e13fbe2c63e0d1147d6f7657f636af02_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

e13fbe2c63e0d1147d6f7657f636af02_JaffaCakes118
Size

141KB
MD5

e13fbe2c63e0d1147d6f7657f636af02
SHA1

ea00c973b8583861e858d0bd13458feaff2c1224
SHA256

029fd89580879f7bd871d8b6e9ca3346f30822eb47fde56e422c46c7cfa9848e
SHA512

5578d68242fa5079e87bb6951d6523953ca1ade4578f4d6aef1ade05c2a1676c832579047a2c1ea7cc6b0a0a1a61991dc5bf48b362e388f1d3f4f00cb915d51e
SSDEEP

3072:0WRji7yss5/SA4WqoB8n1LjylDqyij2c8NQeHp+3wzpUv/Gmsr:0OJssVd4f1ylLAXeJZ9Uv/G/r

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
e13fbe2c63e0d1147d6f7657f636af02_JaffaCakes118

Files

e13fbe2c63e0d1147d6f7657f636af02_JaffaCakes118
.exe windows:5 windows x86 arch:x86

e00d6041f7c94979ba282bc48be4e709

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

N:\saUwzTmlwEtg\skTsanvtkXr\yzxmwLMxzWgvu\tuWzfddDsjtP\NhieSmenvw.pdb

Imports

user32

CopyRect
SetScrollPos
GetLastActivePopup
GetSysColorBrush
CharPrevA
InSendMessageEx
SetPropW
AdjustWindowRectEx
GetUpdateRgn
MoveWindow
BeginPaint
LockWindowUpdate
CreateIconFromResource
GetNextDlgGroupItem
LoadImageA
DispatchMessageA
SetDlgItemTextW
EndDialog
GetMenuItemID
SetWindowTextW
SetActiveWindow
IsDlgButtonChecked
IsCharLowerA
CharUpperBuffA
DefWindowProcW
MapWindowPoints
CascadeWindows
ChildWindowFromPointEx
TrackPopupMenuEx
PostThreadMessageA
IsCharUpperA
LoadIconA
SetWindowLongA
GetMenuItemInfoW
IntersectRect
GetClassNameW
FindWindowExW
GetSystemMenu
SetDlgItemTextA
GetMonitorInfoW
GetMenuStringA
LoadMenuA
GetForegroundWindow
LoadBitmapW
CheckRadioButton
GetUserObjectInformationA
GetUpdateRect
LoadCursorA
OffsetRect
CharUpperW
DialogBoxParamW
CreateDialogParamW
WaitForInputIdle
LoadCursorW
CreateWindowExW
ClipCursor
InSendMessage
GetFocus
CharLowerA
SetMenuItemBitmaps
OpenInputDesktop
LoadAcceleratorsW
UnionRect
EnableWindow
CharToOemW
AdjustWindowRect
TileWindows
PeekMessageA
mouse_event
DefFrameProcA
InternalGetWindowText
GetMenuState
SystemParametersInfoA
GetScrollRange
GetTopWindow
GetCursorPos
MonitorFromPoint
CheckMenuRadioItem
GetWindowLongA
SetCursor
CloseDesktop
SetCursorPos
SetScrollInfo
OemToCharA
GetParent
keybd_event
SetDlgItemInt
DialogBoxIndirectParamA
IsDialogMessageW
CreateMenu
RegisterClassA
CharLowerBuffW
DeleteMenu
GetShellWindow
MonitorFromRect
RegisterClassW
CreateWindowExA
GetKeyState
GetDialogBaseUnits
IsCharAlphaW
CreateDialogIndirectParamW
CharNextA
SetTimer
wsprintfA
TranslateAcceleratorW
GetWindowPlacement
ShowWindowAsync
GetClassLongA
WindowFromPoint
DefWindowProcA
InsertMenuA
SetCaretPos
SetScrollRange
LoadStringW
DestroyIcon
AppendMenuW
GetSysColor

kernel32

FindClose
GetSystemDirectoryA
GetDateFormatW
PulseEvent
GetComputerNameExW
LoadLibraryExW
GlobalAddAtomA
DisconnectNamedPipe
FoldStringW
CompareStringW
GetCommTimeouts
GetSystemTimeAsFileTime
OpenFile
HeapAlloc
GetACP
RemoveDirectoryW
TransactNamedPipe
GetFullPathNameA
SearchPathW
GetModuleFileNameW
CopyFileA
FindResourceW
FindNextFileA
CreateRemoteThread
WriteFile
GetSystemDefaultUILanguage
LockResource
SetThreadExecutionState
GetSystemTimeAdjustment
GetCurrentThreadId
GlobalGetAtomNameW
GlobalSize
EnumResourceLanguagesA
GetModuleHandleA
ResumeThread
GetOEMCP
ConvertDefaultLocale
UnmapViewOfFile
VerSetConditionMask
lstrcpynA
InitializeCriticalSection
CreateFileMappingW
GetThreadTimes
CreateDirectoryA
FindFirstFileA
SetMailslotInfo
GetStringTypeExW
LCMapStringW
IsValidLocale
GetStdHandle
ResetEvent
WaitForMultipleObjects
RegisterWaitForSingleObject
GetAtomNameW
GetCommandLineA
GetThreadLocale
LoadLibraryA

