ff8d0d75ea2456053b2341840c053678_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

ff8d0d75ea2456053b2341840c053678_JaffaCakes118
Size

147KB
MD5

ff8d0d75ea2456053b2341840c053678
SHA1

d5e291ae8c7d7817a7fba1d71f08fb57df73eebe
SHA256

326e51414a295921f1a43a5dc15d7acc69b92a72e48b368210d5436cd769e8ee
SHA512

a5bebb71d5b812034e3c1bbdd53e37c41b9dbc1fe73c14725a951ec5259dc843caa29e75049902d7ced97c703270c2ed51809fe9c6b8160490b783c0d225073b
SSDEEP

3072:Aj0pguFqpYwQ0r8qTntA67gTFFfzyXF1zi4zogfDlDwPrbJrrkPBD0d:AQpCY+r8qT267gZZuVBzzo0CprIPl0

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ff8d0d75ea2456053b2341840c053678_JaffaCakes118

Files

ff8d0d75ea2456053b2341840c053678_JaffaCakes118
.exe windows:5 windows x86 arch:x86

da467c7e01ab7659f5b62f8d4e39f8b5

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

S:\wgKiAqSRghzet\CqffPhvtrishd\hbZrrisv\oegNSdsoswz.pdb

Imports

comdlg32

ChooseColorW
GetSaveFileNameW
ReplaceTextW
PageSetupDlgW
GetSaveFileNameA

comctl32

PropertySheetW
DestroyPropertySheetPage
CreatePropertySheetPageW
CreateStatusWindowW
ImageList_LoadImageW
CreatePropertySheetPageA

msvcrt

putchar
malloc
_controlfp
strcpy
ftell
strstr
wcscpy
setlocale
__set_app_type
strncpy
iswdigit
strspn
clock
memset
__p__fmode
__p__commode
_amsg_exit
isprint
isspace
gets
wcsrchr
free
sscanf
ungetc
strtoul
_initterm
wcscmp
_ismbblead
fflush
isupper
_XcptFilter
strchr
_exit
strerror
iswspace
strpbrk
_cexit
exit
swscanf
__setusermatherr
fprintf
strcspn
qsort
towlower
perror
__getmainargs
fclose
vsprintf

user32

CreateWindowExA
CreateAcceleratorTableW
MessageBoxExA
GetWindow
DeleteMenu
GetUserObjectInformationA
ShowOwnedPopups
CreateDialogIndirectParamW
GetMessageA
SetWindowLongA
UpdateWindow
RegisterClassW
IsDialogMessageA
DialogBoxParamW
CheckRadioButton
GetLastActivePopup
HideCaret
GetSysColor
DefFrameProcA
IsDialogMessageW
GetMessageExtraInfo
CreateWindowExW
MessageBoxA
SetCursorPos
DefWindowProcA
CharLowerW
GetNextDlgGroupItem
GetMenuCheckMarkDimensions
GetSysColorBrush
GetKeyboardLayoutList
InSendMessageEx
IsZoomed
LoadBitmapW
DrawTextW
OpenIcon
GetDlgItemTextA
BringWindowToTop
FrameRect
InvalidateRect
DestroyMenu
EndDialog
DestroyWindow
GetMonitorInfoW
ScrollWindow
IsIconic
MessageBoxW
GetWindowLongA
SetUserObjectInformationW
DestroyIcon
IsCharAlphaA
LoadMenuA
IntersectRect
CharLowerBuffW
IsMenu
ShowCaret
SetDlgItemInt
SwitchToThisWindow
keybd_event
InternalGetWindowText
ScrollWindowEx
CallWindowProcA
TranslateMessage
DialogBoxIndirectParamW
InvalidateRgn
SetPropW
CreateIconIndirect
GetWindowDC
CheckDlgButton
ChangeMenuW
GetKeyNameTextW
SetWindowPos
ActivateKeyboardLayout
EnumWindows
MessageBoxExW
DefDlgProcW
InSendMessage
LoadImageW
SystemParametersInfoA
SetRect
CreateCaret
GetMenuStringA
LoadStringW
SendMessageW
DrawAnimatedRects
GetCaretPos
OffsetRect
SendDlgItemMessageA
IsWindow
IsWindowVisible
CharToOemBuffA
SetFocus
GetKeyboardLayoutNameW
GetScrollInfo
MapDialogRect
ChildWindowFromPointEx
BeginDeferWindowPos
LoadIconW
GetMessagePos
RegisterWindowMessageW
FillRect
FindWindowW
DialogBoxIndirectParamA
GetClassInfoA
SendMessageA
FindWindowExW
RegisterWindowMessageA
FindWindowA
IsRectEmpty
CreateDialogParamW
LoadAcceleratorsA
SendMessageTimeoutA
PostThreadMessageW
MapVirtualKeyExW
GetDC
CharNextA
ShowCursor
EnumChildWindows
GetUpdateRect
PostThreadMessageA

shlwapi

PathIsUNCW

kernel32

HeapReAlloc
TerminateThread
FindClose
GlobalUnlock
SetFilePointer
GlobalGetAtomNameW
GetModuleHandleA
GetTempPathA
SystemTimeToFileTime
FindResourceW
GlobalReAlloc
CancelWaitableTimer
GetLongPathNameW
CreatePipe
FileTimeToDosDateTime
GlobalMemoryStatusEx
GetStartupInfoW
GlobalFindAtomW
ReadFile
GetCommandLineW
LockFile
lstrcpyW
VerifyVersionInfoW
OpenEventA
MulDiv
GetFileAttributesW
GetCommandLineA
CreateRemoteThread
TransactNamedPipe
EnumResourceLanguagesA
lstrcmpA
SuspendThread
GetModuleFileNameA
SetupComm
GetComputerNameExA
LocalAlloc
SearchPathA
TlsSetValue
SetLastError
GetCurrentDirectoryW
CopyFileW
UnmapViewOfFile
SetCommBreak
GetVersionExA
DeleteAtom
CreateMailslotW
WaitForSingleObject
LocalLock
EnumResourceNamesW
ClearCommError
CreateEventA
RemoveDirectoryA

Exports

Exports

?CalculateStringCapacity@@YGKDDPAX:O

Sections

.text
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.dati
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.date
Size: 512B - Virtual size: 99B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.char
Size: 1024B - Virtual size: 727B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.odata
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.align
Size: - Virtual size: 123KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 111KB - Virtual size: 110KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

da467c7e01ab7659f5b62f8d4e39f8b5

Headers

File Characteristics

PDB Paths

Imports

comdlg32

comctl32

msvcrt

user32

shlwapi

kernel32

Exports

Exports

Sections

.text Size: 9KB - Virtual size: 8KB

.dati Size: 6KB - Virtual size: 5KB

.date Size: 512B - Virtual size: 99B

.char Size: 1024B - Virtual size: 727B

.odata Size: 13KB - Virtual size: 13KB

.data Size: 3KB - Virtual size: 2KB

.align Size: - Virtual size: 123KB

.rsrc Size: 111KB - Virtual size: 110KB

.reloc Size: 2KB - Virtual size: 1KB

.text
Size: 9KB - Virtual size: 8KB

.dati
Size: 6KB - Virtual size: 5KB

.date
Size: 512B - Virtual size: 99B

.char
Size: 1024B - Virtual size: 727B

.odata
Size: 13KB - Virtual size: 13KB

.data
Size: 3KB - Virtual size: 2KB

.align
Size: - Virtual size: 123KB

.rsrc
Size: 111KB - Virtual size: 110KB

.reloc
Size: 2KB - Virtual size: 1KB