f4eb17fe9355dfc5610753489baf3153_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

f4eb17fe9355dfc5610753489baf3153_JaffaCakes118
Size

187KB
MD5

f4eb17fe9355dfc5610753489baf3153
SHA1

684c0e1f96a328dcd1c841f856b15dbb27613f6d
SHA256

4922c4ee20c3fcc0f93561e56dadbba690dde160826a69c3b80b41a9ac533ff4
SHA512

fc5f8f178270d1583e92660e761b1409052fdde31c7969a92540656577087ab956369bbb62cb6ba4d5a5f55c976d918a71b167ebb6d51d207432adddc64cd616
SSDEEP

3072:jFutei7yssP9Iqq6lOu84CyZK9Jqt/63kJ3l3RmbJ1X5WIuLqwgLJf9LnH/W:jegssP91qYFlYMl3RwbEInwovHu

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f4eb17fe9355dfc5610753489baf3153_JaffaCakes118

Files

f4eb17fe9355dfc5610753489baf3153_JaffaCakes118
.exe windows:5 windows x86 arch:x86

57f20f3e66c15f2edb02ed904076798e

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

N:\sGccKkzJacalg\wiegifkNnqy\pqvswsnUeooior.pdb

Imports

msvcrt

swscanf
isprint
iswalpha
_controlfp
isspace
iswctype
__set_app_type
__p__fmode
__p__commode
getenv
floor
_amsg_exit
_initterm
strpbrk
setvbuf
printf
_acmdln
iswspace
wcstok
exit
wcscat
gets
system
vsprintf
free
wcschr
mbstowcs
strcspn
isalpha
_ismbblead
tolower
_XcptFilter
remove
vswprintf
fgetc
fflush
putc
_exit
wcscpy
fputs
wcstombs
_cexit
__setusermatherr
strstr
__getmainargs
towlower
fread
fprintf

comctl32

ImageList_Destroy
CreateStatusWindowW
PropertySheetA
ImageList_AddMasked
ImageList_Draw
CreatePropertySheetPageA

user32

EqualRect
LoadBitmapW
SetParent
CallWindowProcA
GetWindowLongW
WindowFromPoint
CreateIconIndirect
CharUpperW
GetLastActivePopup
GetMenuStringA
HideCaret
InvertRect
SendNotifyMessageW
CharToOemW
SetCursor
IsChild
ChangeMenuW
GetMenuCheckMarkDimensions
GetDlgItem
EnumThreadWindows
IsWindow
CheckMenuItem
SetTimer
DeleteMenu
DrawStateW
GetMessageW
ShowWindowAsync
GetScrollPos
IsCharLowerA
ClientToScreen
GetKeyboardType
DrawFocusRect
GetWindowTextW
AppendMenuA
GetSubMenu
InvalidateRgn
SetWindowLongA
GetCaretPos
CharUpperA
CreateDialogIndirectParamW
DialogBoxParamW
GetClipCursor
GetClassNameW
GetForegroundWindow
GetClassInfoA
SystemParametersInfoW
CharNextA
SendMessageTimeoutW
TranslateAcceleratorA
LoadMenuA
DrawTextExW
SetMenuItemBitmaps
BringWindowToTop
LockWindowUpdate
InflateRect
WaitForInputIdle
IsDialogMessageA
MapWindowPoints
DrawEdge
FindWindowW
SetMenu
GetShellWindow
RegisterClassA
CreateWindowExA
CallWindowProcW
BeginDeferWindowPos
TileWindows
ScrollWindow
GetWindowTextA
SetWindowPlacement
GetCursorPos
GetScrollRange
InSendMessageEx
TrackPopupMenu
CharToOemBuffA
AdjustWindowRect
SetMenuItemInfoW
UpdateWindow
GetSystemMetrics
SetMenuDefaultItem
CreateMenu
IsWindowVisible
GetMenuStringW
CreateCaret
SetWindowPos
CopyImage
DrawTextA
SendMessageTimeoutA
CreateIconFromResource
GetWindowRect
GetKeyboardLayout
HiliteMenuItem
SetLastErrorEx
LoadImageW
LookupIconIdFromDirectory
PostMessageA
UnionRect
keybd_event
DialogBoxIndirectParamW
DefFrameProcW
SendMessageW
GetScrollInfo
SetWindowTextA
GetTopWindow
MessageBoxW
ShowWindow
LoadAcceleratorsA
SetDlgItemTextA
GrayStringW
CopyRect
UnloadKeyboardLayout
DefFrameProcA
DestroyCursor
DestroyIcon
CopyAcceleratorTableW
DrawStateA
SendInput
IsDialogMessageW

