f4e1e915b192645f967b7e8ec4c07272_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

f4e1e915b192645f967b7e8ec4c07272_JaffaCakes118
Size

210KB
MD5

f4e1e915b192645f967b7e8ec4c07272
SHA1

61cdd5bdd75e0d1a2e26fb15ef8fe8be708a1e46
SHA256

e0c049ce0a29fa62c3343d55ebd1124647bf91498863b39c17826063919c858b
SHA512

3d206743310522d181f9bdf9cf2af8f797a3abc0355da757fc7e10a730f34de4932a448fb2a295525e86c0021ff1a28b4ebd46edf31adddc618aa1a5c528a9ba
SSDEEP

6144:o7A71j+tVIUnuOmIvPtrPHVEV1cT3HGYC6INi:FEtVln5m8pKwmJi

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f4e1e915b192645f967b7e8ec4c07272_JaffaCakes118

Files

f4e1e915b192645f967b7e8ec4c07272_JaffaCakes118
.exe windows:5 windows x86 arch:x86

62bf0e396d2f56c8f57fe61c12e6fd2b

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

C:\ZhevxcKvtrr\nkxefjkvdKJEit\hnssNheoNsi.pdb

Imports

comdlg32

PrintDlgW
FindTextW
GetOpenFileNameA
GetFileTitleW
PageSetupDlgW

user32

GetMessageTime
DrawEdge
GetDC
IsMenu
LockWindowUpdate
CharUpperBuffW
WaitMessage
SendMessageW
SystemParametersInfoW
SetScrollInfo
GetMenuItemCount
HiliteMenuItem
DrawStateA
EndTask
DestroyCursor
GetMessageW
GetMenuStringW
GetWindowTextA
UpdateWindow
GetWindowRect
ShowCursor
SetScrollPos
GetClassInfoExW
DestroyAcceleratorTable
DialogBoxIndirectParamW
SystemParametersInfoA
CreateCaret
MonitorFromRect
SetPropW
GetNextDlgTabItem
CheckRadioButton
wsprintfA
SetCursor
GetMessageExtraInfo
SetMenuItemInfoW
CharUpperBuffA
LoadStringW
DeleteMenu
DestroyWindow
GetClipCursor
GetTopWindow
GetNextDlgGroupItem
ClipCursor
ActivateKeyboardLayout
ReplyMessage
ShowWindowAsync
LoadCursorW
DefFrameProcW
CharPrevA
FrameRect
InvalidateRgn
EnableWindow
TrackPopupMenuEx
GetSysColor
CheckMenuItem
RegisterHotKey
MapVirtualKeyExW
CopyAcceleratorTableW
GetMessageA
RemoveMenu
RegisterWindowMessageW
GetKeyState
IsDialogMessageA
OpenInputDesktop
GetDCEx
GetForegroundWindow
LoadImageW
ScrollWindow
RedrawWindow
DrawFocusRect
GetKeyboardLayout
CreatePopupMenu
MonitorFromPoint
FindWindowExA
CallWindowProcA
FindWindowA
IsWindow
ChildWindowFromPointEx
GetDlgItem
SetActiveWindow
InSendMessage
PostThreadMessageA
GetDoubleClickTime
GetPropW
SetMenuItemBitmaps
LoadImageA
SetScrollRange
GetSubMenu

msvcrt

wcsncmp
_controlfp
__set_app_type
__p__fmode
swprintf
getenv
qsort
wcsncpy
ftell
__p__commode
sscanf
_amsg_exit
wcscpy
atoi
iswxdigit
isprint
strtoul
_initterm
wcstoul
_acmdln
islower
wcscat
calloc
system
exit
fputs
_ismbblead
_XcptFilter
isupper
_exit
toupper
_cexit
__setusermatherr
fseek
iswprint
strspn
__getmainargs
strtok

gdi32

GetClipBox
Escape
SelectObject
EndPath
LPtoDP
CreateCompatibleBitmap
BeginPath
SetDIBitsToDevice
SetPixel
Polyline
GetTextMetricsW
SetRectRgn
CombineRgn
SelectClipRgn
SetLayout
SetTextColor
GetFontData
ScaleViewportExtEx
StartDocW
EndDoc
IntersectClipRect
DeleteDC
CreateBrushIndirect
PolyBezier
GetTextExtentExPointW
GetRgnBox
SetViewportExtEx
DPtoLP
CreateHalftonePalette
GetLayout
EndPage
SetBitmapDimensionEx
GetTextExtentPoint32W
SelectPalette
SaveDC
EnumFontFamiliesExW
FillRgn

shlwapi

PathStripPathW

kernel32

SetHandleCount
VirtualProtect
SetFileTime
FindNextChangeNotification
GetStdHandle
MulDiv
GetFileInformationByHandle
CancelWaitableTimer
VerifyVersionInfoW
CompareFileTime
TlsSetValue
QueryDosDeviceW
GetShortPathNameA
HeapSize
GetTempPathW
GetUserDefaultUILanguage
BuildCommDCBAndTimeoutsW
CancelIo
DeleteFileW
UnlockFile
GlobalFree
GetNumberFormatW
GetComputerNameA
WaitCommEvent
FindFirstChangeNotificationW
GetLastError
lstrcpynA
TlsFree
PulseEvent
LeaveCriticalSection
GetTickCount
SetCommMask
GetUserDefaultLCID
CreateFileW
CompareStringA
OpenFileMappingA
GetSystemTime
SleepEx
LoadLibraryW
GetCommTimeouts
ClearCommError

Exports

Exports

?SleepAhHJDud@@YGKEPA_WG@Z
?SleepUDSUDlkdlsds@@YGKEPA_WG@Z
?SleepUDudjkUD@@YGKEPA_WG@Z
?SleepYDyjDuUI@@YGKEPA_WG@Z

Sections

.text
Size: 78KB - Virtual size: 78KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 323B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 19KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 1024B - Virtual size: 60KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 111KB - Virtual size: 111KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

62bf0e396d2f56c8f57fe61c12e6fd2b

Headers

File Characteristics

PDB Paths

Imports

comdlg32

user32

msvcrt

gdi32

shlwapi

kernel32

Exports

Exports

Sections

.text Size: 78KB - Virtual size: 78KB

.edata Size: 512B - Virtual size: 323B

.data Size: 19KB - Virtual size: 18KB

.rdata Size: 1024B - Virtual size: 60KB

.rsrc Size: 111KB - Virtual size: 111KB

.reloc Size: 2KB - Virtual size: 1KB

.text
Size: 78KB - Virtual size: 78KB

.edata
Size: 512B - Virtual size: 323B

.data
Size: 19KB - Virtual size: 18KB

.rdata
Size: 1024B - Virtual size: 60KB

.rsrc
Size: 111KB - Virtual size: 111KB

.reloc
Size: 2KB - Virtual size: 1KB