ff1e2e868513ff08d41f4a8d783f9903_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

ff1e2e868513ff08d41f4a8d783f9903_JaffaCakes118
Size

218KB
MD5

ff1e2e868513ff08d41f4a8d783f9903
SHA1

4f81a7834e62648313413aeb0fd021c07a381502
SHA256

4f0c148e8ebd99f31f604dab3f125e0edd125a881d562889797ad13a0d0ea0fd
SHA512

038117da4096c141b6f326118cf5bfbeb7663c5eb62842e07a1519055f163424734d8f21829e9e987888ed2e7c9ce5bcec7f3091ea0c11bd7cc243a0b8c44686
SSDEEP

3072:XPei+01mg78fJHmYx2OblNFKMTGyRQxu5fvTOmji9Ma5JwvqSp748TwG80fSv:/eiZ78fJHTZiMxRQQ5K0TasnXwRf

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ff1e2e868513ff08d41f4a8d783f9903_JaffaCakes118

Files

ff1e2e868513ff08d41f4a8d783f9903_JaffaCakes118
.exe windows:5 windows x86 arch:x86

be04f168fc174838ec95374d921c52d9

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

P:\dbpvyejfyUywv\MgsENwjism\pnotzhwaul\mhrTdebkGlyk\DmJWujhc.pdb

Imports

gdi32

SetStretchBltMode
TranslateCharsetInfo
SetBitmapDimensionEx
GetTextExtentExPointW
Rectangle
CreatePenIndirect
UnrealizeObject
GetROP2
CreateHalftonePalette
GetSystemPaletteEntries
Escape
ExtFloodFill
SetViewportOrgEx
GetTextMetricsA
EndDoc
DeleteObject
ResizePalette
GetPixel
SelectPalette
GetTextCharsetInfo
GetObjectW
ExtTextOutA
CreateFontIndirectW
OffsetViewportOrgEx
CreateDCW
RectVisible
GetBkMode
GetTextExtentPointW
EnumFontFamiliesExW
SelectObject
CreateRectRgn
CreateCompatibleBitmap
CreateHatchBrush
GetDIBits
SetRectRgn
CreateDIBSection
GetFontData
SetPixel
GetObjectA
CreateBitmap
RectInRegion
SetLayout
CreateFontIndirectA
GetCurrentObject
GetNearestColor
GetTextExtentPointA

msvcrt

wcscpy
strpbrk
_controlfp
__set_app_type
__p__fmode
perror
__p__commode
strchr
mbstowcs
_amsg_exit
strstr
wcscat
atoi
floor
wcslen
_initterm
towupper
strtol
wcscmp
_acmdln
exit
wcstok
_ismbblead
strcpy
_XcptFilter
sscanf
_exit
strcoll
isupper
mbtowc
_cexit
gmtime
remove
bsearch
atol
fgetc
mktime
wcsrchr
wcstol
swscanf
__setusermatherr
qsort
strtok
iswdigit
__getmainargs
iswxdigit

kernel32

SetThreadExecutionState
VirtualFree
GetVersionExW
EscapeCommFunction
VirtualAlloc
CopyFileA
GlobalAlloc
IsBadStringPtrW
lstrcmpiW
MapViewOfFile
GetDateFormatW
FlushViewOfFile
GetSystemDirectoryW
InitializeCriticalSection
AddAtomA
GetSystemDirectoryA
MulDiv
OpenEventW
GetCurrentProcessId
LCMapStringA
UnmapViewOfFile
OpenEventA
GetBinaryTypeW
SetHandleInformation
GlobalReAlloc
GetFileInformationByHandle
GetCPInfo
VerifyVersionInfoW
RegisterWaitForSingleObject
CreateEventW
RemoveDirectoryA
GlobalAddAtomW
ResetEvent
GetLastError
WaitForMultipleObjects
SetTimerQueueTimer
GlobalAddAtomA
GetCurrentProcess
OpenFileMappingW
SetCommMask
WriteConsoleInputA
DeleteFileA
HeapValidate
LoadLibraryExW
GetNumberFormatA
GetAtomNameA
GetCommConfig
GetExitCodeThread
CloseHandle
GetCurrentDirectoryW
SetErrorMode
TransactNamedPipe
FreeLibrary
GetThreadPriority

