55947865a68240c34c3d917ab15daa97_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

55947865a68240c34c3d917ab15daa97_JaffaCakes118
Size

56KB
MD5

55947865a68240c34c3d917ab15daa97
SHA1

246052660472cb369250369b665f15ea77aa8445
SHA256

000af25cf4da4a0bfde03e24a261d4bbd3e76cd621c45f7433cad17bcd46ab61
SHA512

ca01745d74c8d632383f53a2cdd6c084fa0b363769f044170c56858d74b9c30a0d95f2af53774d7782d906e506c3bd680c1d7cd065639701c7075f742b9d5eaf
SSDEEP

1536:pf4uGClj2MEMBSE2GG1tjb2Q0NC6JSg11111111111111111111111111111Inw:l4uGC4MEgSELG2RMm111111111111111

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
55947865a68240c34c3d917ab15daa97_JaffaCakes118

Files

55947865a68240c34c3d917ab15daa97_JaffaCakes118
.exe windows:5 windows x86 arch:x86

2438250aebedaeef7fdbd6888700fd9c

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

T:\urUtwosopxxlw\toxqTuGbYabyed\HNxihqmdo.pdb

Imports

comdlg32

GetSaveFileNameW
GetFileTitleW
FindTextW
ChooseFontW

kernel32

GetCommState
LoadLibraryExW
lstrcmpW
VerSetConditionMask
FindResourceExA
GetCommConfig
CompareStringW
GetShortPathNameW
GetProcessHeap
PulseEvent
GetStdHandle
SetThreadLocale
SetCommTimeouts
VerifyVersionInfoW
SetupComm
GetBinaryTypeW
GetFileAttributesExW
OpenEventW
GlobalCompact
SetPriorityClass
CopyFileA
GlobalHandle
SetLastError
GetModuleHandleA
HeapValidate
GetPriorityClass
lstrcpynW
RemoveDirectoryA
GetProcAddress
GlobalMemoryStatusEx
GetCommModemStatus
IsBadWritePtr
GetSystemDirectoryA
LocalAlloc
GetComputerNameA
FoldStringW
lstrcmpA
SetCurrentDirectoryA
VirtualQuery
SetErrorMode
GetStartupInfoW
HeapAlloc
GetCommProperties
FormatMessageA
SetHandleCount
FindCloseChangeNotification
FlushViewOfFile
HeapFree
CreateFileMappingA
WriteFile
GetLastError
RaiseException
EscapeCommFunction
LCMapStringA
HeapSize
FreeLibrary
TlsSetValue
HeapLock

msvcrt

strerror
strtol
_controlfp
perror
strncpy
mbstowcs
wcstol
wcscat
wcstombs
__set_app_type
strpbrk
sscanf
strncmp
__p__fmode
towlower
wcscoll
iswctype
__p__commode
swprintf
strcoll
_amsg_exit
time
_initterm
rand
_ismbblead
isdigit
atoi
setvbuf
fwrite
strtoul
fputs
toupper
wcscspn
_XcptFilter
iswprint
remove
tolower
_exit
printf
_cexit
swscanf
__setusermatherr
srand
strchr
fclose
__getmainargs
wcsstr

user32

CopyRect
wsprintfA
MapVirtualKeyExW
SystemParametersInfoA
GetCursorPos
CharPrevW
CharToOemW
IsDlgButtonChecked
LoadBitmapA
LoadImageA
DrawStateA
LoadBitmapW
ReleaseDC
GetMonitorInfoW
ChangeMenuW
ScrollWindow
GetMessageA
IsWindowVisible
GetMenuItemCount
WaitForInputIdle
GetDialogBaseUnits
GetDlgItemTextA
GetScrollRange
LoadImageW
PostThreadMessageW
GetClassInfoExA
DestroyCursor
DrawStateW
GetLastActivePopup
IsWindow
GetDCEx
CopyAcceleratorTableW
DrawTextW
CharUpperW
SetFocus
OpenIcon
SwitchToThisWindow
LoadIconW
SetRect
CreatePopupMenu
CreateIconFromResource
GetDlgItem
ShowOwnedPopups
SetWindowPlacement
GetScrollInfo
GetMenu
SystemParametersInfoW
DrawTextA
TrackPopupMenu
IsRectEmpty
IsCharAlphaA
CharNextExA
LoadAcceleratorsW
GetWindow
VkKeyScanW
GetClassLongA
SetWindowTextA
CharPrevA
GetMessageW
ToUnicodeEx
CreateWindowExA
CreateIconIndirect
DrawTextExW
InsertMenuA
PostThreadMessageA
CheckDlgButton
CreateCursor
DrawAnimatedRects
TabbedTextOutW
DialogBoxParamW
IsMenu
GetAsyncKeyState
SetPropW
CharNextW
GetUpdateRgn
IsIconic
DialogBoxParamA
EnableMenuItem
GetForegroundWindow
GetMessagePos
CharToOemBuffA
PeekMessageA
FindWindowExW
LoadStringA
UpdateWindow
GetActiveWindow
GetCaretPos
OemToCharBuffA
ChildWindowFromPointEx
RedrawWindow
CharLowerW
DefWindowProcA
SetCaretPos
EnumThreadWindows
wvsprintfW
GetGUIThreadInfo
EndDialog
ShowCursor
CharToOemA
MessageBoxW
InvalidateRgn
SetMenuItemInfoW
SetScrollRange
SetClassLongW
GetUserObjectInformationA
WaitMessage
ClipCursor
GetClipCursor
IsCharAlphaW
MonitorFromPoint
CheckMenuItem
GetSysColorBrush
IsDialogMessageA
AttachThreadInput
GetKeyboardLayoutList
InsertMenuItemW
SetParent
EnumChildWindows
ReplyMessage
AppendMenuA
MapWindowPoints
DestroyCaret

Exports

Exports

?GenericOutputInfoYSUh@@YGK_KHE[D

Sections

.text
Size: 22KB - Virtual size: 21KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 14KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 18KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

2438250aebedaeef7fdbd6888700fd9c

Headers

File Characteristics

PDB Paths

Imports

comdlg32

kernel32

msvcrt

user32

Exports

Exports

Sections

.text Size: 22KB - Virtual size: 21KB

.data Size: 14KB - Virtual size: 13KB

.rsrc Size: 18KB - Virtual size: 17KB

.reloc Size: 1KB - Virtual size: 1KB

.text
Size: 22KB - Virtual size: 21KB

.data
Size: 14KB - Virtual size: 13KB

.rsrc
Size: 18KB - Virtual size: 17KB

.reloc
Size: 1KB - Virtual size: 1KB