fcfed246fb7189abf69be6e01fdc48c3_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

fcfed246fb7189abf69be6e01fdc48c3_JaffaCakes118
Size

207KB
MD5

fcfed246fb7189abf69be6e01fdc48c3
SHA1

6174a7e9c6b29ce10fa4df221898f357ec4cd60c
SHA256

44d115e6bc671cdd9776f8cce9c15db434bf9d68d7b3b678aaa2d8cf476547ee
SHA512

59844214abc5ae501d3d7148942eb033aba8b63dce19fcff82a4e22de97249bb319e7bb2f45350b61711363a1707a62bad3c08e9a403512f6d53c79cc837ae5c
SSDEEP

3072:h9EHoyEfcefBjvLUrUQxo6aeYON/LDXzPvYfcrRsCdEPF6a4U2EOUx6Z9oXYHqOM:wHCtwjSedtcfcrRw6a4eOUYb

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
fcfed246fb7189abf69be6e01fdc48c3_JaffaCakes118

Files

fcfed246fb7189abf69be6e01fdc48c3_JaffaCakes118
.exe windows:5 windows x86 arch:x86

3731b4e13d220b6efe826e87d063560a

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

Z:\hbdxpfHr\dlwSVQWrNX\NMvvLync.pdb

Imports

comdlg32

GetSaveFileNameA
ReplaceTextW
PrintDlgExW
GetSaveFileNameW
ChooseFontW

gdi32

GetSystemPaletteUse
SetDIBColorTable
MoveToEx
LineDDA
EnumFontFamiliesExW
GetLayout
CreateRoundRectRgn
AddFontResourceW
GetPixel
SetPaletteEntries
SetDIBits
Polyline
OffsetRgn
GetNearestPaletteIndex
GetTextExtentPoint32A
CreateFontIndirectA
ExtTextOutA
PtVisible
GetObjectW
SaveDC
TranslateCharsetInfo
ResizePalette
CreateFontW
GetFontData
GetTextAlign
GetCharWidth32W
StretchBlt
CreatePenIndirect
CreatePalette
EnumFontsW
GetStockObject
GetTextExtentPointW
GetCurrentObject
GetObjectA
TextOutW
RectInRegion
GetSystemPaletteEntries
PolyBezier
RoundRect
GetBkMode
GetNearestColor
GetTextFaceW
Polygon
GetTextExtentExPointW
EnumFontFamiliesW
SetViewportOrgEx
RestoreDC
IntersectClipRect
CreateCompatibleDC
DeleteDC
SetAbortProc
SetRectRgn
StartDocW

user32

SetDlgItemTextA
DrawIcon
OpenIcon
GetMenuItemRect
SetWindowRgn
LoadImageA
CreateIconFromResource
HiliteMenuItem
IsCharAlphaNumericW
MapDialogRect
GetNextDlgGroupItem
IsWindowUnicode
GetParent
GetCaretPos
LoadBitmapA
TranslateAcceleratorW
MessageBoxExA
DialogBoxIndirectParamA
UpdateWindow
PostThreadMessageA
SetFocus
GetUserObjectInformationW
RemovePropW
DrawTextA
BeginPaint
GetMenuStringW
EnumChildWindows
SetWindowLongW
PeekMessageA
GetSysColorBrush
DestroyMenu
GetActiveWindow
GetScrollInfo
EndDialog
RegisterClassExA
GetLastActivePopup
CreateAcceleratorTableW
wvsprintfW
IsWindow
GetMenuItemID
LoadBitmapW
GetSystemMetrics
DestroyCaret
IntersectRect
DragObject
GetWindowLongA
RemoveMenu
EndTask
WindowFromPoint
CharToOemW
SystemParametersInfoA
GetMessageA
VkKeyScanW
IsCharUpperA
InvalidateRect
CheckDlgButton
CharUpperBuffW
CallWindowProcA
OpenDesktopW
AttachThreadInput
UnionRect
GetClassInfoW
EnableWindow
WaitForInputIdle
DestroyIcon
GetScrollRange
CharToOemBuffA
SetForegroundWindow
GetForegroundWindow
DrawStateA
RegisterClassExW
EnumWindows
GetDlgItem
MapWindowPoints
MonitorFromRect
UnloadKeyboardLayout
OpenInputDesktop
WaitMessage
LoadAcceleratorsW
SetMenuItemInfoW
SetRect
InSendMessage
ChangeMenuW
DialogBoxParamA
SetSysColors
CopyRect
IsRectEmpty
OemToCharBuffA
LoadMenuW
PtInRect
PostMessageW
GetKeyboardLayout
SetScrollInfo
InternalGetWindowText
RegisterClassA
LockWindowUpdate
DestroyAcceleratorTable
FindWindowExA
LoadStringW
GetWindowRect
SendMessageA
EndPaint
CheckMenuRadioItem
CreateIconIndirect
DefDlgProcW
CallWindowProcW
SetCursorPos
DrawMenuBar
GetWindowDC
LoadAcceleratorsA
IsWindowEnabled
GetMenuCheckMarkDimensions
GetMenuState
ReleaseDC
FindWindowExW
CharUpperW
GetClientRect
GetFocus
CloseDesktop
IsCharLowerA
SetPropW
AppendMenuW
GetMessageTime
DrawEdge
TranslateAcceleratorA
ScrollWindowEx
LookupIconIdFromDirectory
CreateWindowExA

