CbqW4r

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
de836b4de457bef02feb79c812fd22a4_JaffaCakes118

Files

de836b4de457bef02feb79c812fd22a4_JaffaCakes118
.exe windows:5 windows x86 arch:x86

c03828add0bd5e53f706dc67e0032431

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

Z:\Llgerkm\ydxfjmmm\erhvifgdauvkA.pdb

Imports

msvcrt

wcspbrk
fread
strcspn
_controlfp
__set_app_type
bsearch
__p__fmode
realloc
towlower
__p__commode
_amsg_exit
_initterm
_acmdln
atoi
strtol
malloc
exit
strchr
isupper
_ismbblead
_XcptFilter
wcsncpy
_exit
_cexit
__setusermatherr
__getmainargs

shlwapi

StrNCatW

user32

CopyRect
CharToOemA
RegisterClassA
TileWindows
MapWindowPoints
DrawEdge
LoadMenuW
GetMenu
DispatchMessageA
AdjustWindowRectEx
CharLowerBuffW
LookupIconIdFromDirectory
GetUserObjectInformationW
SetMenu
IsCharAlphaNumericA
MessageBoxW
DrawIconEx
SetWindowRgn
HideCaret
GetClientRect
SetActiveWindow
DestroyCaret
SetClassLongW
AllowSetForegroundWindow
CallWindowProcW
GetKeyboardLayoutNameW
MessageBoxExW
SetScrollPos
SetScrollInfo
MonitorFromPoint
InflateRect
GetDCEx
CreateDialogParamW
GetClassLongA
DrawFrameControl
ModifyMenuW
ScrollWindowEx
GetNextDlgTabItem
IsChild
IsRectEmpty
AdjustWindowRect
UpdateWindow
IsDialogMessageA
RedrawWindow

gdi32

GetViewportOrgEx
GetTextExtentPointW
WidenPath
GetTextMetricsA
ExtTextOutA
SetViewportExtEx
CreateFontIndirectW
SetBkMode
CreateEllipticRgnIndirect
RemoveFontResourceW
IntersectClipRect
SetDIBits
StretchBlt
GetPaletteEntries
DPtoLP
SetPaletteEntries
GetCurrentObject
CreateCompatibleDC

kernel32

HeapWalk
EnterCriticalSection
GlobalAddAtomA
GetCurrentThread
CreateFileMappingA
SetThreadLocale
MoveFileW
DisconnectNamedPipe
TryEnterCriticalSection
IsBadWritePtr
IsValidLanguageGroup
ConnectNamedPipe
GetCurrentDirectoryW
GetCommandLineW
lstrcatW
Sleep
TerminateThread
CreateDirectoryW
LoadResource
UnmapViewOfFile
GetStartupInfoA

Exports

Exports

?FreeFilePath@@YGKGEPAGPAD*Z
?CloseTimerExW@@YGPAGPAJMGM*Z
?KillTimerW@@YGJPAFPAKPAJJ*Z
?CallTimeA@@YGPANPAIGJ*Z
?OnFolderNew@@YGHPAMID*Z
?GenerateDialogEx@@YGMPAJ*Z

Sections

.text
Size: 116KB - Virtual size: 116KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.itext
Size: 512B - Virtual size: 460B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idir
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.edir
Size: 512B - Virtual size: 390B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.vdir
Size: 512B - Virtual size: 140B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdir
Size: 512B - Virtual size: 140B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 90KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.sdir
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

c03828add0bd5e53f706dc67e0032431

Headers

File Characteristics

PDB Paths

Imports

msvcrt

shlwapi

user32

gdi32

kernel32

Exports

Exports

Sections

.text Size: 116KB - Virtual size: 116KB

.itext Size: 512B - Virtual size: 460B

.idir Size: 2KB - Virtual size: 2KB

.edir Size: 512B - Virtual size: 390B

.vdir Size: 512B - Virtual size: 140B

.pdir Size: 512B - Virtual size: 140B

.data Size: 2KB - Virtual size: 90KB

.sdir Size: 13KB - Virtual size: 13KB

.rsrc Size: 6KB - Virtual size: 5KB

.reloc Size: 1KB - Virtual size: 1KB

.text
Size: 116KB - Virtual size: 116KB

.itext
Size: 512B - Virtual size: 460B

.idir
Size: 2KB - Virtual size: 2KB

.edir
Size: 512B - Virtual size: 390B

.vdir
Size: 512B - Virtual size: 140B

.pdir
Size: 512B - Virtual size: 140B

.data
Size: 2KB - Virtual size: 90KB

.sdir
Size: 13KB - Virtual size: 13KB

.rsrc
Size: 6KB - Virtual size: 5KB

.reloc
Size: 1KB - Virtual size: 1KB