2943b9e2ff0bd2a0d30b327681380b8e_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

2943b9e2ff0bd2a0d30b327681380b8e_JaffaCakes118
Size

184KB
MD5

2943b9e2ff0bd2a0d30b327681380b8e
SHA1

c0ee0148f109a92df59b1791906b4b6a09c344d2
SHA256

75adf49bbc1db24567241bc824882c86083f89b6efb7d0ea634165734e4e9d76
SHA512

be5b9d45c22642115fb2732731562c4e49952495bbbaf9253e6c81940c7fdd67e7e36240c730e969e206ab0bcde2ffc0fea7eefb83f4e13f6abbd6f39784b8c2
SSDEEP

3072:XwmKnHPkJrvDRMXQJ9ey2OJaS4Iw79LTkZtiDdByxRhjqKbJWA:AmKvyj79JatIwdkZtcByNjqI

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2943b9e2ff0bd2a0d30b327681380b8e_JaffaCakes118

Files

2943b9e2ff0bd2a0d30b327681380b8e_JaffaCakes118
.exe windows:5 windows x86 arch:x86

2d5fd00e55700ef683aa43278d511bec

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

Z:\ekrxevol\zWruZiFDuxhjw\hzUsPJai\jhwsHuKHjcbxo\ytTxnSmafb.pdb

Imports

msvcrt

wcscat
iswspace
vsprintf
free
_controlfp
getc
bsearch
memset
localtime
setvbuf
malloc
iswxdigit
__set_app_type
mktime
strcspn
__p__fmode
__p__commode
wcstok
strstr
_amsg_exit
_initterm
isdigit
realloc
toupper
fread
_ismbblead
atol
wcscmp
strpbrk
_XcptFilter
_exit
fseek
fgets
qsort
iswdigit
perror
wcstoul
wcsrchr
_cexit
calloc
wcstombs
floor
iswctype
strtok
wcscspn
__setusermatherr
__getmainargs
putchar
isalpha

shlwapi

PathIsUNCA

kernel32

FreeResource
SetEvent
ExitThread
GetUserDefaultLangID
SetFileApisToOEM
GetAtomNameW
GetCommandLineW
IsBadReadPtr
FindNextFileW
SetFileTime
FindResourceExA
SetHandleCount
GetSystemTimeAdjustment
ConnectNamedPipe
TlsSetValue
LoadLibraryExA
MoveFileW
EnterCriticalSection
GetSystemTimeAsFileTime
SetErrorMode
lstrcatA
GetFileAttributesW
SetCommState
SetLocalTime
lstrcmpiA
FlushViewOfFile
EnumResourceLanguagesA
WaitForMultipleObjectsEx
EnumResourceNamesA
GlobalGetAtomNameA
SleepEx
SetSystemTime
GetTempFileNameW
GetStdHandle
GetFileType
LocalAlloc
SetMailslotInfo
MapViewOfFile
WaitForSingleObjectEx
lstrcpyA
GetComputerNameExW
GetTempFileNameA
HeapCreate
GetAtomNameA
SetFileAttributesA
GetSystemDirectoryA
FindResourceExW
AddAtomA
GetWindowsDirectoryA
GetCommTimeouts
LocalFree
HeapUnlock
FormatMessageA
LoadLibraryA
GetCurrentThreadId

user32

GetActiveWindow
IsIconic
DestroyAcceleratorTable
LoadImageW
GetScrollRange
RemoveMenu
GetMenuStringA
GetNextDlgTabItem
DestroyWindow
CreatePopupMenu
WaitMessage
MapVirtualKeyW
SetSysColors
LockWindowUpdate
SetDlgItemTextA
GetKeyNameTextW
GetWindowRect
SetFocus
OffsetRect
UpdateWindow
wsprintfW
GetClassInfoA
FindWindowW
DialogBoxParamW
HideCaret
SetMenuItemInfoW
LoadAcceleratorsA
CopyAcceleratorTableW
DefWindowProcA
CharUpperBuffA
GetPropW
PeekMessageA
DefDlgProcW
CharUpperA
GetUserObjectInformationA
SetCursor
GetLastActivePopup
LoadBitmapA
GetMessagePos
CharNextW
GetClassInfoExA
DrawIconEx
DrawEdge
SendMessageW
DrawFrameControl
RegisterClassW
InSendMessageEx
EndPaint
RegisterHotKey
MonitorFromRect
GetDlgItem
BeginDeferWindowPos
InsertMenuA
TranslateMessage
InflateRect
GetCursorPos
MessageBoxExA
IsCharLowerA
LoadIconA
EnableMenuItem
DrawFocusRect
IsCharUpperA
keybd_event
DrawTextExW
LoadBitmapW
CheckRadioButton
GetMessageW
DrawIcon
GetClientRect
DispatchMessageA
GetKeyboardLayout
SwitchToThisWindow
BeginPaint
LoadStringA
CloseDesktop
GetDC
GetWindowTextA
GetMenuItemInfoW
TrackPopupMenuEx
DrawAnimatedRects
TranslateAcceleratorW
DrawTextW
GetKeyState
GetDlgItemInt
WindowFromPoint
SendInput
VkKeyScanW
wvsprintfW
EqualRect
GetSystemMenu
GetClassInfoW
CreateCursor
SetRect
GetWindowPlacement
SetMenuDefaultItem
EnumThreadWindows
CreateDialogParamA
SendMessageTimeoutW
PostMessageA
CheckMenuRadioItem
MessageBoxW
DestroyMenu
SendMessageTimeoutA
MessageBoxA
DialogBoxIndirectParamA
SetCaretPos
GetMenuItemID
SetWindowTextA
IsCharAlphaW
GetDlgCtrlID
ShowOwnedPopups
GetMessageExtraInfo
SendMessageA
FindWindowA
SendDlgItemMessageW
SetWindowLongW
GetWindowLongW
WaitForInputIdle
EnableScrollBar
LoadCursorW
GetCaretPos
CharNextExA

Exports

Exports

?ForwardControlItem@@YGK_KK:O

Sections

.text
Size: 22KB - Virtual size: 21KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.init
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.erts
Size: 512B - Virtual size: 88B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.wall
Size: 1024B - Virtual size: 183KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.info
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.udata
Size: 42KB - Virtual size: 41KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 105KB - Virtual size: 104KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

2d5fd00e55700ef683aa43278d511bec

Headers

File Characteristics

PDB Paths

Imports

msvcrt

shlwapi

kernel32

user32

Exports

Exports

Sections

.text Size: 22KB - Virtual size: 21KB

.init Size: 6KB - Virtual size: 5KB

.erts Size: 512B - Virtual size: 88B

.wall Size: 1024B - Virtual size: 183KB

.info Size: 1KB - Virtual size: 1KB

.data Size: 3KB - Virtual size: 2KB

.udata Size: 42KB - Virtual size: 41KB

.rsrc Size: 105KB - Virtual size: 104KB

.reloc Size: 2KB - Virtual size: 1KB

.text
Size: 22KB - Virtual size: 21KB

.init
Size: 6KB - Virtual size: 5KB

.erts
Size: 512B - Virtual size: 88B

.wall
Size: 1024B - Virtual size: 183KB

.info
Size: 1KB - Virtual size: 1KB

.data
Size: 3KB - Virtual size: 2KB

.udata
Size: 42KB - Virtual size: 41KB

.rsrc
Size: 105KB - Virtual size: 104KB

.reloc
Size: 2KB - Virtual size: 1KB