fe420ef312e5ac8a3d3a03efa1e8d5c7_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

fe420ef312e5ac8a3d3a03efa1e8d5c7_JaffaCakes118
Size

177KB
MD5

fe420ef312e5ac8a3d3a03efa1e8d5c7
SHA1

ca2e02421ff03e546edc66969ee9a65cc9511035
SHA256

fe32c1a176819e02aa3d9e9507372b6c79bdf01a3b4bcba16b39cbc6c44ae440
SHA512

065440f9ef64d36b9cb69bbe39868c3f020128be859fb6fa385bdecac16a18f6bfdf02fca29aea0ad28fc86dfc17d114fb2bc71f31d85a47aa0ffd71eac02445
SSDEEP

3072:19WgtEfgtUMVPXr5V+i01MyLetMwymrofHKxkAhJ73zJ8yw8z+HeZnD:pEypK2OetMBqyIBzbr5ZnD

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
fe420ef312e5ac8a3d3a03efa1e8d5c7_JaffaCakes118

Files

fe420ef312e5ac8a3d3a03efa1e8d5c7_JaffaCakes118
.exe windows:5 windows x86 arch:x86

76f5c2024ca3cbd4ee3a867588d047e7

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

L:\Pqwnorx\bisJwkCwxp\rbYspGkWFicjc.pdb

Imports

user32

DrawEdge
DrawFrameControl
DrawMenuBar
GetMenuStringA
CascadeWindows
InvalidateRgn
FillRect
SetWindowLongA
SetScrollPos
GetTopWindow
ArrangeIconicWindows
MonitorFromRect
IsZoomed
LoadAcceleratorsA
DrawFocusRect
InSendMessage
TileWindows
DestroyCursor
CheckMenuItem
GetClassInfoW
GetClassInfoExA
GetClientRect
HiliteMenuItem
IsDialogMessageW
GetMenuCheckMarkDimensions
IntersectRect
UnionRect
RegisterWindowMessageA
SetWindowPlacement
GetMessagePos
LoadMenuW
ChangeMenuW
SystemParametersInfoW
RemoveMenu
WaitForInputIdle
MapVirtualKeyExW
DrawIconEx
CharNextExA
SendMessageA
GetNextDlgTabItem
GetSystemMenu
GetSysColor
LoadStringA
GetMessageA
CharUpperBuffW
ChildWindowFromPointEx
VkKeyScanA
CallWindowProcA
GetMenuItemCount
GetMenuState
RegisterClassA
DrawTextW
GetMonitorInfoW
RegisterClassExW
IsWindowUnicode
CharUpperBuffA
IsCharAlphaA
ScrollWindowEx
IsCharLowerA
ModifyMenuW
DialogBoxParamW
MapVirtualKeyW
SetMenuItemInfoW
MonitorFromPoint
FindWindowW
PostThreadMessageA
DestroyIcon
mouse_event
CreateIconIndirect
wvsprintfW
GetMenuItemRect
SetClassLongW
LockWindowUpdate
LoadBitmapW
SendMessageTimeoutW
wsprintfA
FindWindowA
MapDialogRect
WaitMessage
SetWindowPos
ClipCursor
SetMenuItemBitmaps
FindWindowExW
CreateCursor
GetWindowTextA
SetDlgItemTextA
CharPrevA
OpenInputDesktop
InflateRect
CheckRadioButton
MoveWindow
SetPropW
CreateDialogIndirectParamW
DefDlgProcA
CharUpperW
LoadStringW
InvalidateRect
SendDlgItemMessageA
GetForegroundWindow
EqualRect
LoadAcceleratorsW
TabbedTextOutW
TrackPopupMenuEx
LoadImageW
MessageBoxExA
GetWindowLongW
GetMessageW
RegisterWindowMessageW
GetWindowLongA
GetClassInfoExW
SetWindowRgn
SetUserObjectInformationW
GetUpdateRgn
GetClipCursor
PostMessageW
GetDC
LoadBitmapA
CreateMenu
GetWindow
InsertMenuW
DefFrameProcA
InsertMenuA
DispatchMessageA
ShowOwnedPopups

msvcrt

mbstowcs
strcoll
_controlfp
wcscspn
atoi
__set_app_type
setvbuf
srand
isdigit
wcschr
wcstombs
strncmp
strrchr
puts
strtol
gets
__p__fmode
clock
__p__commode
fgets
atol
_amsg_exit
putchar
swprintf
strncpy
isupper
_initterm
_ismbblead
_XcptFilter
isxdigit
towupper
malloc
_exit
_cexit
__setusermatherr
gmtime
vsprintf
ftell
system
vswprintf
wcscpy
__getmainargs
strcspn
bsearch
fputs
isalpha
strstr

kernel32

GetModuleFileNameA
IsBadWritePtr
LoadLibraryW
GetAtomNameW
lstrcpyA
GetCommProperties
GetCommandLineA
SetEndOfFile
CreateEventW
GetCommandLineW
FileTimeToDosDateTime
ReadFile
LockResource
DeleteAtom
FindResourceW
GetStartupInfoA
lstrlenA
GetModuleHandleA
OpenFileMappingW
SearchPathW
DuplicateHandle
FlushViewOfFile
VerSetConditionMask
SetThreadPriority
FreeLibrary
MulDiv
DeviceIoControl
CompareStringA
FormatMessageW
SetupComm
CreateRemoteThread
EnumResourceTypesA
GetCurrentDirectoryW
GlobalReAlloc
HeapUnlock
TransactNamedPipe
FindNextFileW
FindResourceA
lstrcpynA
RaiseException
QueryPerformanceCounter
SetCommTimeouts
GetStringTypeExW
AddAtomW
GetUserDefaultLangID
CreateFileW
GetTimeZoneInformation
GetTempPathA
VerifyVersionInfoW
GetOverlappedResult
GlobalSize
SetCommBreak
IsDBCSLeadByte
GetCommTimeouts
LockFile
OpenFileMappingA
ResumeThread

Exports

Exports

?RegenerateMainValues@@YGKPBDDPAX:O

Sections

.text
Size: 22KB - Virtual size: 22KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.emnar
Size: 512B - Virtual size: 126B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.fire
Size: 1KB - Virtual size: 184KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.imper
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.wchar
Size: 512B - Virtual size: 325B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.wdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 141KB - Virtual size: 141KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

76f5c2024ca3cbd4ee3a867588d047e7

Headers

File Characteristics

PDB Paths

Imports

user32

msvcrt

kernel32

Exports

Exports

Sections

.text Size: 22KB - Virtual size: 22KB

.emnar Size: 512B - Virtual size: 126B

.fire Size: 1KB - Virtual size: 184KB

.data Size: 2KB - Virtual size: 1KB

.imper Size: 6KB - Virtual size: 5KB

.wchar Size: 512B - Virtual size: 325B

.wdata Size: 1KB - Virtual size: 1KB

.rsrc Size: 141KB - Virtual size: 141KB

.text
Size: 22KB - Virtual size: 22KB

.emnar
Size: 512B - Virtual size: 126B

.fire
Size: 1KB - Virtual size: 184KB

.data
Size: 2KB - Virtual size: 1KB

.imper
Size: 6KB - Virtual size: 5KB

.wchar
Size: 512B - Virtual size: 325B

.wdata
Size: 1KB - Virtual size: 1KB

.rsrc
Size: 141KB - Virtual size: 141KB