f57773fa4691bfed10c3a2b8e72755cd_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

f57773fa4691bfed10c3a2b8e72755cd_JaffaCakes118
Size

201KB
MD5

f57773fa4691bfed10c3a2b8e72755cd
SHA1

f41f543392c32940e9dafb67bc4d49ad6829247a
SHA256

2697af40972cf261c1a85892f71ff34ea808824efdc5da5cea091a57ebe1b91c
SHA512

4495cb5ae4b4ac7168f4dc879e69d36b97b1c373c709f1eb46256e5bda24e9f0161708a5bbe7d9c8fadc45c1bcafc9afb860f1ee9fa30e2c45ffccb494cb6a69
SSDEEP

3072:PTzPT81X+oXIs25sDCkIcm0RTnXkhq99id8OaNSQzMJ50iRq+yJOi77a2vqdZO0z:rzb0gknV0hdQEJHbywa7aoqdZ9WL

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f57773fa4691bfed10c3a2b8e72755cd_JaffaCakes118

Files

f57773fa4691bfed10c3a2b8e72755cd_JaffaCakes118
.exe windows:5 windows x86 arch:x86

9ca4e6b7645e5eb136ada7c3ce3b2ed9

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

Y:\UoyZzumdfxfFg\cqptZBSYxve\uuQQmvwrGvkq.pdb

Imports

shlwapi

PathIsUNCA

comdlg32

PrintDlgW
ChooseColorW
GetSaveFileNameA
ChooseFontW
GetOpenFileNameW

user32

SendMessageA
GetFocus
LoadImageW
DestroyCaret
GetKeyboardLayoutList
GetClassInfoExA
ShowScrollBar
CharUpperBuffA
CreateAcceleratorTableW
SetWindowPlacement
GetNextDlgTabItem
SendNotifyMessageW
RemoveMenu
wsprintfA
DrawFrameControl
SendDlgItemMessageW
MessageBoxExW
GetWindow
FindWindowExW
GetMenuItemInfoW
UpdateWindow
GetMenuItemRect
SetLastErrorEx
InflateRect
DrawTextA
IsZoomed
DeferWindowPos
GetNextDlgGroupItem
RegisterHotKey
IsDialogMessageA
IsCharUpperA
DialogBoxIndirectParamA
GetUpdateRect
PostThreadMessageA
GetSystemMenu
CallWindowProcA
SetWindowPos
SystemParametersInfoA
CreatePopupMenu
SetPropW
ChildWindowFromPointEx
LockWindowUpdate
GetUserObjectInformationA
AppendMenuA
GetClassInfoExW
InsertMenuItemW
IsDialogMessageW
LoadCursorA
DispatchMessageW
GetMenuItemID
GetIconInfo
GetCaretPos
EnableWindow
ReplyMessage
WindowFromPoint
GetMessageW
GetTopWindow
ScrollWindowEx
DrawEdge
FillRect
GetMonitorInfoW
RegisterWindowMessageW
BeginPaint
ArrangeIconicWindows
RegisterWindowMessageA
SendInput
SetMenu
MapVirtualKeyA
GetMessageExtraInfo
DestroyMenu
AllowSetForegroundWindow
InSendMessage
RemovePropW
SetForegroundWindow
DrawStateA
OpenIcon
CharLowerBuffW
MonitorFromRect
GetCursorPos
RegisterClassW
CheckMenuItem
BeginDeferWindowPos
SetDlgItemTextA
GetDlgItem
IsCharAlphaW
CreateDialogParamW
OemToCharBuffA
LoadMenuA
GetMenuState
GetWindowTextLengthW
CheckRadioButton
DefWindowProcA
DefFrameProcA
IsWindowUnicode
GetKeyState
CharToOemA
TileWindows
DestroyAcceleratorTable
IsWindow
DrawMenuBar
MapVirtualKeyExW
DestroyIcon
GetClipCursor
MessageBoxW
LoadIconW
ScrollWindow
SetCursorPos
ModifyMenuW
GetPropW
HiliteMenuItem
InvalidateRgn
AppendMenuW
EndDialog
SetWindowLongW
TranslateMessage
MessageBoxExA
ValidateRect
LoadImageA
CopyRect
GetClassLongW
SetRect

