eae50ba6370a5e97f3eaaca1f6de32ae_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

eae50ba6370a5e97f3eaaca1f6de32ae_JaffaCakes118
Size

291KB
MD5

eae50ba6370a5e97f3eaaca1f6de32ae
SHA1

a130c1685485377e80dc3985f4499248e65af253
SHA256

b9c40a82a550cdc68b2c84a1370d966abe4fe5d7d75642b001c0f5b2c18745c8
SHA512

e366053867068bad9dfb3e0b2807538d91e608f02a36d161cd367fde194e9461ab23a112e770428007fd04a0f3870832137ea62f1e30f3fb4f896f8f604156c7
SSDEEP

3072:Pp1MVu3B/o8+4jeNYxJ+cqjCsigAKSHcRf/CkUHUTO1Cc6sBCizyyv51mVg0Ioc6:TEu3dlHecA4g9qHUT8Ryi1uJIn3q

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
eae50ba6370a5e97f3eaaca1f6de32ae_JaffaCakes118

Files

eae50ba6370a5e97f3eaaca1f6de32ae_JaffaCakes118
.exe windows:5 windows x86 arch:x86

15ab82471f0fbc530e689baeb948a32e

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

E:\qetgJVmWpnjAq\jgQpyTej\JdtrRxs.pdb

Imports

msvcrt

localtime
strcpy
iswspace
fgets
floor
qsort
wcscoll
wcsncmp
putchar
strncmp
fflush
isalpha
strrchr
strtol
iswalpha
_controlfp
__set_app_type
__p__fmode
sscanf
sprintf
mktime
__p__commode
ftell
_amsg_exit
iswctype
_initterm
_acmdln
wcsstr
exit
iswxdigit
strpbrk
_ismbblead
fwrite
_XcptFilter
remove
towlower
_exit
_cexit
__setusermatherr
atoi
swprintf
ungetc
vswprintf
wcscpy
wcslen
__getmainargs

kernel32

FindNextFileA
GlobalFlags
GetSystemTimeAsFileTime
SuspendThread
FileTimeToSystemTime
LocalUnlock
GetStartupInfoW
FindResourceA
lstrcmpA
CopyFileA
GetBinaryTypeA
GlobalFindAtomW
FindCloseChangeNotification
SetNamedPipeHandleState
GetThreadLocale
WinExec
FlushViewOfFile
GetTimeFormatW
SetCurrentDirectoryA
GetOverlappedResult
IsBadReadPtr
GlobalFree
SetThreadAffinityMask
GetLocalTime
FormatMessageW
lstrlenA
CreateEventW
SearchPathA
GetSystemWindowsDirectoryA
GetCurrentThreadId
ReleaseMutex
GlobalGetAtomNameA
SetSystemTime
WideCharToMultiByte
QueryPerformanceCounter
PulseEvent
GetCPInfo
GlobalAddAtomW
LocalFree
SetLastError
GetWindowsDirectoryW
ConvertDefaultLocale
HeapAlloc
GetCommState
GetThreadContext
DisconnectNamedPipe
CreateEventA
GetComputerNameExA
SetTimerQueueTimer
lstrcmpiA
HeapReAlloc

user32

CreateCursor
RegisterWindowMessageW
AllowSetForegroundWindow
wsprintfA
SendMessageTimeoutW
LoadMenuW
GetMessagePos
FrameRect
LoadBitmapA
FindWindowW
ScrollWindowEx
GetWindowLongW
DeferWindowPos
PostThreadMessageW
GetMenuState
ClientToScreen
CharPrevW
CheckMenuItem
LoadStringA
SetWindowTextW
SetScrollRange
EnableMenuItem
CheckRadioButton
DefWindowProcA
GetKeyboardLayoutList
HiliteMenuItem
SetCursor
GetTopWindow
UpdateWindow
SetForegroundWindow
CharLowerA
ModifyMenuW
GetKeyNameTextW
MessageBoxExA
AttachThreadInput
SetRect
ToUnicodeEx
ChildWindowFromPointEx
GetMessageTime
CharUpperBuffW
OemToCharBuffA
TranslateMessage
IsDialogMessageA
GetDlgItemTextA
GetClassInfoExA
GetMessageA
DestroyWindow
VkKeyScanW
DefDlgProcW
ScreenToClient
GetCursorPos
ShowWindow
ChildWindowFromPoint
GetUserObjectInformationW
LoadAcceleratorsW
GetActiveWindow
wvsprintfA
GetDC
wsprintfW
TileWindows
SetClassLongW
DispatchMessageA
EnumThreadWindows
SendDlgItemMessageW
CreateWindowExW
ArrangeIconicWindows
RegisterClassExA
SendMessageW
AppendMenuW
SetScrollInfo
LockWindowUpdate
CopyImage
TabbedTextOutW
SwapMouseButton
GetClassLongA
GetWindowRect
DrawFrameControl
SetWindowPos
ChangeMenuW
SystemParametersInfoA
RegisterClassW
EnumChildWindows
GetDlgItem
RegisterWindowMessageA
keybd_event
DrawTextW
ShowOwnedPopups
CharToOemBuffA
UnloadKeyboardLayout
LookupIconIdFromDirectory
GetLastActivePopup
WaitMessage
GetMenuStringA
GetDlgItemTextW
GetParent
GetNextDlgGroupItem
RegisterHotKey
GetForegroundWindow
SendMessageTimeoutA
PtInRect
CreateDialogIndirectParamW
RegisterClassA
RemovePropW
ClipCursor
MessageBoxA
ShowScrollBar
IsWindowEnabled
GetNextDlgTabItem
DialogBoxIndirectParamW
LoadImageW
EnableScrollBar

