fa9f11ac92ff66b24af0d2bc08fd3061_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

fa9f11ac92ff66b24af0d2bc08fd3061_JaffaCakes118
Size

60KB
MD5

fa9f11ac92ff66b24af0d2bc08fd3061
SHA1

85ac53134b6173c7f54b95b4d814348320798b05
SHA256

675bc799ed57fa96a32acf0baea68723f246106f2cb9a9c42acd230d3c2a5cd3
SHA512

755461ac7664b97365080b8242d00fcff350a2a9918af3a59c22077cf3df7c0e0065afe007857dac14ce3d5d9b5659eb471d4f0f13858afae493a70cfe116ead
SSDEEP

768:GTANmSXnJ0vS0Be06Zmbkx+uR8pNQVeqEbh9c8FgcZMVq2ZXhwfXXqVvKeBKGsJ5:QYJsjWo20pjrCJXhQXXqVieYJ/vhVNT

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
fa9f11ac92ff66b24af0d2bc08fd3061_JaffaCakes118

Files

fa9f11ac92ff66b24af0d2bc08fd3061_JaffaCakes118
.exe windows:5 windows x86 arch:x86

a3e39e7d77ddb1c19d85a67ceacb9927

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

X:\Jwmckirg\UzqrzAh\UcbqXuvedQ\mAluegh\pagZIfigevHWhR.pdb

Imports

comdlg32

GetOpenFileNameW
ReplaceTextW
GetFileTitleW
GetSaveFileNameW

msvcrt

wcscmp
fputc
_controlfp
isalpha
mktime
rand
__set_app_type
fgetc
wcscpy
__p__fmode
wcschr
fflush
wcsncmp
srand
__p__commode
strcpy
_amsg_exit
isspace
setvbuf
perror
bsearch
_initterm
_ismbblead
strstr
wcscat
malloc
strpbrk
wcsrchr
localtime
atoi
realloc
iswprint
mbtowc
_XcptFilter
tolower
wcslen
_exit
floor
vswprintf
_cexit
fputs
__setusermatherr
__getmainargs
wcsstr
getc
clock
iswxdigit

user32

PeekMessageA
ShowOwnedPopups
TranslateMessage
DestroyIcon
GetUserObjectInformationW
IsWindowVisible
InsertMenuItemW
DrawMenuBar
GetMonitorInfoW
MessageBoxExW
BeginPaint
LoadMenuA
GetSysColorBrush
RegisterClassExW
GetClassInfoExW
GetLastActivePopup
DefDlgProcA
GetSystemMenu
GetDlgItemTextW
TrackPopupMenu
MapWindowPoints
PostQuitMessage
MoveWindow
GetScrollInfo
DefFrameProcA
IsCharAlphaA
PostMessageA
WaitForInputIdle
IsChild
WindowFromPoint
GetKeyboardLayoutNameW
AttachThreadInput
DispatchMessageA
CreateIconIndirect
GetIconInfo
AppendMenuW
GetActiveWindow
GetWindowPlacement
CloseDesktop
LoadAcceleratorsW
DestroyAcceleratorTable
RegisterClassA
InsertMenuW
GetWindowLongW
ScrollWindowEx
TranslateAcceleratorA
GetSystemMetrics
GetDlgItemInt
ScreenToClient
EqualRect
GetDCEx
ChildWindowFromPointEx
RegisterClassExA
EnableWindow
GetDlgItem
CharNextExA
EnumChildWindows
PostThreadMessageW
CharLowerW
SetWindowLongW
GetCaretPos
LoadCursorW
CharToOemA
SetLastErrorEx
SetWindowTextA
MessageBoxA
MessageBoxExA
SetUserObjectInformationW
EndPaint
GetCursorPos
SetMenuItemBitmaps
DefFrameProcW
SwitchToThisWindow
IsMenu
ShowCaret
ClipCursor
ModifyMenuW
AdjustWindowRectEx
LoadBitmapW
IsCharAlphaNumericW
UnloadKeyboardLayout
GetNextDlgGroupItem
OemToCharBuffA
GetMessageW
GetMenuItemID
GetWindow
GetTopWindow
EnableScrollBar
SendMessageW
CharPrevW
CreateWindowExA
EnumThreadWindows
GetClientRect
OpenDesktopW
GetSysColor
OemToCharA
GetMessageA
GetKeyboardLayout
EnumWindows
TrackPopupMenuEx
SendInput
GetSubMenu
TabbedTextOutW
CallWindowProcA
OpenIcon
SendMessageTimeoutA
PostMessageW
GetMessageExtraInfo
DefWindowProcW
CharUpperBuffA
DrawIconEx
SendNotifyMessageW
wvsprintfA
GetWindowTextA
ReleaseDC
IsZoomed
CharLowerBuffW
LoadStringA
SetCaretPos
CheckDlgButton
GetMenuState
CreateWindowExW
CharNextA

kernel32

SystemTimeToFileTime
FlushFileBuffers
SetFileAttributesW
GetVersionExW
ReleaseMutex
CreateMailslotW
GetTempPathA
TerminateThread
SetSystemTime
FindCloseChangeNotification
lstrlenA
GetBinaryTypeW
CopyFileW
GlobalFindAtomW
CreateFileMappingA
GetCurrentThreadId
CreateThread
OpenFile
lstrcmpiW
LoadLibraryA
GetFullPathNameA
GetShortPathNameW
SizeofResource
GetFileAttributesExW
LocalAlloc
ReadFile
SetErrorMode
GetUserDefaultLangID
SetupComm
GetCurrentThread
TlsGetValue
SuspendThread
GetModuleFileNameA
CancelIo
WinExec
GetLastError
GetHandleInformation
FindResourceExA
DeleteFileW
CompareStringW
GetTickCount
lstrcmpiA
AreFileApisANSI
lstrcpynA
GetSystemWindowsDirectoryA
GlobalAlloc
GetLongPathNameW
FindResourceExW
CreateFileA
RaiseException
GetCommConfig
UnmapViewOfFile
VirtualProtect
FormatMessageA
CreateNamedPipeA

Exports

Exports

?ExtractOptions@@YGK_KHE[D

Sections

.text
Size: 20KB - Virtual size: 20KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 118B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.div
Size: 512B - Virtual size: 128B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 2KB - Virtual size: 51KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 28KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a3e39e7d77ddb1c19d85a67ceacb9927

Headers

File Characteristics

PDB Paths

Imports

comdlg32

msvcrt

user32

kernel32

Exports

Exports

Sections

.text Size: 20KB - Virtual size: 20KB

.idata Size: 6KB - Virtual size: 5KB

.edata Size: 512B - Virtual size: 118B

.div Size: 512B - Virtual size: 128B

.data Size: 2KB - Virtual size: 51KB

.rsrc Size: 28KB - Virtual size: 27KB

.reloc Size: 1KB - Virtual size: 1KB

.text
Size: 20KB - Virtual size: 20KB

.idata
Size: 6KB - Virtual size: 5KB

.edata
Size: 512B - Virtual size: 118B

.div
Size: 512B - Virtual size: 128B

.data
Size: 2KB - Virtual size: 51KB

.rsrc
Size: 28KB - Virtual size: 27KB

.reloc
Size: 1KB - Virtual size: 1KB