ded572d9cf87f815dd9286c7d2ae72ae_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

ded572d9cf87f815dd9286c7d2ae72ae_JaffaCakes118
Size

215KB
MD5

ded572d9cf87f815dd9286c7d2ae72ae
SHA1

469f76ca368f2285332f3e80c5f84836615ecf57
SHA256

b87e9023290c8b4c6362cfc6fb5c453553252a1e36abd5f7a7ff23dc3bcf6c48
SHA512

6f8e553e2bf4cf38609cad2066031abd23eac541d4dce44b84bde27e2a51721588e57c67541a240d4cbc5c4e80088837950e5adfcd82741b7e9ae9df455d2e91
SSDEEP

3072:ESN+wyendI0VDOn8B/1HqosMwVvxPau7+zm4svyPdQeHp5h+vnPJzwpyucS:Nc6RCW1HqomvYuOm4sqlQ1vnR0I

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ded572d9cf87f815dd9286c7d2ae72ae_JaffaCakes118

Files

ded572d9cf87f815dd9286c7d2ae72ae_JaffaCakes118
.exe windows:5 windows x86 arch:x86

14d790280d14dae338420768c52a325a

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

J:\GxqRXPdzbQ\lnrsnBh\TwppspD\npvhdmsgx.pdb

Imports

shlwapi

PathStripPathW

comdlg32

GetOpenFileNameA
GetSaveFileNameA
PrintDlgW
FindTextW
PageSetupDlgW

gdi32

GetDeviceCaps
CreatePalette
Polygon
CreateDiscardableBitmap
PatBlt
PathToRegion
OffsetRgn
SetLayout
GetTextExtentPoint32A
SetROP2
ExcludeClipRect
StartDocW
CreateFontIndirectW
SetBrushOrgEx
TranslateCharsetInfo
SetBkMode
EnumFontsW
BeginPath
SaveDC
GetNearestColor
SetDIBitsToDevice
GetCurrentObject
CreateRectRgn
CreatePolygonRgn
CreatePenIndirect
Ellipse
DeleteDC
GetTextMetricsW
ExtFloodFill
MoveToEx
CreateHalftonePalette
BitBlt
GetViewportOrgEx
CreateHatchBrush
RectVisible
EndPath
CreateFontA

user32

BeginPaint
OffsetRect
CharToOemBuffA
CreateWindowExA
LookupIconIdFromDirectory
SetCursorPos
MessageBoxA
wsprintfA
GetSystemMetrics
EndPaint
ClipCursor
LoadStringW
RegisterWindowMessageA
TrackPopupMenuEx
AttachThreadInput
DrawFrameControl
DispatchMessageA
IsCharUpperA
DrawStateA
SetScrollPos
DrawIcon
SetClassLongW
CheckDlgButton
CreateIconIndirect
PostMessageA
GetPropW
GetUserObjectInformationW
WaitForInputIdle
AppendMenuW
GetDesktopWindow
GrayStringW
UnloadKeyboardLayout
PeekMessageA
IsDlgButtonChecked
OpenDesktopW
GetClipCursor
GetWindowTextA
RegisterClassExA
GetNextDlgTabItem
GetActiveWindow
CreateMenu
OpenIcon
DrawTextExW
DialogBoxParamW
CreateWindowExW
AppendMenuA
GetWindowLongA
LoadCursorA
LoadAcceleratorsA
SetWindowPlacement
SetUserObjectInformationW
GetCursorPos
DialogBoxIndirectParamA
InSendMessageEx
GetClassInfoExW
MapDialogRect
CreateCaret
SetCursor
CharUpperA
IsWindowUnicode
GetSubMenu
IsZoomed
HideCaret
RemovePropW
BringWindowToTop
InSendMessage
ScrollWindow
SetDlgItemInt
CharPrevW
CharNextA
SendDlgItemMessageA
wvsprintfW
DefWindowProcW
SetWindowLongW
DeleteMenu
DispatchMessageW
InsertMenuItemW
mouse_event
IsCharLowerA
OemToCharBuffA
ArrangeIconicWindows
GetWindowDC
DialogBoxIndirectParamW
IsWindowVisible
EndTask
GetWindowTextW
DefFrameProcA
DialogBoxParamA
GetKeyState
CharNextExA

msvcrt

_controlfp
__set_app_type
strtol
towlower
__p__fmode
__p__commode
isupper
_amsg_exit
gmtime
_initterm
_acmdln
fprintf
strcpy
strstr
exit
_ismbblead
mktime
isspace
rand
iswalpha
_XcptFilter
printf
_exit
putchar
strncmp
sscanf
_cexit
atol
wcstoul
islower
calloc
time
__setusermatherr
wcsncmp
iswctype
__getmainargs
wcschr
strcoll
floor

kernel32

ReleaseSemaphore
SetThreadExecutionState
LockResource
GetShortPathNameA
LoadLibraryExA
FindFirstChangeNotificationW
FlushFileBuffers
lstrlenW
CreateFileA
FindNextFileW
SuspendThread
GetCurrentThread
SetEvent
GlobalCompact
AddAtomA
GetTickCount
lstrcpynA
GetComputerNameW
GetTempPathW
CreateFileMappingA
lstrcmpiW
SetTimerQueueTimer
VerifyVersionInfoW
lstrcpyA
GetSystemDirectoryW
CreatePipe
GetCurrentDirectoryW
GetUserDefaultLangID
BuildCommDCBAndTimeoutsW
DeleteFileA
GetACP
IsBadReadPtr
LCMapStringA
lstrcmpW
UnmapViewOfFile
SizeofResource
HeapWalk
ExitThread
FindResourceExW
FindResourceExA
SetCurrentDirectoryA

Exports

Exports

?SleepAhHJDud@@YGKEPA_WG@Z
?SleepUDSUDlkdlsds@@YGKEPA_WG@Z
?SleepUDudjkUD@@YGKEPA_WG@Z
?SleepYDyjDuUI@@YGKEPA_WG@Z

Sections

.text
Size: 90KB - Virtual size: 89KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 211B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 19KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 1024B - Virtual size: 48KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 101KB - Virtual size: 100KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

14d790280d14dae338420768c52a325a

Headers

File Characteristics

PDB Paths

Imports

shlwapi

comdlg32

gdi32

user32

msvcrt

kernel32

Exports

Exports

Sections

.text Size: 90KB - Virtual size: 89KB

.edata Size: 512B - Virtual size: 211B

.data Size: 19KB - Virtual size: 19KB

.rdata Size: 1024B - Virtual size: 48KB

.rsrc Size: 101KB - Virtual size: 100KB

.reloc Size: 2KB - Virtual size: 1KB

.text
Size: 90KB - Virtual size: 89KB

.edata
Size: 512B - Virtual size: 211B

.data
Size: 19KB - Virtual size: 19KB

.rdata
Size: 1024B - Virtual size: 48KB

.rsrc
Size: 101KB - Virtual size: 100KB

.reloc
Size: 2KB - Virtual size: 1KB