f070d2fead139e3abbe9eb0b3ea1ab1c_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

f070d2fead139e3abbe9eb0b3ea1ab1c_JaffaCakes118
Size

142KB
MD5

f070d2fead139e3abbe9eb0b3ea1ab1c
SHA1

567ad7b24609b285a41ee4411f8bb62b83daafe6
SHA256

7b70c069002493e592a48165f1cfaa5c76ed2a4ace007c72372bde18e7aa49d2
SHA512

63459b6659c642a2727e2010cc38661669ae9f5b55f810e0cd7ce8a594001a82d8b6dd06b0168d8e3a057bac835a16077722577e5fb899c34762d201227b4ad7
SSDEEP

3072:sKzBaq2RMMBOevuiHS+SPRpDiiNg/9To5vtDHsOs0dwgr9+B:Zoq2mqOevuiy1pcigVkhHsR0OgR+

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f070d2fead139e3abbe9eb0b3ea1ab1c_JaffaCakes118

Files

f070d2fead139e3abbe9eb0b3ea1ab1c_JaffaCakes118
.exe windows:5 windows x86 arch:x86

45b22bd5bb441802a39b0307b37f6fab

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

W:\pdazVtdbJU\TgdxdppgJ\lhmltqkrdczlI.pdb

Imports

msvcrt

_controlfp
wcscspn
isspace
__set_app_type
setlocale
wcsstr
__p__fmode
strtol
__p__commode
fputs
swscanf
_amsg_exit
iswprint
localtime
_initterm
strrchr
fgets
memset
fclose
wcstol
fseek
_ismbblead
vsprintf
ungetc
wcstok
sscanf
tolower
isalpha
malloc
strcoll
wcscmp
_XcptFilter
rand
printf
isdigit
gets
_exit
free
remove
wcsncmp
wcscat
_cexit
getc
bsearch
fputc
__setusermatherr
realloc
__getmainargs

shlwapi

StrToIntW

user32

CharPrevW
SetWindowPos
GetFocus
DialogBoxIndirectParamW
OffsetRect
RegisterWindowMessageW
CreateWindowExA
SendMessageTimeoutA
keybd_event
GetMessageExtraInfo
SendMessageW
DialogBoxIndirectParamA
LoadIconW
PostThreadMessageA
SetCaretPos
LoadCursorW
DestroyIcon
GetPropW
InSendMessageEx
IsZoomed
OpenInputDesktop
GetMenuStringW
DrawStateA
DrawIconEx
DefWindowProcW
ToUnicodeEx
GetCursorPos
InvalidateRgn
GetUserObjectInformationW
AdjustWindowRectEx
GetMenuCheckMarkDimensions
DrawFrameControl
AdjustWindowRect
GetCaretBlinkTime
DefDlgProcA
LoadImageW
GetIconInfo
EnumThreadWindows
DefWindowProcA
MapDialogRect
CharLowerW
OpenDesktopW
OemToCharBuffA
PostMessageW
CreateMenu
BeginDeferWindowPos
GetGUIThreadInfo
IsDialogMessageA
ShowCaret
FindWindowExW
CharToOemBuffA
ShowWindow
RemovePropW
DestroyWindow
GetActiveWindow
SetActiveWindow
EqualRect
GetMessageTime
GetMessageA
CreateWindowExW
SetCursor
GetShellWindow
SetDlgItemInt
GetWindowModuleFileNameW
GetMonitorInfoW
DrawStateW
SetCursorPos
RegisterWindowMessageA
SetPropW
DrawEdge
GetNextDlgGroupItem
DrawIcon
DefFrameProcW
GetWindowRect
GetWindowDC
ChangeMenuW
DrawTextExW
CreatePopupMenu
MapVirtualKeyExW
GetWindowPlacement
GetScrollRange
DrawMenuBar
CharLowerBuffW
GetMessagePos
SetRect
LoadAcceleratorsW
InsertMenuItemW
GetWindowTextA
IsWindowEnabled
AllowSetForegroundWindow
SetDlgItemTextA
DrawFocusRect
SetWindowPlacement
RedrawWindow
RegisterClassExA
GetDC
FindWindowW
GetDlgItemTextA
SetWindowLongW
SendDlgItemMessageW
wvsprintfA
EnumWindows
IsCharAlphaNumericW
GetDCEx
UnloadKeyboardLayout
CharPrevA
WindowFromPoint
GetClassLongW
CloseDesktop
EnableWindow
RemoveMenu
TileWindows
RegisterHotKey
SendInput
LoadAcceleratorsA
LoadStringW
PostQuitMessage
MapVirtualKeyW
ModifyMenuW
ClipCursor
ClientToScreen
GetClassInfoExW
LoadBitmapW
MessageBoxW
IsWindowVisible
CharUpperBuffA

kernel32

CreateEventA
FindResourceW
lstrcpyA
GetCommState
SetCommMask
WriteFile
FindResourceExW
AddAtomW
HeapFree
CreateThread
SetCommBreak
HeapAlloc
LoadLibraryA
GetSystemTimeAsFileTime
EnumResourceTypesA
GetCurrentThreadId
DeleteFileA
VirtualProtect
DisconnectNamedPipe
SetFileAttributesW
SetLocalTime
GlobalAddAtomA
GetLocaleInfoA
HeapWalk
HeapValidate
lstrcatW
GlobalReAlloc
GetOEMCP
VirtualQuery
GetLongPathNameW
DefineDosDeviceW
GetSystemDirectoryW
GetLastError
GetFileAttributesW
GetThreadLocale
FindCloseChangeNotification
DeleteFileW
FreeResource
GetStdHandle
SetFilePointer
LocalFree
GetProcessHeap
GlobalAlloc
CreateSemaphoreW
GetVersion
GetModuleFileNameA
GetSystemDirectoryA
GetStartupInfoW
GlobalAddAtomW
GetCompressedFileSizeW
ClearCommBreak
UnhandledExceptionFilter
TlsGetValue
LoadLibraryExA
GetBinaryTypeW
CompareFileTime
CreateFileA
GetComputerNameW

Exports

Exports

?GenericOutputInfoYSUh@@YGK_KHE[D

Sections

.text
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 20KB - Virtual size: 76KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 111KB - Virtual size: 110KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

45b22bd5bb441802a39b0307b37f6fab

Headers

File Characteristics

PDB Paths

Imports

msvcrt

shlwapi

user32

kernel32

Exports

Exports

Sections

.text Size: 8KB - Virtual size: 8KB

.data Size: 20KB - Virtual size: 76KB

.rsrc Size: 111KB - Virtual size: 110KB

.reloc Size: 1KB - Virtual size: 1KB

.text
Size: 8KB - Virtual size: 8KB

.data
Size: 20KB - Virtual size: 76KB

.rsrc
Size: 111KB - Virtual size: 110KB

.reloc
Size: 1KB - Virtual size: 1KB