e05c348d7e24b5a3bc7fdf3de9f92c7d_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

e05c348d7e24b5a3bc7fdf3de9f92c7d_JaffaCakes118
Size

146KB
MD5

e05c348d7e24b5a3bc7fdf3de9f92c7d
SHA1

bc1c92a8cb4b51654ee1a4503053bf3259f54ff0
SHA256

0dc8f64ab29aa44ca43c6c1036db01aa5ab63d271cb911d7bbe89491ea00dc21
SHA512

2b550153e5d973798096b29126930144e5be301293a6b53d3f448c98f360d342c5d1c7e4e9172708a6e33c3f89ac6ca22ed8c6df850351bfc6dbd8fa52ce4a0a
SSDEEP

3072:4p3MnQg6UFQOvqUK4YHSCy1sXMVFIoNhMwEYHtpJGg6/49s8L2OVvcu75:4ZRg6aJvqBW/I6M47cgWYLhvcq5

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/Klanteninfo.Pdf______________________________________________________________.exe

Files

e05c348d7e24b5a3bc7fdf3de9f92c7d_JaffaCakes118
.zip
Klanteninfo.Pdf______________________________________________________________.exe
.exe windows:5 windows x86 arch:x86

83f012a65ca1232c48f2fefa8e1d6b7c

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

Z:\wmhDzcuEwyMCU\WfENtororcsxmi\YwyjpaktNqsv.pdb

Imports

msvcrt

_controlfp
__set_app_type
strcspn
fgetc
exit
fclose
srand
strtol
memset
wcstoul
fputc
strchr
sscanf
fseek
wcsstr
tolower
isxdigit
sprintf
__p__fmode
wcsrchr
__p__commode
strcoll
strncpy
_amsg_exit
bsearch
mbtowc
isupper
_initterm
wcschr
wcspbrk
mbstowcs
iswspace
free
towlower
vswprintf
_ismbblead
_XcptFilter
_exit
qsort
malloc
_cexit
__setusermatherr
fread
clock
floor
iswalpha
__getmainargs
towupper

shlwapi

PathIsUNCA

user32

SetSysColors
GetDC
GetMessageExtraInfo
DispatchMessageW
GetWindowTextLengthW
IsIconic
OpenIcon
GetWindowPlacement
DialogBoxIndirectParamA
ClientToScreen
CharToOemBuffA
PostMessageA
ReplyMessage
DefFrameProcA
RegisterWindowMessageA
FrameRect
GetActiveWindow
CharLowerBuffW
SendDlgItemMessageW
TranslateAcceleratorW
IsZoomed
WindowFromPoint
CharToOemA
GetClassLongA
LoadMenuA
GetKeyboardLayoutNameW
InvertRect
DrawFrameControl
GetUpdateRect
SetDlgItemTextW
CheckRadioButton
GetCaretPos
InsertMenuW
InvalidateRgn
CharToOemW
IsCharLowerA
DefDlgProcW
GetMenuItemRect
CallWindowProcW
GetForegroundWindow
SetMenuItemInfoW
VkKeyScanW
UpdateWindow
ShowWindowAsync
GetFocus
GetMessageTime
GetWindowLongA
SetRectEmpty
DrawIconEx
EnableMenuItem
GetScrollRange
TileWindows
GetSystemMenu
LoadBitmapA
OpenInputDesktop
OpenDesktopW
EnumThreadWindows
GetSysColorBrush
SetLastErrorEx
IsWindowEnabled
InvalidateRect
CreateAcceleratorTableW
MapVirtualKeyExW
SetClassLongW
RegisterWindowMessageW
TranslateAcceleratorA
DestroyAcceleratorTable
LoadMenuW
SetPropW
GetDlgItem
GetUserObjectInformationW
ShowOwnedPopups
TrackPopupMenuEx
DialogBoxIndirectParamW
FillRect
KillTimer
GetClassInfoW
CharUpperBuffA
GetMenuItemCount
SetCursorPos
SetCaretPos
GetClassLongW
GetKeyNameTextW
AdjustWindowRectEx
MessageBoxW
ArrangeIconicWindows
SystemParametersInfoA
MessageBoxExW
IsMenu
GetKeyboardLayout
CloseDesktop
ShowCaret
GetMenuState
GetKeyboardLayoutList
SetScrollInfo
GetWindowRect
IsChild
CreateWindowExW
CharNextExA
ChildWindowFromPointEx
CreateDialogIndirectParamW
DefWindowProcA
DrawIcon
SetParent
EnumWindows
GetKeyState
DestroyIcon
DefDlgProcA
GetNextDlgGroupItem
DrawStateW
MapWindowPoints
InSendMessageEx
SetMenu
DestroyMenu
keybd_event
CreateDialogParamW
SetFocus
MapVirtualKeyA
ShowWindow
SendDlgItemMessageA
mouse_event