msvcrt

iswalpha
wcstoul
clearerr
_controlfp
strstr
qsort
ftell
swscanf
__set_app_type
iswspace
fputc
wcscoll
__p__fmode
wcschr
__p__commode
vswprintf
fgetc
wcstod
strtoul
strncmp
time
puts
isupper
_amsg_exit
_initterm
strrchr
fgets
calloc
floor
wcsncpy
sscanf
atoi
_acmdln
printf
fread
rand
towlower
exit
_ismbblead
_XcptFilter
_exit
swprintf
memset
fclose
strcoll
_cexit
wcsrchr
__setusermatherr
__getmainargs
wcstombs
iswdigit
gets

kernel32

GetModuleFileNameA
GetCurrentDirectoryW
UnhandledExceptionFilter
SetCommMask
CreateMutexW
MoveFileExA
AddAtomA
GlobalGetAtomNameW
GetSystemDefaultUILanguage
CreateFileW
OpenFile
GetThreadContext
SetWaitableTimer
SizeofResource
ReadFile
GlobalAddAtomA
SetFileAttributesA
LoadLibraryExA
CreateFileA
GetFileAttributesExW
FileTimeToSystemTime
HeapSize
lstrcatW
GetCompressedFileSizeW
CreateWaitableTimerW
HeapAlloc
GetUserDefaultLCID
CloseHandle
GetComputerNameExW
lstrlenA
HeapValidate
GetStartupInfoA
SetPriorityClass
GlobalUnlock
FileTimeToLocalFileTime
GetModuleHandleA
GetStringTypeExW
FindNextFileA
GetCommandLineW
GetCommProperties
SetCommBreak
DeleteCriticalSection
SetThreadExecutionState
CancelWaitableTimer
ConnectNamedPipe
LocalLock
GetShortPathNameW
SetFileAttributesW
GetModuleFileNameW
LocalAlloc
WideCharToMultiByte
SetThreadPriority
SetCommTimeouts
GetLongPathNameW
MulDiv
GetTempFileNameA
GlobalGetAtomNameA
EnumResourceLanguagesA

Exports

Exports

?FreeArgumentW@@IJME@X
?CancelWindowExW@@IJ_NI@X
?OnModuleA@@IJMJM@X
?GenerateHeight@@IJXPAHKPAM@X

Sections

.text
Size: 121KB - Virtual size: 120KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.import
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.cfg1
Size: 512B - Virtual size: 44B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pcode
Size: 13KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.cfg2
Size: 512B - Virtual size: 44B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.cfg3
Size: 512B - Virtual size: 296B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 59KB - Virtual size: 58KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

3731b4e13d220b6efe826e87d063560a

Headers

File Characteristics

PDB Paths

Imports

comdlg32

gdi32

user32

msvcrt

kernel32

Exports

Exports

Sections

.text Size: 121KB - Virtual size: 120KB

.import Size: 1KB - Virtual size: 1KB

.rdata Size: 6KB - Virtual size: 6KB

.cfg1 Size: 512B - Virtual size: 44B

.pcode Size: 13KB - Virtual size: 12KB

.cfg2 Size: 512B - Virtual size: 44B

.cfg3 Size: 512B - Virtual size: 296B

.data Size: 2KB - Virtual size: 8KB

.rsrc Size: 59KB - Virtual size: 58KB

.reloc Size: 2KB - Virtual size: 1KB

.text
Size: 121KB - Virtual size: 120KB

.import
Size: 1KB - Virtual size: 1KB

.rdata
Size: 6KB - Virtual size: 6KB

.cfg1
Size: 512B - Virtual size: 44B

.pcode
Size: 13KB - Virtual size: 12KB

.cfg2
Size: 512B - Virtual size: 44B

.cfg3
Size: 512B - Virtual size: 296B

.data
Size: 2KB - Virtual size: 8KB

.rsrc
Size: 59KB - Virtual size: 58KB

.reloc
Size: 2KB - Virtual size: 1KB