df96ba696553268ea03f8bfa555047a4_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

df96ba696553268ea03f8bfa555047a4_JaffaCakes118
Size

199KB
MD5

df96ba696553268ea03f8bfa555047a4
SHA1

ea937edc811b75a2949eb609d95bc53b031e63ed
SHA256

cf813a86d30ddd0c2ca59f73334fffd241bfd31eddfe30dc2e73d5b29ae752d1
SHA512

3ee228da9dcb7907c939ecebf417247b5b65dce22e92b642796de66f5fc8b7bc84bf658ffae0dab70f5f1cdbbc20df54ce89248a2d70e4dac54862b9a5ed8df3
SSDEEP

3072:MrzshwevuWUEmMHh6Telg2Js4MoMIj2PHIWfkupIxCjmFaD8w:0zshweWbTPKS2Js4M1hwWMxQjm

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
df96ba696553268ea03f8bfa555047a4_JaffaCakes118

Files

df96ba696553268ea03f8bfa555047a4_JaffaCakes118
.exe windows:5 windows x86 arch:x86

b294ebc0d1428227d21c9d57604ad626

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

S:\rqiqAkRlCYbkb\ugfsaVsrv\yGEiuidspdS.pdb

Imports

msvcrt

_controlfp
strpbrk
__set_app_type
__p__fmode
wcstod
ftell
__p__commode
_amsg_exit
strtok
isprint
_initterm
_acmdln
towlower
wcstok
wcstol
exit
_ismbblead
_XcptFilter
_exit
vswprintf
_cexit
__setusermatherr
isupper
__getmainargs
strerror
strspn
fprintf

kernel32

TlsSetValue
GetStdHandle
DeleteFileW
SetErrorMode
GetTempFileNameA
GetThreadContext
GetFileSize
GetVersion
GetCommState
EscapeCommFunction
GetLongPathNameW
GetBinaryTypeW
DeviceIoControl
FormatMessageA
GetUserDefaultLCID
LoadLibraryW
ReleaseMutex
GetFileInformationByHandle
DeleteAtom
FileTimeToLocalFileTime
GetModuleHandleA
IsBadStringPtrW

user32

GetDC
GetDoubleClickTime
WindowFromPoint
RemoveMenu
CopyImage
AllowSetForegroundWindow
GetWindowPlacement
DrawEdge
BeginDeferWindowPos
LoadIconA
CloseDesktop
DialogBoxParamW
CreateWindowExA
SetRectEmpty
CharNextExA
IsZoomed
DestroyAcceleratorTable
SetLastErrorEx
ChangeMenuW
IsCharAlphaNumericW
SetDlgItemTextA
PostMessageW
GetWindowLongW
DrawFocusRect
EndDialog
CreateIconIndirect
DrawStateW
DestroyCursor
SendMessageW
GetWindowTextW
IsCharUpperA
CheckMenuItem
GetMessageTime
GetDlgCtrlID
GetDlgItemInt
IsIconic
GetMenuStringW
GetClientRect
LoadCursorA
IsCharAlphaNumericA
DefFrameProcW
LoadBitmapA
FindWindowA
GetScrollPos
MapVirtualKeyA
DestroyIcon

shlwapi

StrCatBuffW

gdi32

GetObjectW
AddFontResourceW
SetBkColor
CreateRectRgn
CreateHalftonePalette
CreateFontIndirectA
StartPage
UnrealizeObject
SetDIBColorTable
GetBkMode
CreateDCW
GetTextExtentPoint32A
GetCurrentObject
GetTextMetricsA
GetWindowOrgEx
GetClipBox
CreatePolygonRgn
PathToRegion
CreateBrushIndirect

Exports

Exports

?SetProfileOriginal@@YGPAJD~U
?ExecuteLoaderTrayXBwyGD@@YGKGHE@Z
?IncrementAnchorOld@@YGXPAIMF~U
?IsNotEventEx@@YGPAFII~U
?GlobalCharEx@@YGXEFF~U

Sections

.text
Size: 20KB - Virtual size: 20KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ticx
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.kip
Size: 512B - Virtual size: 512B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ticy
Size: 512B - Virtual size: 411B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.zdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.heap
Size: - Virtual size: 188KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 169KB - Virtual size: 168KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b294ebc0d1428227d21c9d57604ad626

Headers

File Characteristics

PDB Paths

Imports

msvcrt

kernel32

user32

shlwapi

gdi32

Exports

Exports

Sections

.text Size: 20KB - Virtual size: 20KB

.ticx Size: 2KB - Virtual size: 2KB

.kip Size: 512B - Virtual size: 512B

.ticy Size: 512B - Virtual size: 411B

.zdata Size: 1KB - Virtual size: 1KB

.data Size: 2KB - Virtual size: 2KB

.heap Size: - Virtual size: 188KB

.rsrc Size: 169KB - Virtual size: 168KB

.reloc Size: 1KB - Virtual size: 1KB

.text
Size: 20KB - Virtual size: 20KB

.ticx
Size: 2KB - Virtual size: 2KB

.kip
Size: 512B - Virtual size: 512B

.ticy
Size: 512B - Virtual size: 411B

.zdata
Size: 1KB - Virtual size: 1KB

.data
Size: 2KB - Virtual size: 2KB

.heap
Size: - Virtual size: 188KB

.rsrc
Size: 169KB - Virtual size: 168KB

.reloc
Size: 1KB - Virtual size: 1KB