552e09b930f765ed83db3f0735c47694_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

552e09b930f765ed83db3f0735c47694_JaffaCakes118
Size

152KB
MD5

552e09b930f765ed83db3f0735c47694
SHA1

2418f0efab47ac259e7da31d3a627fcd35c2b11b
SHA256

cbe4005cd9cb868a81cb8ef0953dc254452fa9473c04bfb411bcad68b3a1d7a8
SHA512

ad0e44415be7db022b13ff388af22d8fd7bbe3b2ce137d7ae7b31d0bdf3fcf60542733f27478ae52ce0b063e0694c42711f036ba5c03c951ca3bbae37b4f8b79
SSDEEP

3072:4qwl2oKpJspYwQu2zOzJby6UVblb2x02hxuFLqlT6xqWI4FSzrxvP4tAaM:4qm2oK2YX6VPUVblbiN8xDIMSPCK

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
552e09b930f765ed83db3f0735c47694_JaffaCakes118

Files

552e09b930f765ed83db3f0735c47694_JaffaCakes118
.dll windows:5 windows x86 arch:x86

374c7ebf026b60461d74c9808033930b

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

D:\peAsxAVu\JgwOqXoKfHGa\kqippPxvl.pdb

Imports

shlwapi

PathIsUNCW

kernel32

FileTimeToLocalFileTime
QueryPerformanceCounter
IsBadStringPtrW
GetAtomNameA
SetLastError
GetCommConfig
IsValidLocale
SetWaitableTimer
CloseHandle
GlobalMemoryStatusEx
VirtualFree
GlobalGetAtomNameA
FreeLibrary
IsBadWritePtr
CreateNamedPipeA
GetCurrentDirectoryW
VirtualQuery
OpenEventW
GetLocaleInfoW
GlobalDeleteAtom
GetHandleInformation
SetCurrentDirectoryW
GetFileType
FindFirstFileW
CreateSemaphoreW
GetFileAttributesExA
GetComputerNameA
MulDiv
GlobalFree
GetLocalTime
SetFilePointer
GetPriorityClass
ResumeThread
AreFileApisANSI
IsDBCSLeadByte
GetModuleHandleA
GetSystemDefaultLangID
CreatePipe
GetThreadTimes
GetLongPathNameW
RaiseException
GetCommModemStatus
SetErrorMode
SuspendThread
HeapAlloc
HeapValidate
GetModuleFileNameA
InitializeCriticalSection
EscapeCommFunction
GlobalAddAtomA
lstrcpyW
GetWindowsDirectoryA
GlobalSize
FoldStringW
IsBadReadPtr

comdlg32

GetSaveFileNameA
PrintDlgW
ChooseFontW
GetSaveFileNameW

user32

SetUserObjectInformationW
SystemParametersInfoA
IsCharUpperA
DialogBoxParamA
GetClassNameW
RegisterClassW
IsWindowUnicode
CallWindowProcW
WaitForInputIdle
IsCharAlphaA
DestroyAcceleratorTable
GetDlgItemInt
ReplyMessage
RegisterWindowMessageA
SystemParametersInfoW
PostThreadMessageA
mouse_event
CharNextW
GetForegroundWindow
SetWindowRgn
InflateRect
SetDlgItemTextA
CharPrevW
GetWindowRect
DrawStateW
InSendMessage
ReleaseDC
IsDlgButtonChecked
RegisterClassExW
DefWindowProcW
DrawIconEx
GetKeyboardLayoutList
SetFocus
IsWindowEnabled
FindWindowA
SetWindowTextA
IsCharAlphaNumericW
GetMenuItemCount
SetPropW
SetClassLongW
GetMenuCheckMarkDimensions
CharToOemW
DestroyCaret
WaitMessage
GetWindowTextLengthW
RegisterWindowMessageW
SendNotifyMessageW
SetMenu
LockWindowUpdate
CharUpperBuffA
BringWindowToTop
wvsprintfA
SetDlgItemTextW
GetCursorPos
LoadIconW
DispatchMessageA
GetClipCursor
DrawFrameControl
MessageBoxA
GetKeyboardType
GetKeyboardLayout
ScrollWindow
CopyRect
GetClassInfoExW
MapVirtualKeyW
EnableScrollBar
GetDoubleClickTime
GetWindowLongW
SetWindowTextW
CheckRadioButton
DefFrameProcW
RedrawWindow
GetUserObjectInformationA
GetWindow
GetIconInfo
ChildWindowFromPointEx
BeginDeferWindowPos
PostQuitMessage
CreateDialogParamW
EnumThreadWindows
GetTopWindow
GetMenuItemRect
wsprintfW
ScrollWindowEx
DestroyWindow
OffsetRect
CreateWindowExW
GetLastActivePopup
SendDlgItemMessageW
GetSystemMetrics
GetUpdateRect
GetMenuStringA
GetWindowLongA
SetRectEmpty
MonitorFromRect
ShowWindow
GetDlgItemTextA
GetClassInfoW
ChangeMenuW
DialogBoxIndirectParamA
DrawAnimatedRects
GetMessageW
IsZoomed
GetDlgCtrlID
AdjustWindowRect
DrawTextA
IsDialogMessageW
GetCaretPos
DefWindowProcA
DrawStateA
InvalidateRect
VkKeyScanW
CharUpperBuffW
MoveWindow
SetCaretPos
InSendMessageEx
GetMonitorInfoW
DeferWindowPos
GetDCEx
GetKeyboardLayoutNameW
SetParent
DialogBoxParamW
CheckDlgButton
DrawEdge

msvcrt

fgetc
_controlfp
ftell
bsearch
printf
isxdigit
strspn
__set_app_type
__p__fmode
fwrite
ungetc
sprintf
__p__commode
strchr
_amsg_exit
swprintf
strrchr
_initterm
wcschr
wcscpy
iswxdigit
iswdigit
realloc
srand
_ismbblead
swscanf
wcscat
islower
_XcptFilter
strncpy
fclose
wcscmp
strpbrk
wcsrchr
isdigit
putchar
wcscoll
isalnum
_exit
strtok
getc
wcstombs
_cexit
atoi
__setusermatherr
__getmainargs
isprint
memset

Exports

Exports

H99:O
?CalculateStringCapacity@@YGKDDPAX:O

Sections

.text
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.dati
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.date
Size: 512B - Virtual size: 115B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.char
Size: 512B - Virtual size: 490B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.odata
Size: 13KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.align
Size: - Virtual size: 167KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 117KB - Virtual size: 116KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

374c7ebf026b60461d74c9808033930b

Headers

File Characteristics

PDB Paths

Imports

shlwapi

kernel32

comdlg32

user32

msvcrt

Exports

Exports

Sections

.text Size: 9KB - Virtual size: 8KB

.dati Size: 6KB - Virtual size: 6KB

.date Size: 512B - Virtual size: 115B

.char Size: 512B - Virtual size: 490B

.odata Size: 13KB - Virtual size: 12KB

.data Size: 3KB - Virtual size: 2KB

.align Size: - Virtual size: 167KB

.rsrc Size: 117KB - Virtual size: 116KB

.reloc Size: 1KB - Virtual size: 1KB

.text
Size: 9KB - Virtual size: 8KB

.dati
Size: 6KB - Virtual size: 6KB

.date
Size: 512B - Virtual size: 115B

.char
Size: 512B - Virtual size: 490B

.odata
Size: 13KB - Virtual size: 12KB

.data
Size: 3KB - Virtual size: 2KB

.align
Size: - Virtual size: 167KB

.rsrc
Size: 117KB - Virtual size: 116KB

.reloc
Size: 1KB - Virtual size: 1KB