5497528f39d0df6472839064a447425c_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

5497528f39d0df6472839064a447425c_JaffaCakes118
Size

141KB
MD5

5497528f39d0df6472839064a447425c
SHA1

69a280aecf515f3d9de51f89c951255669c8326c
SHA256

c3e2aeb57c9212a478dc0fab18c8d9871e5531a359519b42bb2c0f2d09fedd2b
SHA512

cb1bc4f8590287830032d4bdd9ea4cded413b64c2d5777e7e226c9b242c3d27247ddba89d1a84252b209d7d40b7ec56238612768278a82b615704f3ebe3290cb
SSDEEP

3072:6iG3wByvobguoEbsz7Go2NHBGoA8nyT54fnXvP1b7hOYUW:9GTkkHyN0oLnyTuXvP1hh

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5497528f39d0df6472839064a447425c_JaffaCakes118

Files

5497528f39d0df6472839064a447425c_JaffaCakes118
.exe windows:5 windows x86 arch:x86

6528943bee1de7c4820873cc726b943b

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

F:\gDvcwOcVdmYkb\nMHjGnEONZ\dzoErtB\yCZncptCjBab.pdb

Imports

msvcrt

wcstombs
wcstok
strcpy
strstr
fprintf
atoi
swscanf
_controlfp
fgets
isxdigit
__set_app_type
__p__fmode
swprintf
fputc
isalpha
__p__commode
_amsg_exit
wcslen
_initterm
wcsncmp
sscanf
_ismbblead
islower
towlower
_XcptFilter
_exit
sprintf
wcsrchr
wcsncpy
wcstoul
fseek
iswctype
_cexit
fclose
strspn
strcspn
iswxdigit
floor
iswalpha
isdigit
setvbuf
fflush
__setusermatherr
strrchr
__getmainargs
iswprint
system

kernel32

GetOEMCP
GetCurrentThreadId
WriteFile
GetModuleFileNameA
CompareStringA
GetWindowsDirectoryW
LocalFree
WaitForMultipleObjectsEx
SetPriorityClass
IsBadCodePtr
GlobalGetAtomNameW
GetACP
GetShortPathNameA
GetSystemDefaultLangID
lstrcpynW
GetComputerNameA
ReleaseSemaphore
WaitForSingleObjectEx
lstrcmpiA
SetCommBreak
TlsGetValue
CreateMailslotW
IsBadStringPtrW
GetCommModemStatus
GetVersionExW
SetThreadLocale
SetFileApisToOEM
CreateDirectoryA
IsBadReadPtr
GetLocaleInfoW
GlobalFlags
lstrlenW
WaitCommEvent
CreateEventW
GetCommProperties
SleepEx
GetProcAddress
GlobalSize
GetModuleHandleA
GetThreadTimes
ClearCommError
lstrcmpA
HeapLock
CreateMutexA
GetSystemDirectoryW
DisconnectNamedPipe
WinExec
RaiseException
GetTempFileNameA
GetFileAttributesA
lstrlenA
SetFileAttributesA
RemoveDirectoryW

user32

SetSysColors
ScreenToClient
BeginDeferWindowPos
mouse_event
DrawTextA
RegisterWindowMessageW
CheckMenuItem
SendInput
GetClipCursor
CloseDesktop
ClipCursor
SetWindowRgn
CharToOemW
MessageBoxExW
GetDlgCtrlID
GetAsyncKeyState
IsDialogMessageW
EnableMenuItem
DrawIcon
GetWindow
wvsprintfA
IsMenu
MonitorFromRect
IsCharAlphaA
GetLastActivePopup
CheckMenuRadioItem
RegisterClassA
RegisterHotKey
IsWindowEnabled
CreateIconFromResource
GetWindowTextW
InsertMenuW
ShowCaret
ClientToScreen
SetWindowPlacement
GetSysColorBrush
EndPaint
SetPropW
GetPropW
LoadCursorW
CreateCaret
GetMenuItemInfoW
VkKeyScanA
AttachThreadInput
EnableScrollBar
GetSystemMetrics
DestroyCursor
AppendMenuA
SendDlgItemMessageA
GetMessagePos
InternalGetWindowText
GetWindowTextA
SwitchToThisWindow
DrawStateA
PostThreadMessageA
MessageBoxW
CreateMenu
WindowFromPoint
SetWindowTextW
InSendMessageEx
SetCursor
GetClientRect
DrawEdge
ReplyMessage
WaitForInputIdle
AdjustWindowRectEx
ScrollWindow
DestroyIcon
CharPrevA
DefFrameProcA
SetScrollRange
CharToOemA
IsWindow
CallWindowProcA
DefFrameProcW
DrawTextExW
DragObject
SetLastErrorEx
GetKeyState
SetMenuDefaultItem
GetScrollRange
RegisterWindowMessageA
GetMenu
FillRect
UpdateWindow
WaitMessage
CharPrevW
CreateDialogParamW
GetScrollPos
DialogBoxIndirectParamA
InflateRect
TileWindows
ShowWindowAsync
GetForegroundWindow
SetDlgItemTextA
IsCharUpperA
GetKeyboardLayout
SystemParametersInfoA
SetMenuItemInfoW
ScrollWindowEx
CreateWindowExA
GetWindowPlacement
GetDlgItemTextA
IsIconic
GetDlgItemTextW
ArrangeIconicWindows
DestroyCaret
CharUpperA
OemToCharA
CharLowerA
CheckRadioButton
ChildWindowFromPointEx
AppendMenuW
ActivateKeyboardLayout
GetMessageExtraInfo
LookupIconIdFromDirectory
SetWindowLongA
DestroyMenu
FindWindowA

comdlg32

ReplaceTextW
GetSaveFileNameW
ChooseFontW
ChooseColorW
GetOpenFileNameA

comctl32

ImageList_GetIconSize
PropertySheetW
ImageList_LoadImageW
ImageList_GetImageCount
CreateStatusWindowW
ImageList_Destroy

Exports

Exports

?RegenerateMainValues@@YGKPBDDPAX:O

Sections

.text
Size: 22KB - Virtual size: 22KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.emnar
Size: 512B - Virtual size: 126B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.fire
Size: 1KB - Virtual size: 123KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.imper
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.wchar
Size: 1024B - Virtual size: 645B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.wdata
Size: 1024B - Virtual size: 704B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 105KB - Virtual size: 105KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

6528943bee1de7c4820873cc726b943b

Headers

File Characteristics

PDB Paths

Imports

msvcrt

kernel32

user32

comdlg32

comctl32

Exports

Exports

Sections

.text Size: 22KB - Virtual size: 22KB

.emnar Size: 512B - Virtual size: 126B

.fire Size: 1KB - Virtual size: 123KB

.data Size: 2KB - Virtual size: 1KB

.imper Size: 6KB - Virtual size: 5KB

.wchar Size: 1024B - Virtual size: 645B

.wdata Size: 1024B - Virtual size: 704B

.rsrc Size: 105KB - Virtual size: 105KB

.text
Size: 22KB - Virtual size: 22KB

.emnar
Size: 512B - Virtual size: 126B

.fire
Size: 1KB - Virtual size: 123KB

.data
Size: 2KB - Virtual size: 1KB

.imper
Size: 6KB - Virtual size: 5KB

.wchar
Size: 1024B - Virtual size: 645B

.wdata
Size: 1024B - Virtual size: 704B

.rsrc
Size: 105KB - Virtual size: 105KB