fcf8d98449e1c8da01bc7481367b1e0b_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

fcf8d98449e1c8da01bc7481367b1e0b_JaffaCakes118
Size

218KB
MD5

fcf8d98449e1c8da01bc7481367b1e0b
SHA1

700a7e303dc1c44420255f7aba1c5ded2d6a8d68
SHA256

2965316448584fc1daf50ca22fe6bd4d06bed91f739a970861c71b824638b8a9
SHA512

8069b5cc895944f5df06fd155cbd19bbc31ff56bece7ea342b197ea316bd5ad790b9382b90732f145c8b9d6e8cf66469257adb0fb9d441779c34b06219f4d88a
SSDEEP

3072:3BXd3Or1apPiFLUrAhhYAZYKeymchYiozS+Y1JSjTU/3GaX8eMJQc5RWXgsl+8B3:3hKEq5UrAhhZauh1+4JSs/3zGRet/Br

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
fcf8d98449e1c8da01bc7481367b1e0b_JaffaCakes118

Files

fcf8d98449e1c8da01bc7481367b1e0b_JaffaCakes118
.exe windows:5 windows x86 arch:x86

97594c9f7d4baab0177883fd394238ad

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

H:\ObEAsgpH\ndHwakv\rfvRwqWitpyQgp.pdb

Imports

user32

GetClassInfoW
GetScrollPos
HideCaret
DrawMenuBar
LoadCursorW
wsprintfW
ShowWindowAsync
MonitorFromPoint
LoadMenuW
CharPrevW
LockWindowUpdate
EqualRect
CharUpperA
RegisterClassA
MapWindowPoints
GetMessageTime
SetUserObjectInformationW
LookupIconIdFromDirectory
TileWindows
GetKeyboardType
GetTopWindow
SetWindowTextW
GetMenuItemCount
DrawIconEx
ShowWindow
DrawFrameControl
WindowFromPoint
GetDesktopWindow
MessageBoxExW
SetMenu
GetLastActivePopup
CreateWindowExA
GetPropW
BringWindowToTop
SetMenuItemBitmaps
ReleaseDC
SetFocus
DialogBoxParamA
GetWindowLongA
CallWindowProcA
SetScrollPos
LoadStringW
CharToOemW
MessageBoxW
UpdateWindow
LoadAcceleratorsA
DrawEdge
OemToCharA
LoadIconA
CheckRadioButton
DestroyAcceleratorTable
SendDlgItemMessageW
ReplyMessage
TranslateMessage
GetKeyboardLayoutList
CharUpperBuffA
ShowScrollBar
GetDlgItemTextA
GetClassInfoExW
TranslateAcceleratorW
GetMessageExtraInfo
GetNextDlgTabItem
DefFrameProcA
IsChild
InvalidateRect
CharNextExA
GetWindowTextLengthW
CreateMenu
SendDlgItemMessageA
SetRectEmpty
SendMessageW
AppendMenuA
CreateDialogParamW
GetClassLongA
GetUpdateRgn
GetMenuItemInfoW
DialogBoxIndirectParamW
PeekMessageA
GetKeyboardLayoutNameW
CascadeWindows
UnionRect
GetShellWindow
InSendMessageEx
GetCaretPos
EnableScrollBar
CreateIconIndirect
TrackPopupMenuEx
GetCursorPos
FindWindowA
RegisterWindowMessageA
LoadImageA
SetCursor
GrayStringW
CharLowerW
WaitForInputIdle
GetMonitorInfoW
GetDialogBaseUnits
ClipCursor
LoadBitmapA
GetMenuState
ChangeMenuW
CharPrevA
FindWindowExW
SetDlgItemTextA
TrackPopupMenu
InflateRect
RegisterClassExW
GetForegroundWindow
RegisterClassExA
DrawStateW
GetUserObjectInformationW
CreateAcceleratorTableW

comdlg32

ChooseColorW
ReplaceTextW
PrintDlgW
GetSaveFileNameA

msvcrt

strncpy
_controlfp
wcstol
fread
sscanf
isalnum
strtol
vsprintf
__set_app_type
wcstombs
swscanf
strcspn
__p__fmode
strncmp
srand
__p__commode
_amsg_exit
gets
isprint
wcsncmp
getenv
strstr
_initterm
iswspace
realloc
_acmdln
localtime
ftell
toupper
fputs
exit
wcstok
_ismbblead
_XcptFilter
printf
_exit
_cexit
wcsrchr
strpbrk
wcscat
__setusermatherr
calloc
__getmainargs
tolower
putchar
clock

gdi32

GetTextAlign
RectVisible
GetRgnBox
SetRectRgn
OffsetViewportOrgEx
GetCurrentObject
GetTextExtentPointA
PtInRegion
GetDIBColorTable
ExcludeClipRect
CreateFontIndirectA
DeleteObject
IntersectClipRect
GetClipBox
UnrealizeObject
GetNearestPaletteIndex
SetDIBColorTable
GetObjectA
CreateFontW
CombineRgn
SetROP2
GetBitmapBits
RectInRegion
SetBkColor
BeginPath
GetTextExtentPointW
BitBlt
GetCharWidth32W
DPtoLP
CreateFontIndirectW
StretchDIBits
SetDIBitsToDevice
GetDIBits
Ellipse
RoundRect
GetTextColor
GetTextExtentPoint32A
GetNearestColor
RemoveFontResourceW
GetViewportOrgEx
CreateHalftonePalette
PathToRegion
SelectObject
SetMapMode
SetTextAlign
SetViewportExtEx
AddFontResourceW