kernel32

GetUserDefaultUILanguage
GlobalCompact
GetTickCount
SetFileAttributesW
CreateFileW
WaitForMultipleObjects
FoldStringW
VirtualProtect
HeapWalk
GetSystemDefaultUILanguage
FindNextFileA
VirtualQuery
GetSystemWindowsDirectoryA
RegisterWaitForSingleObject
GetThreadPriority
ResetEvent
GlobalUnlock
RaiseException
GetDateFormatW
GetModuleHandleA
InitializeCriticalSection
GetSystemDirectoryA
lstrlenA
LocalUnlock
GetFileAttributesA
ClearCommError
CreateRemoteThread
GetCompressedFileSizeW
FindNextFileW
lstrcpyA
ReadFile
UnmapViewOfFile
DeleteFileW
GetExitCodeThread
VirtualFree
ResumeThread
FindCloseChangeNotification
SetThreadLocale
WaitForMultipleObjectsEx
LocalFree
QueryPerformanceCounter
IsDBCSLeadByte
VirtualAlloc
ConvertDefaultLocale
DuplicateHandle
FormatMessageW
SetSystemTimeAdjustment
CreateDirectoryA
DeleteFileA
SetFileAttributesA
GetFileInformationByHandle
GetComputerNameW
lstrcpyW
SetCommTimeouts
CreateFileA

Exports

Exports

?ForwardControlItem@@YGK_KK:O

Sections

.itext
Size: 21KB - Virtual size: 21KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.ips1
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ips2
Size: 512B - Virtual size: 88B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.read
Size: 512B - Virtual size: 184KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.ips3
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ips4
Size: 41KB - Virtual size: 41KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 96KB - Virtual size: 95KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

83f012a65ca1232c48f2fefa8e1d6b7c

Headers

File Characteristics

PDB Paths

Imports

msvcrt

shlwapi

user32

kernel32

Exports

Exports

Sections

.itext Size: 21KB - Virtual size: 21KB

.ips1 Size: 6KB - Virtual size: 5KB

.ips2 Size: 512B - Virtual size: 88B

.read Size: 512B - Virtual size: 184KB

.ips3 Size: 1KB - Virtual size: 1KB

.data Size: 3KB - Virtual size: 2KB

.ips4 Size: 41KB - Virtual size: 41KB

.rsrc Size: 96KB - Virtual size: 95KB

.reloc Size: 2KB - Virtual size: 1KB

.itext
Size: 21KB - Virtual size: 21KB

.ips1
Size: 6KB - Virtual size: 5KB

.ips2
Size: 512B - Virtual size: 88B

.read
Size: 512B - Virtual size: 184KB

.ips3
Size: 1KB - Virtual size: 1KB

.data
Size: 3KB - Virtual size: 2KB

.ips4
Size: 41KB - Virtual size: 41KB

.rsrc
Size: 96KB - Virtual size: 95KB

.reloc
Size: 2KB - Virtual size: 1KB