de8d9beb2169132fcc88a433969bf04c_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

de8d9beb2169132fcc88a433969bf04c_JaffaCakes118
Size

141KB
MD5

de8d9beb2169132fcc88a433969bf04c
SHA1

49a4be87e8fc00becc45d3885b9b795131040e2e
SHA256

fafce95e4b49bb17f8de6f8e9c302a56480cdc6d9604e7aa99e9cef4e3575de6
SHA512

1fa618b194708ec444d57ef91de655cc592a0272c21fd194089d3385e71995aa08e87fa1fbdd3592e7f9c609cc603a2eec35430c5d63d59561e967566d562e04
SSDEEP

3072:9gnWo2woWNt2+uHd44EDoWcYeR8Kgkdw6/x6CajzT:vo2woG8F6b721fJajz

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
de8d9beb2169132fcc88a433969bf04c_JaffaCakes118

Files

de8d9beb2169132fcc88a433969bf04c_JaffaCakes118
.exe windows:5 windows x86 arch:x86

5d3a4c7f5682c2059db18c2f5d5078c1

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

L:\txnfkDlekd\guwLfstkaI\MHfmydkID\ifnuOydQhsbv\Dtkpdqfo.pdb

Imports

msvcrt

printf
_controlfp
__set_app_type
__p__fmode
__p__commode
isprint
swprintf
_amsg_exit
iswxdigit
vsprintf
_initterm
_ismbblead
iswdigit
strtoul
strncpy
tolower
ungetc
_XcptFilter
_exit
puts
gmtime
system
realloc
_cexit
wcsncpy
swscanf
wcscpy
__setusermatherr
isalpha
isupper
fputc
__getmainargs
wcstod
calloc
iswalpha
srand
fclose
fprintf
strerror
iswprint
atoi
isalnum
strtok
wcsrchr
wcscoll
fputs
mbstowcs

user32

SystemParametersInfoW
GetMonitorInfoW
DrawFrameControl
GetMenuCheckMarkDimensions
TrackPopupMenu
LoadCursorA
GetShellWindow
DrawEdge
wvsprintfW
UpdateWindow
ShowOwnedPopups
ChangeMenuW
InsertMenuA
CharNextA
SetClassLongW
DestroyCursor
CopyImage
TranslateAcceleratorA
TrackPopupMenuEx
SetFocus
SendNotifyMessageW
GetMenuItemInfoW
LoadCursorW
GetClassInfoExW
CreateDialogIndirectParamW
GetMenuItemRect
GetCursorPos
RegisterWindowMessageW
OemToCharBuffA
FrameRect
IsDlgButtonChecked
LoadBitmapW
CopyRect
TabbedTextOutW
IsCharLowerA
MoveWindow
ClientToScreen
IsCharAlphaA
OffsetRect
VkKeyScanW
GetWindow
SetUserObjectInformationW
DrawIconEx
ClipCursor
CreateIconIndirect
SetWindowTextA
DeleteMenu
CloseDesktop
GetMessageA
SetMenuItemBitmaps
CharUpperA
MonitorFromRect
GetPropW
PostQuitMessage
RegisterClassW
InsertMenuItemW
DrawFocusRect
MessageBoxW
GetNextDlgTabItem
ReplyMessage
EndPaint
GetClassInfoExA
SetActiveWindow
CharUpperBuffA
ShowScrollBar
GetWindowPlacement
MonitorFromPoint
AppendMenuA
GetScrollInfo
DestroyAcceleratorTable
GetMenuItemCount
FillRect
SetSysColors
SetMenu
EnableScrollBar
EnumWindows
AttachThreadInput
GetKeyboardLayout
GetDlgCtrlID
CharToOemA
SetRectEmpty
OemToCharA
IsCharAlphaW
GetDC
GetDlgItemTextA
TranslateAcceleratorW
GetClipCursor
ShowCaret
wvsprintfA
DestroyWindow
UnloadKeyboardLayout
IsRectEmpty
GetSubMenu
EnumChildWindows
OpenIcon
SetPropW
CascadeWindows
MapDialogRect
EnumThreadWindows
IsWindowUnicode
CharUpperW
GetKeyState
CharToOemBuffA
InflateRect
DialogBoxParamA
MapWindowPoints
MessageBoxExA
SetLastErrorEx
GrayStringW
CreateAcceleratorTableW
ScrollWindow
DefWindowProcW
LookupIconIdFromDirectory
HiliteMenuItem
MapVirtualKeyW
AllowSetForegroundWindow
GetIconInfo
GetClassLongA
GetGUIThreadInfo
CallWindowProcW
LoadImageA
GetDialogBaseUnits
AppendMenuW
GetMenuStringA
SetRect

kernel32

FreeLibrary
MoveFileA
SetEvent
ReadFile
GetModuleHandleA
LocalFree
GetSystemDefaultUILanguage
GetFileAttributesW
IsBadCodePtr
GetThreadTimes
GetDateFormatA
EnumResourceNamesA
SystemTimeToFileTime
UnlockFile
RegisterWaitForSingleObject
GetSystemTimeAdjustment
GlobalHandle
CreateFileW
EnumSystemLocalesA
EnumResourceTypesA
GetLastError
CreateSemaphoreA
GetModuleFileNameW
QueryPerformanceCounter
CloseHandle
QueryDosDeviceW
SetupComm
GetTimeZoneInformation
GetPriorityClass
lstrcpyW
ClearCommBreak
GetCommModemStatus
FindNextFileW
SetCommBreak
AreFileApisANSI
IsBadWritePtr
GetFileAttributesA
SizeofResource
EnterCriticalSection
GetFileTime
OpenFile
LeaveCriticalSection
HeapAlloc
GetProcessHeap
DeleteFileW
AddAtomA
IsValidLanguageGroup
GetTempPathA
MulDiv
GetShortPathNameW
DuplicateHandle
WriteFile
HeapFree
TlsGetValue
lstrcmpiA
GetVersionExW
FindNextChangeNotification

Exports

Exports

?DialogReactivateIns@@YGK_KHE[D

Sections

.text
Size: 20KB - Virtual size: 20KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 127KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 115KB - Virtual size: 115KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

5d3a4c7f5682c2059db18c2f5d5078c1

Headers

File Characteristics

PDB Paths

Imports

msvcrt

user32

kernel32

Exports

Exports

Sections

.text Size: 20KB - Virtual size: 20KB

.data Size: 3KB - Virtual size: 127KB

.rsrc Size: 115KB - Virtual size: 115KB

.reloc Size: 1KB - Virtual size: 1KB

.text
Size: 20KB - Virtual size: 20KB

.data
Size: 3KB - Virtual size: 127KB

.rsrc
Size: 115KB - Virtual size: 115KB

.reloc
Size: 1KB - Virtual size: 1KB