kernel32

GetThreadPriority
SizeofResource
GlobalGetAtomNameA
WaitForMultipleObjectsEx
HeapValidate
SearchPathA
SetCommMask
lstrcatA
LocalUnlock
DeleteCriticalSection
SetCurrentDirectoryA
GetTempPathW
SetMailslotInfo
GetBinaryTypeW
DeleteFileW
GetCurrentDirectoryW
RemoveDirectoryA
CreateFileW
EnterCriticalSection
SetThreadAffinityMask
GetComputerNameA
CreateThread
GetWindowsDirectoryW
SetEvent
CreateFileMappingA
ReadConsoleInputA
SetHandleCount
FindResourceA
GetCommState
GetCurrentProcessId
AreFileApisANSI
CreateWaitableTimerA
CloseHandle
FoldStringW
TlsSetValue
IsDBCSLeadByteEx
HeapLock
lstrlenA
IsBadReadPtr
GetShortPathNameW
OpenFileMappingA
TryEnterCriticalSection
WaitCommEvent
lstrcatW
GlobalFree
WaitForSingleObject
CreateMutexW
SetThreadPriority
GetBinaryTypeA
GetComputerNameW
GlobalMemoryStatus
LocalSize

Exports

Exports

?FindConfigOriginal@@YGPAXPAGPAGGPAF&U
?FreeExpressionExW@@YGKEKPAH&U
?IsNotPointEx@@YGXFJF&U
?RtlProviderNew@@YGNHHH&U
?SendSystemW@@YGPA_NM&U
?DateTimeExA@@YGXKHEI&U
?AddTimerExA@@YGPAF_NPAD&U
?CancelDataA@@YGIDFPAFE&U
?OnScreenW@@YGDFN&U
?FormatTaskExW@@YGMIJPAH&U
?FreeDateW@@YGPAEPAK&U
?ShowFullNameOld@@YGMEPAE&U
?SendTimerExW@@YGFDFF&U
?CallMediaType@@YGHIPAEJPAK&U
?FreeClassOriginal@@YGPAXPAFI&U
?EnumFunction@@YGXHPAKPAGJ&U
?FormatCommandLineExW@@YGGGEHK&U
?SetMemoryEx@@YGFPA_N&U
?CloseTaskExW@@YGPAIKPAEH&U
?GetDeviceNew@@YGXKJ&U
?RtlDeviceOld@@YGID&U
?ShowFileNew@@YGHPADHDG&U
?GetKeyNameExA@@YGXJHN&U
?GetFileExW@@YGMKNPAM&U
?InsertStringEx@@YGPAIJPAGPAKD&U
?PutCharOld@@YGFN&U
?RemoveKeyNameExA@@YGHIE&U
?IncrementProjectW@@YGPAGFPAJFK&U
?Process@@YGPAJD&U
?EnumKeyNameNew@@YGXGGEH&U
?FormatProcessExW@@YGPAMDPAHPAEPAM&U
?SendDateW@@YGXDFI&U
?RtlFilePath@@YGFPAMM&U
?AddWidthOld@@YGPAKID&U
?ValidateSizeOld@@YGDDPAJDPAI&U
?OnArgumentExA@@YGHMGM&U
?AddKeyboardOriginal@@YGKE_NEPAJ&U
?SetAnchorExA@@YGXIM&U
?IsNotComponentOld@@YGPAXFPAHHM&U

Sections

.text
Size: 75KB - Virtual size: 74KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.imdat
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.edata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.vars3
Size: 512B - Virtual size: 32B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 6KB - Virtual size: 67KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 116KB - Virtual size: 116KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

97594c9f7d4baab0177883fd394238ad

Headers

File Characteristics

PDB Paths

Imports

user32

comdlg32

msvcrt

gdi32

kernel32

Exports

Exports

Sections

.text Size: 75KB - Virtual size: 74KB

.imdat Size: 1KB - Virtual size: 1KB

.edata Size: 1KB - Virtual size: 1KB

.vars3 Size: 512B - Virtual size: 32B

.data Size: 13KB - Virtual size: 13KB

.rdata Size: 6KB - Virtual size: 67KB

.rsrc Size: 116KB - Virtual size: 116KB

.reloc Size: 2KB - Virtual size: 1KB

.text
Size: 75KB - Virtual size: 74KB

.imdat
Size: 1KB - Virtual size: 1KB

.edata
Size: 1KB - Virtual size: 1KB

.vars3
Size: 512B - Virtual size: 32B

.data
Size: 13KB - Virtual size: 13KB

.rdata
Size: 6KB - Virtual size: 67KB

.rsrc
Size: 116KB - Virtual size: 116KB

.reloc
Size: 2KB - Virtual size: 1KB