306f8d1087a854ebf11c0bc491b74792_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

306f8d1087a854ebf11c0bc491b74792_JaffaCakes118
Size

199KB
MD5

306f8d1087a854ebf11c0bc491b74792
SHA1

07b606c9db42c16dd5d7e7ee99d220b14a8d6d52
SHA256

a566e0b31a1aa1b8d13b3411a1675b7e4fafb3385a8c3845b1b25c24472423f4
SHA512

dad214b193faf330076d8646f1ba47a1dfd216c162e4a18722b0e5f2f1c9009b87d943c50d1b42b8fe19f8e8331cc5d876e0a467be062f49a9950a48588a6598
SSDEEP

3072:HiV+UVYZc11KP8LfREb9eXNzaHIdhHqeGFABib0w4DPJ9x7WqYTppJOf0Yhpzg:miyKPwfUEMRTAMGPJ9x7WqA/OfVg

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
306f8d1087a854ebf11c0bc491b74792_JaffaCakes118

Files

306f8d1087a854ebf11c0bc491b74792_JaffaCakes118
.exe windows:5 windows x86 arch:x86

ce33ea917a1aa81b98fa591484ef0756

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

U:\DoVHnCBHlxgiFN\zfrpucbwXkf\UwcdrFq.pdb

Imports

gdi32

GetTextExtentExPointW
GetStockObject
RealizePalette
CreateSolidBrush
SetBitmapDimensionEx
SetROP2
LPtoDP
StartDocW
UnrealizeObject
DPtoLP
GetPaletteEntries
CreateCompatibleBitmap
SetBkMode
EndPath
GetTextMetricsW
CreateDIBSection
GetNearestColor
SetPixel

shlwapi

PathRemoveBlanksW
StrNCatA
StrToIntA

msvcrt

_controlfp
__set_app_type
__p__fmode
swscanf
__p__commode
mktime
_amsg_exit
_initterm
_acmdln
atoi
exit
_ismbblead
_XcptFilter
towupper
free
fwrite
_exit
strpbrk
_cexit
printf
__setusermatherr
__getmainargs
towlower
bsearch
fclose

user32

EqualRect
IsCharUpperA
AttachThreadInput
MoveWindow
GetKeyboardLayoutList
GetCursorPos
AppendMenuA
RegisterClassW
CheckMenuItem
SetWindowRgn
SwitchToThisWindow
ExitWindowsEx
CharLowerW
GetParent
GetScrollInfo
SetScrollInfo
DefDlgProcA
CheckRadioButton
GetUpdateRect
GetForegroundWindow
EnableWindow
CreateDialogParamA
CreateDialogIndirectParamW
SetWindowTextA
IsCharLowerA
SetCaretPos
ArrangeIconicWindows
DefFrameProcA
GetCaretPos
AdjustWindowRectEx
GetClassInfoA
CharUpperW
GetDlgItemInt
DrawTextA
GetMenuItemRect
CopyAcceleratorTableW
EnumThreadWindows
DialogBoxIndirectParamW
GetMenuItemCount
DestroyCursor
HideCaret
GetKeyboardLayoutNameW
GetPropW
DispatchMessageA

kernel32

EscapeCommFunction
lstrcpynW
GetFileTime
GetLocaleInfoW
GetProcessHeap
GetSystemDefaultUILanguage
GetSystemDirectoryA
EnumResourceTypesA
HeapAlloc
CompareStringW
SearchPathA
IsDBCSLeadByteEx
AreFileApisANSI
SetNamedPipeHandleState
GlobalFlags
HeapFree
GetModuleHandleW
OpenSemaphoreW
MulDiv
ReleaseMutex
GetCompressedFileSizeW
GlobalFindAtomW
GetTickCount
CreateDirectoryW

Exports

Exports

?IsFolderNew@@YGGD*Z
?SendCharExA@@YGGIH*Z
?DecrementWidthOriginal@@YGHPAKFPAHPAI*Z
?DeleteObject@@YGJHPAMPAHF*Z
?SendRect@@YGKPAEFGH*Z
?ShowConfig@@YGKKM*Z
?FindFunctionA@@YGHPAFIGE*Z
?DeleteConfigOriginal@@YGPAKIKDPAM*Z
?CallScreenNew@@YGXDDE*Z
?RemoveDateTimeW@@YGPAGIFK*Z
?FindObjectOriginal@@YGPAMKH*Z

Sections

.text
Size: 165KB - Virtual size: 164KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.ditxt
Size: 512B - Virtual size: 476B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.dbug
Size: 512B - Virtual size: 28B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.dimp
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.dbg
Size: 512B - Virtual size: 66B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.dvr
Size: 512B - Virtual size: 140B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.dpt
Size: 1024B - Virtual size: 659B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.dcode
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 142KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ce33ea917a1aa81b98fa591484ef0756

Headers

File Characteristics

PDB Paths

Imports

gdi32

shlwapi

msvcrt

user32

kernel32

Exports

Exports

Sections

.text Size: 165KB - Virtual size: 164KB

.ditxt Size: 512B - Virtual size: 476B

.dbug Size: 512B - Virtual size: 28B

.dimp Size: 2KB - Virtual size: 2KB

.dbg Size: 512B - Virtual size: 66B

.dvr Size: 512B - Virtual size: 140B

.dpt Size: 1024B - Virtual size: 659B

.dcode Size: 12KB - Virtual size: 12KB

.data Size: 3KB - Virtual size: 142KB

.rsrc Size: 9KB - Virtual size: 9KB

.reloc Size: 2KB - Virtual size: 2KB

.text
Size: 165KB - Virtual size: 164KB

.ditxt
Size: 512B - Virtual size: 476B

.dbug
Size: 512B - Virtual size: 28B

.dimp
Size: 2KB - Virtual size: 2KB

.dbg
Size: 512B - Virtual size: 66B

.dvr
Size: 512B - Virtual size: 140B

.dpt
Size: 1024B - Virtual size: 659B

.dcode
Size: 12KB - Virtual size: 12KB

.data
Size: 3KB - Virtual size: 142KB

.rsrc
Size: 9KB - Virtual size: 9KB

.reloc
Size: 2KB - Virtual size: 2KB