003ae2ec3e72f1239a2750216f60827d_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

003ae2ec3e72f1239a2750216f60827d_JaffaCakes118
Size

118KB
MD5

003ae2ec3e72f1239a2750216f60827d
SHA1

fd8f5e0a1ed1d78b30b33e52d89661b6faeebc29
SHA256

84915dcff5d8cb78402952c4a1a13ef5638a6560f0152c14813ddc1190375898
SHA512

919b76f812a40d69f1b1d53c076769e1a97ca15a17c41684eada19ecd83bb5545d861f9eab75bf93594968f556ea6395290113c91f82e080c8f75d4690cfc32b
SSDEEP

3072:FvPE1bl81P9SCTLynFlX9kib2AWcSs8W8iAPsyU:NPE1biP9SCTenTNkfAvSsOiAPsy

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
003ae2ec3e72f1239a2750216f60827d_JaffaCakes118

Files

003ae2ec3e72f1239a2750216f60827d_JaffaCakes118
.exe windows:5 windows x86 arch:x86

88113183ef3f4bac4a92d14b9c8e08df

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

J:\AvwpyhautA\GymvlVNnaBwwv\qtOQSFuru\xGVnklgwbHcUAg\abdkGnnXVvAcX.pdb

Imports

user32

GetMenuItemInfoW
PostMessageW
SystemParametersInfoA
IsZoomed
IsIconic
DefWindowProcA
IsCharAlphaNumericW
FindWindowExW
CreateDialogParamW
OffsetRect
EnableWindow
IsDialogMessageW
GetMenu
DefDlgProcW
RemovePropW
MessageBoxW
DestroyMenu
CharLowerW
BeginDeferWindowPos
CreateWindowExW
CallWindowProcW
GetMessageA
GetWindowDC
GetWindow
IsCharUpperA
CharToOemA
DestroyWindow
OemToCharA
GetMenuItemCount
DestroyAcceleratorTable
CharPrevW
SendDlgItemMessageW
EnableScrollBar
GetSystemMenu
MessageBoxExW
GetMessageTime
LoadCursorA
OpenIcon
PostMessageA
ShowWindow
MapVirtualKeyExW
ScrollWindow
HideCaret
LookupIconIdFromDirectory
GetScrollInfo
TabbedTextOutW
ClientToScreen
SetMenuItemInfoW
IntersectRect
ReplyMessage
GetClientRect
SetDlgItemTextW
LoadMenuA
SetWindowPos
BeginPaint
IsChild
CharNextW
DrawIcon
wsprintfW
InvertRect
ChildWindowFromPointEx
GetKeyboardLayoutList
MapDialogRect
SetLastErrorEx
ChangeMenuW
IsWindowUnicode
SetWindowRgn
SetMenuItemBitmaps
DrawStateW
PostThreadMessageW
LoadMenuW
DrawStateA
GetClassLongW
SetWindowLongW
GetClassInfoExW
GetDlgCtrlID
RegisterWindowMessageW
GetMenuState
RegisterWindowMessageA
PostThreadMessageA
GetClassInfoW
RemoveMenu
LoadIconA
ArrangeIconicWindows
CharUpperBuffA

msvcrt

wcsncmp
_controlfp
putc
__set_app_type
realloc
__p__fmode
__p__commode
strcspn
_amsg_exit
_initterm
fputc
isspace
_acmdln
exit
calloc
wcspbrk
_ismbblead
_XcptFilter
getc
wcsstr
floor
wcscmp
malloc
vswprintf
wcslen
isxdigit
rand
wcscpy
sprintf
_exit
_cexit
setlocale
wcsncpy
__setusermatherr
swscanf
ftell
vsprintf
strlen
fseek
__getmainargs

gdi32

RoundRect
GetROP2
GetObjectW
GetTextExtentPoint32W
Escape
EndPage
SetBrushOrgEx
GetLayout
EndDoc
LPtoDP
SetPaletteEntries
MoveToEx
SetBkColor
GetTextExtentPointA
SelectClipRgn
EnumFontFamiliesW
TextOutW
TranslateCharsetInfo
CreateICW
CreatePen
GetPaletteEntries
GetObjectA
WidenPath
CreatePolygonRgn
CreateFontA
GetTextExtentPoint32A
GetTextMetricsW
SetDIBColorTable
CreateDIBitmap
GetViewportOrgEx
CreatePenIndirect
OffsetViewportOrgEx
SetDIBitsToDevice
CreatePatternBrush
LineDDA
FlattenPath
GetCurrentObject

kernel32

OpenFile
GetLocalTime
CreateWaitableTimerW
SearchPathW
TlsGetValue
SetHandleInformation
CreateSemaphoreW
CreateThread
GetThreadLocale
CreateEventA
GetVersion
SetNamedPipeHandleState
GetBinaryTypeA
CreateSemaphoreA
DeleteFileA
FindResourceExW
OpenSemaphoreW
FileTimeToDosDateTime
lstrlenW
OpenMutexW
SetPriorityClass
ClearCommBreak
CompareStringA
SetFileAttributesW
GetTempFileNameW
VirtualFree
LCMapStringA
ExitThread
MoveFileW
GetWindowsDirectoryW
UnmapViewOfFile
LoadLibraryW
GetFullPathNameW
FindNextFileA
GetModuleHandleW
GlobalFree
SizeofResource
SetupComm
DuplicateHandle
HeapUnlock
HeapValidate
MulDiv

shlwapi

PathAddExtensionA

comctl32

ImageList_Create
ImageList_GetIcon
ImageList_ReplaceIcon
ImageList_Remove
CreateStatusWindowW
CreatePropertySheetPageW

Exports

Exports

?ResolveLocaleJIUDFjfjdlkf@@YGKPA_WK@Z
?TlsGetJHDFjfkdj@@YGKPA_WK@Z

Sections

.text
Size: 90KB - Virtual size: 89KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.icode
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 7KB - Virtual size: 39KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 788B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

88113183ef3f4bac4a92d14b9c8e08df

Headers

File Characteristics

PDB Paths

Imports

user32

msvcrt

gdi32

kernel32

shlwapi

comctl32

Exports

Exports

Sections

.text Size: 90KB - Virtual size: 89KB

.icode Size: 13KB - Virtual size: 13KB

.data Size: 7KB - Virtual size: 39KB

.rdata Size: 5KB - Virtual size: 5KB

.rsrc Size: 512B - Virtual size: 16B

.reloc Size: 1024B - Virtual size: 788B

.text
Size: 90KB - Virtual size: 89KB

.icode
Size: 13KB - Virtual size: 13KB

.data
Size: 7KB - Virtual size: 39KB

.rdata
Size: 5KB - Virtual size: 5KB

.rsrc
Size: 512B - Virtual size: 16B

.reloc
Size: 1024B - Virtual size: 788B