ff988be30c04a57c8f55fc2cd0c56699_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

ff988be30c04a57c8f55fc2cd0c56699_JaffaCakes118
Size

70KB
MD5

ff988be30c04a57c8f55fc2cd0c56699
SHA1

bdf5ff3efa23cd9260a5945175f38ee6e076ddd7
SHA256

8664eaee12c436f8454ea47a047bbb794d837adf431f6e5519543b799427e882
SHA512

85d44c4e8985dd2c1ea2ea81fa1c63d6b5f5e445b13e90710a29fae080cc0d7eff3cabb9aedc48c495cf4081ee9818dc29668ea28f78c9f6b32b914636b14003
SSDEEP

1536:dWkSLNGFg4fOH4foNvI8dNFAcP522YU2MMDvJdCtzJ:RSLNGFzOYfMXtB2bbdds

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ff988be30c04a57c8f55fc2cd0c56699_JaffaCakes118

Files

ff988be30c04a57c8f55fc2cd0c56699_JaffaCakes118
.exe windows:5 windows x86 arch:x86

44a7be87cc790910e3496f38e4b31a4c

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

K:\reaClqyfPWbG\tuyherceu\qvnAubGc\queAwswnooul\smiUvKpx.pdb

Imports

comdlg32

CommDlgExtendedError
FindTextW
GetSaveFileNameW

shlwapi

StrNCatA

comctl32

ImageList_Destroy
InitCommonControlsEx
ImageList_ReplaceIcon
ImageList_Create

kernel32

SetFileApisToOEM
GetThreadPriority
SetHandleInformation
ClearCommError
VirtualFree
GetFullPathNameW
LocalAlloc
CloseHandle
FindCloseChangeNotification
FindResourceExA
RemoveDirectoryW
GetCurrentThread
GetFileInformationByHandle
FoldStringW
TerminateThread
lstrcmpiA
TryEnterCriticalSection
FindResourceA
OpenFileMappingW
GetThreadLocale

gdi32

GetLayout
GetTextColor
GetRgnBox
GetBkMode
GetSystemPaletteEntries
GetPixel
GetTextExtentPointA
CreateBitmap
ScaleWindowExtEx
GetNearestColor
RoundRect
GetViewportOrgEx
CreateEllipticRgnIndirect
DeleteObject
TranslateCharsetInfo
SetTextColor
SetTextAlign

msvcrt

wcscoll
puts
_controlfp
strerror
wcstoul
free
printf
__set_app_type
gets
iswprint
__p__fmode
__p__commode
strspn
_amsg_exit
_initterm
_acmdln
exit
_ismbblead
_XcptFilter
strstr
islower
_exit
_cexit
__setusermatherr
strpbrk
__getmainargs
tolower

user32

BringWindowToTop
LoadImageW
ShowOwnedPopups
DestroyCaret
DefWindowProcA
GetMenuState
BeginDeferWindowPos
DrawIcon
IsChild
CharLowerA
ScrollWindowEx
LoadMenuA
DrawIconEx
ArrangeIconicWindows
SetWindowLongA
GetScrollRange
CopyAcceleratorTableW
GetMessageW
AdjustWindowRect
MessageBoxExA
wsprintfW
GetKeyState
IsIconic
GetDoubleClickTime
DrawTextA
DrawTextExW
SendMessageW
GetClientRect
CheckDlgButton
CallWindowProcW
GetKeyboardLayout
OemToCharBuffA
RemovePropW
AppendMenuW
GetWindowDC
SetCursor
CharToOemW
GetWindowRect
GetMenu
EndPaint
CreateAcceleratorTableW
LoadStringA
CascadeWindows
PostThreadMessageA

Exports

Exports

?KillListExW@@YGPAFPAKI*Z
?CallStateEx@@YGPAIKDD*Z
?FreeAnchorW@@YGPAXPAIPAJH*Z
?IsValidPenA@@YGGPAHHJ*Z
?ValidateProcessOld@@YGPANG_N*Z
?LoadFileExW@@YGKEM*Z
?GetMediaTypeOld@@YGHDKK*Z
?DeleteNameExA@@YGEPAMI*Z
?EnumPenW@@YGPAXM*Z
?AnchorNew@@YGJPADFKPAF*Z
?LoadAnchorEx@@YGGE*Z
?GlobalFolderPath@@YGMKPAE*Z
?SendAppNameNew@@YGPAXPAI*Z
?CrtKeyNameOld@@YGGI*Z
?OnDialogExW@@YGI_NF*Z
?ModifyMemoryEx@@YGFPAN*Z
?SetFullNameW@@YGPAXGH*Z
?GenerateProcessExW@@YGJD*Z
?AddObjectOld@@YGF_NH*Z
?GetFunction@@YGPAXMHH*Z

Sections

.text
Size: 39KB - Virtual size: 38KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.itext
Size: 512B - Virtual size: 492B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idir
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.edir
Size: 1024B - Virtual size: 859B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.vdir
Size: 512B - Virtual size: 140B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 2KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdir
Size: 512B - Virtual size: 140B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.sdir
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tls
Size: 512B - Virtual size: 512B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

44a7be87cc790910e3496f38e4b31a4c

Headers

File Characteristics

PDB Paths

Imports

comdlg32

shlwapi

comctl32

kernel32

gdi32

msvcrt

user32

Exports

Exports

Sections

.text Size: 39KB - Virtual size: 38KB

.itext Size: 512B - Virtual size: 492B

.idir Size: 3KB - Virtual size: 2KB

.edir Size: 1024B - Virtual size: 859B

.vdir Size: 512B - Virtual size: 140B

.data Size: 2KB - Virtual size: 21KB

.pdir Size: 512B - Virtual size: 140B

.sdir Size: 13KB - Virtual size: 13KB

.tls Size: 512B - Virtual size: 512B

.rsrc Size: 7KB - Virtual size: 7KB

.reloc Size: 1KB - Virtual size: 1KB

.text
Size: 39KB - Virtual size: 38KB

.itext
Size: 512B - Virtual size: 492B

.idir
Size: 3KB - Virtual size: 2KB

.edir
Size: 1024B - Virtual size: 859B

.vdir
Size: 512B - Virtual size: 140B

.data
Size: 2KB - Virtual size: 21KB

.pdir
Size: 512B - Virtual size: 140B

.sdir
Size: 13KB - Virtual size: 13KB

.tls
Size: 512B - Virtual size: 512B

.rsrc
Size: 7KB - Virtual size: 7KB

.reloc
Size: 1KB - Virtual size: 1KB