e27560ad6f1b2c730bbddc32e5bf905e_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

e27560ad6f1b2c730bbddc32e5bf905e_JaffaCakes118
Size

216KB
MD5

e27560ad6f1b2c730bbddc32e5bf905e
SHA1

b3fa9853a62864bee67b648a65bcc1c9d29fcffe
SHA256

1b8e5193d30f3526fceab144c68ccf1b74d484dbeadcf90d38c1706360204336
SHA512

2902a01b2868adc707046db2e3242d60f060435ccee6be019250d04dbe9288be39489b1046ee65ffef80bf5e4aced727c468291f652a7834f9d53eabf2818564
SSDEEP

3072:ezvpsNB7c0hSeDJ25bSX2MfV3L4QsQAIUVffJ+ZQiHGqqU5jR+Rlo+:e7pWIWLJ25NQJDi9tMZQix51T+

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
e27560ad6f1b2c730bbddc32e5bf905e_JaffaCakes118

Files

e27560ad6f1b2c730bbddc32e5bf905e_JaffaCakes118
.exe windows:5 windows x86 arch:x86

1e588f60d59a02bdcb3919fb7acf6a6a

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

I:\szcgShqhJnAsy\vnvwRqFj\udYsnZhtdsnjo\gocnmBjde.pdb

Imports

msvcrt

_controlfp
__set_app_type
__p__fmode
__p__commode
setvbuf
printf
clock
_amsg_exit
atoi
_initterm
_acmdln
calloc
ungetc
exit
fclose
strncmp
strcspn
fwrite
malloc
strcpy
_ismbblead
iswdigit
_XcptFilter
strcoll
remove
vswprintf
iswspace
sscanf
_exit
_cexit
iswalpha
free
putc
isalpha
__setusermatherr
wcstombs
floor
__getmainargs
wcscspn

comctl32

ImageList_Read
ImageList_GetIcon
ImageList_Destroy
ImageList_AddMasked
CreatePropertySheetPageA

user32

InvertRect
GetMessageExtraInfo
CheckMenuItem
MoveWindow
GetPropW
KillTimer
EnumWindows
GetClassLongA
SetDlgItemTextW
OemToCharA
EnableWindow
GetWindow
GetMenuStringA
GetSystemMetrics
MessageBoxW
IsCharUpperA
LoadAcceleratorsA
GetSysColor
ToUnicodeEx
DialogBoxIndirectParamA
DrawMenuBar
IsRectEmpty
SetWindowPos
SetLastErrorEx
GetDlgItem
DrawIcon
ShowOwnedPopups
HideCaret
GetClipCursor
FindWindowExW
GetKeyboardLayoutList
GetScrollRange
DrawTextA
SetParent
IsWindow
CharUpperW
CheckDlgButton
ShowCursor
FindWindowA
ChildWindowFromPoint
SetMenuItemBitmaps
ShowWindow
GetMenuCheckMarkDimensions
SendNotifyMessageW
SendMessageW
AdjustWindowRectEx
SetForegroundWindow
GetMessageW
DrawStateA
SetScrollPos
IsDialogMessageA
DialogBoxParamA
wsprintfA
GetClassNameW
CharLowerW
LoadCursorW
IsMenu
GetDesktopWindow
ClipCursor
GetNextDlgTabItem
IsDlgButtonChecked
GetDialogBaseUnits
CharPrevA
ChildWindowFromPointEx
GetNextDlgGroupItem
GetWindowTextW
IsDialogMessageW
AppendMenuW
SetMenuItemInfoW
GetClassInfoExW
SetWindowRgn
SetWindowLongA
PostMessageA
EqualRect
SetClassLongW
DeleteMenu
GetWindowTextA
GetScrollPos
AdjustWindowRect
SendMessageA
InvalidateRect
DestroyIcon
DrawIconEx
SetWindowPlacement
CharToOemBuffA
RegisterClassExA
SystemParametersInfoA

gdi32

SetBitmapBits
WidenPath
GetTextMetricsW
CreateFontA
SetBkMode
GetSystemPaletteUse
SetPixel
GetObjectA
SetTextAlign
SetMapMode
GetTextExtentPoint32A
GetObjectW
CreateCompatibleBitmap
BeginPath
OffsetRgn
EnumFontsW
CreateRectRgnIndirect
CreateHatchBrush
Ellipse
PatBlt
CreateHalftonePalette
Escape
CreateDIBSection
CreatePalette
CreateSolidBrush
GetFontData
OffsetViewportOrgEx
GetTextAlign
GetCurrentObject
SaveDC
Polygon
SelectObject
StretchBlt
PtInRegion
CreateFontW