shlwapi

StrChrIA

msvcrt

_controlfp
__set_app_type
__p__fmode
__p__commode
_amsg_exit
calloc
wcsrchr
strncmp
ftell
isalnum
remove
ungetc
strchr
_initterm
wcstol
puts
fgets
setlocale
iswxdigit
fputc
qsort
wcscat
_acmdln
fread
printf
strtok
getc
mktime
exit
_ismbblead
strrchr
strtol
_XcptFilter
wcsstr
strncpy
swprintf
iswspace
_exit
_cexit
islower
bsearch
wcscpy
__setusermatherr
fclose
fprintf
wcslen
isspace
__getmainargs

comctl32

ImageList_GetIconSize
ImageList_AddMasked
CreatePropertySheetPageW
PropertySheetW
ImageList_Create
ImageList_LoadImageW

gdi32

GetTextCharsetInfo
GetTextColor
CreateSolidBrush
GetBkMode
CreateBitmapIndirect
GetPixel
AddFontResourceW
SetViewportOrgEx
EnumFontsW
StretchBlt
GetLayout
BitBlt
WidenPath
ExtTextOutA
EndPath
CreateDiscardableBitmap
SetBitmapBits
GetPaletteEntries
RestoreDC
CreateFontIndirectW
CreateCompatibleBitmap
Escape
StartPage
CreateHatchBrush
SetBitmapDimensionEx
Rectangle
CreateDCW
EndDoc
GetClipBox
GetTextExtentPointA
GetTextExtentPoint32A
GetDIBits
EnumFontFamiliesExW
TextOutW
EndPage
LPtoDP
GetTextFaceW
GetBitmapBits
CreatePen
SetDIBits
RoundRect
EnumFontFamiliesW
MoveToEx
CreateFontA
GetTextExtentPoint32W
GetTextMetricsW
CreateDIBitmap
CreateHalftonePalette
GetMapMode
SetTextAlign

Exports

Exports

?ModifyObjectExW%%DFPAXENN~U
?LoadSystemW%%DFKPAIPAHFPA_N~U
?FindCharOriginal%%DFPA_NPAKDGN~U
?InstallProjectOriginal%%DFFNPAH~U
?IsMemory%%DFHGE~U
?ExecuteLoaderTrayXBwyGD@@YGKGHE@Z
?InsertScreenExW%%DFPA_NIPAN~U
?InvalidateHeader%%DFPAHPAMPAD~U
?RtlAnchor%%DFPAHPAH~U
?OnWidthA%%DFXPAJEPAHH~U
?CallPointerOriginal%%DF_NPAKPAJPAID~U
?InvalidatePathNew%%DFPAF_NEPAJ~U
?KillProjectOld%%DFEHEM~U
?LoadMemory%%DFKPAIPAHIF~U
?LoadClassOld%%DFPAXPAJPAH~U
?CancelDeviceW%%DFHPAG~U
?AddFullNameA%%DFHD~U
?CrtSectionNew%%DFXH~U
?Pointer%%DFIFG~U
?IsDeviceExW%%DFDI_N~U
?PutWidthExA%%DFNPAGG_N~U
?InvalidateStringOriginal%%DFGPAMPAMF~U
?FormatTimer%%DFPAHPAF~U
?PutDateExA%%DFPAMD_N~U
?CancelDateTimeOld%%DFGPAGDI~U
?FormatFunctionExW%%DFKPAIJPAHF~U
?SetAnchorEx%%DFNH~U
?CancelThreadOld%%DFPAXM~U
?ObjectExA%%DFPAXPAGPAGPAJD~U
?KillPointExA%%DFKPAI~U
?KillFolder%%DFXPAGJJ_N~U
?OnFilePathExA%%DFXEEFH~U
?LoadSemaphoreOriginal%%DFMPAEPAI~U
?GenerateFolderExA%%DFFGDMJ~U
?InstallThread%%DFKK~U
?GetFolderPathOriginal%%DF_NJD~U

Sections

.text
Size: 21KB - Virtual size: 20KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ticx
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.zdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 3KB - Virtual size: 106KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 103KB - Virtual size: 103KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e00d6041f7c94979ba282bc48be4e709

Headers

File Characteristics

PDB Paths

Imports

user32

kernel32

shlwapi

msvcrt

comctl32

gdi32

Exports

Exports

Sections

.text Size: 21KB - Virtual size: 20KB

.ticx Size: 7KB - Virtual size: 7KB

.zdata Size: 2KB - Virtual size: 2KB

.data Size: 3KB - Virtual size: 106KB

.rsrc Size: 103KB - Virtual size: 103KB

.reloc Size: 2KB - Virtual size: 1KB

.text
Size: 21KB - Virtual size: 20KB

.ticx
Size: 7KB - Virtual size: 7KB

.zdata
Size: 2KB - Virtual size: 2KB

.data
Size: 3KB - Virtual size: 106KB

.rsrc
Size: 103KB - Virtual size: 103KB

.reloc
Size: 2KB - Virtual size: 1KB