user32

CreateDialogIndirectParamW
LoadAcceleratorsW
SetTimer
ArrangeIconicWindows
UpdateWindow
UnionRect
SetParent
SystemParametersInfoW
GetSysColorBrush
SetMenuItemInfoW
DialogBoxParamW
GetMenuStringW
RegisterWindowMessageA
SetFocus
AppendMenuA
SetWindowPos
ChildWindowFromPointEx
GetClassInfoExA
IsIconic
ChangeMenuW
BeginDeferWindowPos
DrawEdge
LoadIconA
MessageBoxExW
EnumThreadWindows
CharLowerBuffW
CopyAcceleratorTableW
TranslateMessage
LoadImageA
FindWindowW
GetKeyState
CharPrevA
GetDlgCtrlID
CheckRadioButton
TranslateAcceleratorA
GetMenuItemRect
ClipCursor
SetDlgItemTextA
InsertMenuItemW
SetActiveWindow
DrawAnimatedRects
CreateCursor
RegisterClassA
SetDlgItemInt
RegisterClassExW
CopyImage
GetPropW
ShowWindow
FindWindowA
LoadImageW
wvsprintfW
CreateDialogParamA
LoadMenuW
TrackPopupMenu
GetParent
GetUpdateRect
SetLastErrorEx
PostMessageW
DialogBoxIndirectParamW
EndPaint
SendInput
GetIconInfo
DrawIcon
GetKeyboardLayoutList
MapDialogRect
GetClassInfoExW
GetClassLongA
EnableScrollBar
CreatePopupMenu
DispatchMessageW
MoveWindow
InSendMessage
EndDialog
AdjustWindowRectEx
GetMonitorInfoW
GetTopWindow
BeginPaint
KillTimer
GetLastActivePopup
SwitchToThisWindow
CharNextA
MonitorFromPoint
GetMenuItemInfoW
MessageBoxA
GetNextDlgGroupItem
InvertRect
DrawTextExW
LookupIconIdFromDirectory
DestroyCursor
IsWindow
GetKeyboardLayoutNameW
InSendMessageEx
DialogBoxParamA
IsRectEmpty
ReplyMessage
DialogBoxIndirectParamA
BringWindowToTop
CharUpperW
RemovePropW
ClientToScreen
InvalidateRect
GetActiveWindow
EnumWindows
EnableWindow
ShowWindowAsync
DrawTextW
DestroyWindow
SetRect
OffsetRect
ShowOwnedPopups

Exports

Exports

?DecrementDateOld@@YGPAIFPAD~U
?AddSemaphoreExW@@YGEPAMF~U
?CopyStringEx@@YGPAGH~U
?InvalidateKeyboardOriginal@@YGPAXMM~U
?FormatMonitorOriginal@@YGXPAINPANPAM~U
?SendValueEx@@YGPAKPAEPAM~U
?RtlSectionEx@@YGPAGF~U
?PutDeviceA@@YGPAHF~U
?IncrementHeightOriginal@@YGPAKI_N~U
?LoadFilePathExA@@YGNPANE~U
?SetFilePathEx@@YGEIPAN~U
?CancelDialogOld@@YGGPAMKPAH~U
?RtlMonitorA@@YGXPAIPAMGPAH~U
?IsNotHeightExW@@YGXFDD~U
?GetClassEx@@YGPA_NPAN~U
?PointerOld@@YGXGM~U
?OnState@@YGPAFH~U
?AddDialogOriginal@@YGKMPAM~U
?AddValueW@@YGKD_NF~U
?GetWindowInfoW@@YGXE~U
?ModifyPenA@@YGPAHPADDDPAD~U
?InsertMutantNew@@YGPAKMK~U
?EventEx@@YGFI~U
?FreeAppNameExA@@YGMJI_N~U
?CloseDateOriginal@@YGXPAEE~U
?FreeWindowA@@YGXIK~U
?RtlList@@YGIE~U
?IsNotExpressionExW@@YGPAKFN~U
?DeleteTimerOriginal@@YGPAKPAKJKH~U
?ShowMutantA@@YGXPAEPAFPAKD~U
?ModifyStateW@@YGPAMI~U
?PutTextExW@@YGPAXG~U
?SetWindowInfo@@YGPAEPAEGE~U

Sections

.text
Size: 193KB - Virtual size: 192KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tbl_i
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tbl_e
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bitdat2
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bitdat0
Size: 512B - Virtual size: 32B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bitdat1
Size: 512B - Virtual size: 44B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.vptr4
Size: 512B - Virtual size: 32B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 1024B - Virtual size: 902B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

be04f168fc174838ec95374d921c52d9

Headers

File Characteristics

PDB Paths

Imports

gdi32

msvcrt

kernel32

user32

Exports

Exports

Sections

.text Size: 193KB - Virtual size: 192KB

.tbl_i Size: 1KB - Virtual size: 1KB

.tbl_e Size: 1KB - Virtual size: 1KB

.bitdat2 Size: 5KB - Virtual size: 5KB

.bitdat0 Size: 512B - Virtual size: 32B

.bitdat1 Size: 512B - Virtual size: 44B

.vptr4 Size: 512B - Virtual size: 32B

.data Size: 13KB - Virtual size: 13KB

.rdata Size: 1024B - Virtual size: 902B

.rsrc Size: 512B - Virtual size: 16B

.reloc Size: 2KB - Virtual size: 2KB

.text
Size: 193KB - Virtual size: 192KB

.tbl_i
Size: 1KB - Virtual size: 1KB

.tbl_e
Size: 1KB - Virtual size: 1KB

.bitdat2
Size: 5KB - Virtual size: 5KB

.bitdat0
Size: 512B - Virtual size: 32B

.bitdat1
Size: 512B - Virtual size: 44B

.vptr4
Size: 512B - Virtual size: 32B

.data
Size: 13KB - Virtual size: 13KB

.rdata
Size: 1024B - Virtual size: 902B

.rsrc
Size: 512B - Virtual size: 16B

.reloc
Size: 2KB - Virtual size: 2KB