comdlg32

ReplaceTextW
GetSaveFileNameW
PrintDlgW
CommDlgExtendedError
PageSetupDlgW
GetSaveFileNameA

gdi32

GetCurrentObject
ExtTextOutA
GetTextMetricsW
RectInRegion
CombineRgn
GetTextExtentPoint32W
AddFontResourceW
GetStockObject
GetSystemPaletteUse
GetFontData
GetMapMode
RemoveFontResourceW
SetLayout
CreateDIBitmap
CreateEllipticRgnIndirect
SetViewportOrgEx
GetPaletteEntries
GetSystemPaletteEntries
Polyline
RestoreDC
SetBitmapBits
DeleteDC
CreateCompatibleDC
GetWindowOrgEx
GetBitmapBits
SetBkMode
SetDIBits
EndPage
ExtFloodFill
GetObjectW
GetDIBColorTable
GetClipBox
OffsetViewportOrgEx
PathToRegion
GetTextExtentPointW
GetObjectA
GetBkMode
EnumFontFamiliesExW
StretchDIBits
CreateFontIndirectA
SelectObject
StretchBlt
ExtTextOutW
SelectClipRgn
LineTo
SetTextAlign
BitBlt

Exports

Exports

?SetCommandLineA@@YGHDPAEE@Z
?HideKeyboard@@YGPADIKF@Z
?CallWindowInfoNew@@YGPAIPAGN@Z
?GetFilePathA@@YGGPAG@Z
?HideStringEx@@YGDHDPAD@Z
?HideSizeExW@@YGPAGGDPAJ@Z
?FreeModule@@YGHKPAMH@Z
?ValidateListExW@@YGJH@Z
?FreeThreadOld@@YGGEJ@Z
?PutConfigExA@@YGDD@Z
?InsertObjectOriginal@@YGNHIPAF_N@Z
?HideMutantNew@@YGPAXIID@Z
?InvalidateFolderPathEx@@YGPAFEI@Z
?KillMonitorOld@@YGHPAKF@Z
?KillFullNameEx@@YGPAHHIF@Z
?IncrementWindowExA@@YGPAJPAMD@Z
?InstallPointExW@@YGHGPADNI@Z
?DecrementMediaTypeA@@YGXPAGE_NK@Z
?KillWindowInfoExA@@YGPAXPAM_N@Z
?InvalidateListOld@@YGPAFG@Z
?ValidateModule@@YGXNPAHPAKPAF@Z
?ValidateKeyNameW@@YGDPAE@Z
?ShowOptionExW@@YGPAXPAD@Z
?CallAppNameExW@@YGF_NPADHJ@Z
?GenerateConfigOld@@YGFFJII@Z
?GlobalPointA@@YGKNGPAG@Z
?HideHeaderA@@YGPAXPAEEKPAE@Z
?LoadMonitorOld@@YGXN_NFH@Z
?RtlAppNameNew@@YGDPADDJK@Z
?FolderPath@@YG_NEPAJH@Z
?CallTimerOriginal@@YGFMFPADE@Z
?DecrementConfigExW@@YGXF@Z
?KillWidthOriginal@@YGPANPAKJ@Z
?OnSizeEx@@YGPAJD@Z
?IsNotCharExW@@YGJHPAKG@Z

Sections

.text
Size: 60KB - Virtual size: 59KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.dt_i
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.dt_e
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 77KB - Virtual size: 77KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 129KB - Virtual size: 128KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

15ab82471f0fbc530e689baeb948a32e

Headers

File Characteristics

PDB Paths

Imports

msvcrt

kernel32

user32

comdlg32

gdi32

Exports

Exports

Sections

.text Size: 60KB - Virtual size: 59KB

.dt_i Size: 6KB - Virtual size: 6KB

.dt_e Size: 1KB - Virtual size: 1KB

.data Size: 13KB - Virtual size: 13KB

.rdata Size: 77KB - Virtual size: 77KB

.rsrc Size: 129KB - Virtual size: 128KB

.reloc Size: 2KB - Virtual size: 1KB

.text
Size: 60KB - Virtual size: 59KB

.dt_i
Size: 6KB - Virtual size: 6KB

.dt_e
Size: 1KB - Virtual size: 1KB

.data
Size: 13KB - Virtual size: 13KB

.rdata
Size: 77KB - Virtual size: 77KB

.rsrc
Size: 129KB - Virtual size: 128KB

.reloc
Size: 2KB - Virtual size: 1KB