kernel32

VirtualFree
GetLastError
GetStartupInfoA
FindNextFileA
GetFileAttributesExA
PulseEvent
MoveFileW
FileTimeToLocalFileTime
lstrcatW
ExitThread
SetSystemTimeAdjustment
LoadLibraryExA
DeleteAtom
MoveFileExA
SetupComm
GlobalAddAtomA
GetCurrentDirectoryW
lstrcmpA
FreeResource
GetCurrentThreadId
AddAtomW
FormatMessageW
Sleep
EnumResourceLanguagesA
GetShortPathNameA
SizeofResource
GetTickCount
GetThreadTimes
SetEvent
HeapUnlock
SetThreadExecutionState
SuspendThread
GetSystemDefaultLangID
IsValidLanguageGroup
CreateFileW
GetTempPathA
BuildCommDCBAndTimeoutsW
ReadFile
SetHandleInformation
GetSystemDefaultUILanguage
GetVersion

Exports

Exports

?IncrementTextOriginal@@YGMMPAJIPAE&U
?FreeCommandLineEx@@YGMKKPAK&U
?AddOptionExW@@YGXI&U
?IsNotMutexOld@@YGPAFPAHPAF&U
?ShowMutantW@@YGPAID&U
?CopyPointOriginal@@YGDPA_NJK&U
?GeneratePenOld@@YGPAIPAEPAHIK&U
?GlobalListEx@@YGKD&U
?RtlSystemExW@@YGGD&U
?IsValidDirectoryExW@@YGFPA_NEJJ&U
?ModifyKeyNameEx@@YG_NEJ&U
?GeneratePointNew@@YGHKHPAF&U
?HideModuleExA@@YG_ND&U
?RtlNameExA@@YGJJDPAG&U
?InvalidatePathNew@@YGJDEJH&U
?CallWindowInfoOld@@YGNPAMH&U
?OnScreenOld@@YGHD&U
?HideProcess@@YGPAIKK&U
?DecrementAppNameW@@YGPAX_NPAD&U
?FormatEventOriginal@@YGPAMF&U
?InvalidateVersionW@@YGKPAKGFPAE&U
?CallWindowInfo@@YGPAFMJI&U
?PutAppNameOld@@YGPAXPAHPADID&U
?IsProcessExA@@YGPAFDNI&U
?FormatObjectNew@@YGPADGPAKM_N&U
?PutDialogNew@@YGEMPAK&U
?GetFunctionOld@@YGEMPAM&U
?SetMutexOriginal@@YGKPAE&U
?SetComponentOriginal@@YGHGPAN&U
?DecrementPoint@@YGPAXPA_NDD&U
?IsNotWindowInfoNew@@YG_NNI&U
?CopyCharA@@YGPAM_N&U
?CancelMediaTypeOld@@YGJD&U
?AddDataW@@YGFIPAKDD&U
?LoadFilePathOriginal@@YGFIEIM&U

Sections

.text
Size: 75KB - Virtual size: 75KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.imdat
Size: 1024B - Virtual size: 848B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.edata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 18KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 1024B - Virtual size: 62KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 116KB - Virtual size: 116KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

1e588f60d59a02bdcb3919fb7acf6a6a

Headers

File Characteristics

PDB Paths

Imports

msvcrt

comctl32

user32

gdi32

kernel32

Exports

Exports

Sections

.text Size: 75KB - Virtual size: 75KB

.imdat Size: 1024B - Virtual size: 848B

.edata Size: 1KB - Virtual size: 1KB

.data Size: 18KB - Virtual size: 17KB

.rdata Size: 1024B - Virtual size: 62KB

.rsrc Size: 116KB - Virtual size: 116KB

.reloc Size: 2KB - Virtual size: 1KB

.text
Size: 75KB - Virtual size: 75KB

.imdat
Size: 1024B - Virtual size: 848B

.edata
Size: 1KB - Virtual size: 1KB

.data
Size: 18KB - Virtual size: 17KB

.rdata
Size: 1024B - Virtual size: 62KB

.rsrc
Size: 116KB - Virtual size: 116KB

.reloc
Size: 2KB - Virtual size: 1KB