comdlg32

PageSetupDlgW
ChooseFontW
FindTextW
GetFileTitleW
PrintDlgExW
GetOpenFileNameA

gdi32

EndPage
TranslateCharsetInfo
LPtoDP
CreatePatternBrush
RoundRect
SetBitmapDimensionEx
CreateFontIndirectW
PtVisible
GetTextMetricsW
GetWindowOrgEx
CreateDIBitmap
StretchDIBits
SetBkColor
OffsetViewportOrgEx
SetDIBitsToDevice
GetRgnBox
GetObjectW
GetNearestColor
CreateBitmap
GetTextExtentExPointW
SetBrushOrgEx
GetClipBox
ExcludeClipRect
GetDeviceCaps
GetLayout
SetWindowExtEx
CreateBitmapIndirect
ExtTextOutA
Rectangle
ScaleViewportExtEx
RectVisible
CreateFontA
RealizePalette
CreateHatchBrush
PatBlt
SetTextAlign
EnumFontFamiliesExW
SetPixel
BitBlt
RestoreDC
PolyBezier
GetSystemPaletteUse
GetSystemPaletteEntries
LineDDA
SetROP2
EndDoc
GetMapMode
DeleteDC

shlwapi

StrChrIA

kernel32

CreateEventW
WaitForMultipleObjectsEx
GetModuleHandleA
SetMailslotInfo
lstrcpyA
lstrcmpA
MapViewOfFile
GlobalCompact
GlobalUnlock
GetFileTime
HeapCreate
GetCommProperties
SearchPathW
FileTimeToDosDateTime
HeapValidate
SizeofResource
SetThreadExecutionState
GetTempFileNameA
lstrcpyW
VerSetConditionMask
CreateSemaphoreW
GlobalFindAtomW
RegisterWaitForSingleObject
FoldStringW
GetComputerNameA
GetModuleFileNameA
GetSystemTimeAsFileTime
GetAtomNameA
SuspendThread
SetThreadPriority
IsBadReadPtr
GetWindowsDirectoryW
EscapeCommFunction
CloseHandle
GetModuleFileNameW
GlobalAddAtomW
GetSystemDirectoryA
SetFileApisToOEM
OpenEventW
TlsSetValue
LoadLibraryExW
LoadLibraryA
HeapReAlloc
GetStartupInfoA
VirtualAlloc
IsDBCSLeadByte
WaitForSingleObject
CreateEventA
LCMapStringA
GetFileAttributesExA
HeapWalk
GetSystemWindowsDirectoryW
ClearCommError
RemoveDirectoryA

Exports

Exports

?GlobalArgumentExW@@YGPAX_NJ~U
?IsDeviceExW@@YGKDF_N~U
?ExecuteLoaderTrayXBwyGD@@YGKGHE@Z
?KillCommandLineNew@@YGMJMPAGG~U
?RtlSizeNew@@YGPAJPAKIPAK_N~U

Sections

.text
Size: 21KB - Virtual size: 20KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ticx
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.zdata
Size: 512B - Virtual size: 232B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 3KB - Virtual size: 355KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 152KB - Virtual size: 152KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

57f20f3e66c15f2edb02ed904076798e

Headers

File Characteristics

PDB Paths

Imports

msvcrt

comctl32

user32

comdlg32

gdi32

shlwapi

kernel32

Exports

Exports

Sections

.text Size: 21KB - Virtual size: 20KB

.ticx Size: 6KB - Virtual size: 6KB

.zdata Size: 512B - Virtual size: 232B

.data Size: 3KB - Virtual size: 355KB

.rsrc Size: 152KB - Virtual size: 152KB

.reloc Size: 2KB - Virtual size: 1KB

.text
Size: 21KB - Virtual size: 20KB

.ticx
Size: 6KB - Virtual size: 6KB

.zdata
Size: 512B - Virtual size: 232B

.data
Size: 3KB - Virtual size: 355KB

.rsrc
Size: 152KB - Virtual size: 152KB

.reloc
Size: 2KB - Virtual size: 1KB