fb70a819ceaeb3cb398982acb9360b67_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

fb70a819ceaeb3cb398982acb9360b67_JaffaCakes118
Size

180KB
MD5

fb70a819ceaeb3cb398982acb9360b67
SHA1

d171bcbd5c337de267a62cf5b1f4198e97598266
SHA256

81b49c87c171a9bc5452c9476e7d18d13e15f13c4c42ba0766a26d82b231b1e4
SHA512

1b129e3555ba1bbb4dfbc8a3a53a459e474afe0999613e47d88c6ca30bd22b1624a4657512d2a8ba5a567b64fe7dce72aefcd23c74a547269ddf6cb260fc48dc
SSDEEP

3072:mWMQFmL3atKTjmNpmUwfKBDF21vd010wOWW/PW58sMJM9MY3Yq:hmL8KTjmPmU0iR25S1wrG58s7

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
fb70a819ceaeb3cb398982acb9360b67_JaffaCakes118

Files

fb70a819ceaeb3cb398982acb9360b67_JaffaCakes118
.exe windows:5 windows x86 arch:x86

f40b9216e2165c03686a28c497f26429

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

W:\ocsozjl\WbyuGvHOu\aqjxxxgTR\DeszCWJqP\sXkrbcQam.pdb

Imports

user32

LoadCursorW
CloseDesktop
DrawFocusRect
DragObject
ChildWindowFromPoint
GetCaretPos
GetDlgItem
PostMessageA
RegisterHotKey
IsCharAlphaW
AppendMenuA
SetWindowPos
BringWindowToTop
CheckDlgButton
DefFrameProcW
PostQuitMessage
OpenIcon
DialogBoxIndirectParamW
CreateAcceleratorTableW
EnableMenuItem
ScreenToClient
SetActiveWindow
SetMenuItemBitmaps
CreateDialogIndirectParamW
wvsprintfW
CreateIconFromResource
CharToOemW
ChangeMenuW
SendMessageA
OffsetRect
GetMenuItemRect
SetMenuItemInfoW
AppendMenuW
CreateDialogParamW
DrawStateW
RegisterWindowMessageW
GetWindowTextW
GetMenuItemCount
CheckMenuRadioItem
GetClassInfoA
SendNotifyMessageW
SetMenu
DrawIconEx
GetScrollRange
IsDialogMessageA
RegisterClassExA
DrawTextW
DrawIcon
EndPaint
LoadAcceleratorsW
AdjustWindowRectEx
OpenDesktopW
AttachThreadInput
AllowSetForegroundWindow
CallWindowProcW
GetWindowDC
MessageBoxExA
DestroyMenu
ModifyMenuW
ActivateKeyboardLayout
DispatchMessageA
MonitorFromRect
IntersectRect
SetParent
LockWindowUpdate
DefDlgProcA
IsZoomed
CharLowerBuffW
DestroyCaret
MapDialogRect
GetWindowRect
IsCharUpperA
GetKeyboardLayoutNameW
TrackPopupMenuEx
GetDCEx
CheckMenuItem
SetCaretPos
InvalidateRect
IsRectEmpty
GetSystemMetrics
GetUpdateRect
CharPrevA
RegisterWindowMessageA
ReplyMessage
LoadBitmapW
DestroyAcceleratorTable
IsWindowUnicode
GetMenuState
SetLastErrorEx
GetKeyboardType
GetUpdateRgn
CharUpperBuffA
EqualRect
GetDoubleClickTime
GetShellWindow
MapWindowPoints
CharLowerW
GetSubMenu
EnableWindow
GetScrollPos
MessageBoxA
GetWindowPlacement
CharNextA
IsDialogMessageW
LoadImageA
SetScrollInfo
GetWindow
RegisterClassExW
OemToCharA
InSendMessage
BeginPaint
GetDlgItemTextW
CharUpperBuffW
SetDlgItemInt
EnumChildWindows
HideCaret
FindWindowA
OpenInputDesktop
SetPropW
CheckRadioButton

shlwapi

PathIsUNCA

msvcrt

setvbuf
memset
_controlfp
putchar
__set_app_type
gmtime
wcsncpy
wcstoul
wcscoll
exit
puts
__p__fmode
setlocale
rand
putc
floor
fwrite
__p__commode
wcstol
strtol
strpbrk
ungetc
_amsg_exit
mbtowc
_initterm
_ismbblead
fputs
isxdigit
_XcptFilter
fread
vsprintf
strerror
mktime
_exit
_cexit
iswctype
wcsstr
isprint
strcoll
wcstombs
qsort
__setusermatherr
strcspn
malloc
__getmainargs
free
wcspbrk
strrchr
calloc
fseek

kernel32

LocalFree
WaitForMultipleObjectsEx
CloseHandle
GetWindowsDirectoryW
CancelIo
GetCommState
lstrcatA
GlobalHandle
SetFileAttributesW
IsDBCSLeadByte
IsBadReadPtr
GetFullPathNameW
LocalReAlloc
IsBadCodePtr
GlobalDeleteAtom
SetFilePointer
GetLocalTime
SetHandleCount
GetComputerNameExA
GetTempFileNameA
VirtualProtect
lstrcpyA
lstrcatW
EnumResourceNamesW
GetSystemDefaultLangID
SizeofResource
CreateWaitableTimerW
GetComputerNameA
GetWindowsDirectoryA
HeapAlloc
SetSystemTimeAdjustment
HeapValidate
GlobalAddAtomW
lstrcmpiW
LockFile
VerSetConditionMask
SetUnhandledExceptionFilter
EnumResourceNamesA
SearchPathW
GetOverlappedResult
GetTempFileNameW
GetSystemDirectoryW
GetFileSize
HeapFree
SetMailslotInfo
VerifyVersionInfoW
ReadFile
FileTimeToDosDateTime
ResetEvent
SetThreadPriority
FreeLibrary
GetSystemWindowsDirectoryW
GetHandleInformation
GetLocaleInfoA
EnumSystemLocalesA

Exports

Exports

?ForwardControlItem@@YGK_KK:O

Sections

.text
Size: 22KB - Virtual size: 21KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.ips1
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ips2
Size: 512B - Virtual size: 88B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.read
Size: 512B - Virtual size: 184KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.ips3
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ips4
Size: 42KB - Virtual size: 41KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 102KB - Virtual size: 101KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f40b9216e2165c03686a28c497f26429

Headers

File Characteristics

PDB Paths

Imports

user32

shlwapi

msvcrt

kernel32

Exports

Exports

Sections

.text Size: 22KB - Virtual size: 21KB

.ips1 Size: 6KB - Virtual size: 5KB

.ips2 Size: 512B - Virtual size: 88B

.read Size: 512B - Virtual size: 184KB

.ips3 Size: 1KB - Virtual size: 1KB

.data Size: 3KB - Virtual size: 2KB

.ips4 Size: 42KB - Virtual size: 41KB

.rsrc Size: 102KB - Virtual size: 101KB

.reloc Size: 2KB - Virtual size: 1KB

.text
Size: 22KB - Virtual size: 21KB

.ips1
Size: 6KB - Virtual size: 5KB

.ips2
Size: 512B - Virtual size: 88B

.read
Size: 512B - Virtual size: 184KB

.ips3
Size: 1KB - Virtual size: 1KB

.data
Size: 3KB - Virtual size: 2KB

.ips4
Size: 42KB - Virtual size: 41KB

.rsrc
Size: 102KB - Virtual size: 101KB

.reloc
Size: 2KB - Virtual size: 1KB