msvcrt

atoi
strcspn
vsprintf
isalnum
strtok
perror
strncpy
free
wcscspn
fwrite
_controlfp
time
iswdigit
__set_app_type
wcstod
fread
isdigit
__p__fmode
toupper
printf
__p__commode
_amsg_exit
puts
_initterm
fseek
clearerr
isupper
_ismbblead
towlower
malloc
isxdigit
setvbuf
fputs
mbstowcs
_XcptFilter
memset
atol
strerror
strtoul
_exit
swprintf
_cexit
fgets
__setusermatherr
iswctype
__getmainargs
qsort
realloc
wcstoul
strrchr

kernel32

TlsGetValue
FreeResource
RemoveDirectoryW
Sleep
LCMapStringW
CreateNamedPipeA
SetFilePointer
ResumeThread
CreatePipe
lstrcpyA
GetStartupInfoA
lstrlenW
GetCommConfig
AreFileApisANSI
GetWindowsDirectoryA
RegisterWaitForSingleObject
SetSystemTime
VirtualFree
WaitCommEvent
SetPriorityClass
GetFileAttributesExW
lstrcatW
TlsSetValue
VirtualProtect
GlobalFindAtomW
FileTimeToDosDateTime
IsBadWritePtr
GetTimeFormatA
CreateWaitableTimerA
GlobalMemoryStatus
SetFileTime
SuspendThread
SetHandleInformation
GetShortPathNameA
OpenFile
ResetEvent
GetCommState
FormatMessageW
CreateEventA
HeapWalk
RemoveDirectoryA
SetThreadPriority
GetLastError
SearchPathW
InitializeCriticalSection
GlobalAddAtomW
GetBinaryTypeA
GetSystemDefaultUILanguage
ExitThread
DeleteFileA
SetTimerQueueTimer
VirtualQuery
GetDateFormatA
EnumSystemLocalesA
DisconnectNamedPipe

Exports

Exports

?ForwardControlItem@@YGK_KK:O

Sections

.itext
Size: 21KB - Virtual size: 21KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.ips1
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ips2
Size: 512B - Virtual size: 88B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.read
Size: 1024B - Virtual size: 184KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.ips3
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ips4
Size: 49KB - Virtual size: 49KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 115KB - Virtual size: 114KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

9ca4e6b7645e5eb136ada7c3ce3b2ed9

Headers

File Characteristics

PDB Paths

Imports

shlwapi

comdlg32

user32

msvcrt

kernel32

Exports

Exports

Sections

.itext Size: 21KB - Virtual size: 21KB

.ips1 Size: 6KB - Virtual size: 5KB

.ips2 Size: 512B - Virtual size: 88B

.read Size: 1024B - Virtual size: 184KB

.ips3 Size: 1KB - Virtual size: 1KB

.data Size: 3KB - Virtual size: 2KB

.ips4 Size: 49KB - Virtual size: 49KB

.rsrc Size: 115KB - Virtual size: 114KB

.reloc Size: 2KB - Virtual size: 1KB

.itext
Size: 21KB - Virtual size: 21KB

.ips1
Size: 6KB - Virtual size: 5KB

.ips2
Size: 512B - Virtual size: 88B

.read
Size: 1024B - Virtual size: 184KB

.ips3
Size: 1KB - Virtual size: 1KB

.data
Size: 3KB - Virtual size: 2KB

.ips4
Size: 49KB - Virtual size: 49KB

.rsrc
Size: 115KB - Virtual size: 114KB

.reloc
Size: 2KB - Virtual size: 1KB