c86e6c9a14e2c11428dea7f72805d999_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

c86e6c9a14e2c11428dea7f72805d999_JaffaCakes118
Size

43KB
MD5

c86e6c9a14e2c11428dea7f72805d999
SHA1

1e41e641e54bb6fb26b5706e39b90c93165bcb0b
SHA256

1f210c60f90fd8403099482455f3220b56b2864bc4d2b6af0abda4a2c3854d40
SHA512

32ed8ef777e5d30ae086d6bd05202b94932f6894e25a48c2e92a2e8a77ba80651c45ee04ed0b70831d479a74a2d48af14b40623e59c06223289cb3d4b144576d
SSDEEP

768:wO70S7b0vJinmDOxCRfcwt5Dqcjgqa57R/SVcQPnmX5URz7D7PpUmNq:ngawv2PTq5D1jgZ7RKJeJU1D7PpUQ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c86e6c9a14e2c11428dea7f72805d999_JaffaCakes118

Files

c86e6c9a14e2c11428dea7f72805d999_JaffaCakes118
.exe windows:5 windows x86 arch:x86

f9fd9fd22788b7616e4ebf40a1b7a50c

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

Y:\SpIIzQyTUrNmlt\awhlngjfneWu\FwCckdYml\fuvhBzN\YwghkOow.pdb

Imports

user32

SetWindowLongW
GetLastActivePopup
RemoveMenu
OemToCharA
wsprintfW
SetWindowRgn
RegisterHotKey
DrawMenuBar
MoveWindow
IsCharUpperA
SetSysColors
IsIconic
CreateAcceleratorTableW
BeginDeferWindowPos
ShowScrollBar
CreateDialogParamW
wsprintfA
ReleaseDC
DefFrameProcW
SetDlgItemInt
AllowSetForegroundWindow
VkKeyScanW
MessageBoxA
InSendMessageEx
InsertMenuItemW
ChildWindowFromPointEx
CreateIconIndirect
GetClassInfoExW
wvsprintfA
DrawFrameControl
GetKeyboardLayoutNameW
DeferWindowPos
GetDC
GetDlgItemInt
EnableWindow
DestroyCaret
MapVirtualKeyExW
InflateRect
SetDlgItemTextW
SendInput
ShowWindowAsync
CharToOemA
DestroyCursor
GetIconInfo
DefFrameProcA
IsCharAlphaNumericW
RegisterWindowMessageA
InSendMessage
CharToOemW
GetDlgItemTextW
OpenInputDesktop
CharNextW
LoadIconA
SendMessageTimeoutA
DestroyIcon
CopyAcceleratorTableW
GetKeyNameTextW
SetWindowTextA
PostThreadMessageA
MessageBoxW
FindWindowExW
GetDlgItemTextA
GetMenuCheckMarkDimensions
GetWindow
FindWindowW
MapVirtualKeyW
EnumChildWindows
GetShellWindow
CopyImage
UnloadKeyboardLayout
LoadBitmapW
GetMonitorInfoW
SendMessageW
MessageBoxExA
CharUpperW
AdjustWindowRect
CascadeWindows
ShowWindow
PostMessageA
LoadMenuA
TrackPopupMenu
ScreenToClient
CloseDesktop
GetScrollRange
ShowCaret
InvertRect
DefWindowProcA
DrawTextA
DestroyMenu
GetDCEx
DrawFocusRect
CharNextExA
GetSysColor
PostThreadMessageW
GetWindowLongW
GetCursorPos
EnumThreadWindows
SetWindowLongA
CharUpperBuffW
IsMenu
ScrollWindowEx
InvalidateRect
DispatchMessageW
SendMessageTimeoutW
GetMenuItemID
GetMenuStringA
IsDialogMessageW
ModifyMenuW
EnumWindows
CheckMenuRadioItem
GetNextDlgGroupItem
ExitWindowsEx
CheckRadioButton
OffsetRect
SetWindowPlacement
GetWindowDC
CreateDialogIndirectParamW
CreatePopupMenu
LoadCursorA
ShowCursor

kernel32

GlobalFlags
GetLocaleInfoW
CreateRemoteThread
SuspendThread
MoveFileA
GetVersionExW
GlobalCompact
GetSystemWindowsDirectoryA
OpenEventW
HeapWalk
DeviceIoControl
GlobalFindAtomW
CreateFileMappingW
GetCurrentDirectoryW
GetStringTypeExW
GlobalAddAtomA
GlobalAddAtomW
IsValidLanguageGroup
SetErrorMode
SetFileTime
GetTempPathA
CreateSemaphoreA
lstrcatW
lstrcpyA
LoadLibraryExA
FormatMessageW
GetModuleHandleW
HeapAlloc
AreFileApisANSI
GetUserDefaultLangID
CreateEventW
LeaveCriticalSection
VerSetConditionMask
OpenSemaphoreW
MulDiv
CreateSemaphoreW
GlobalReAlloc
VirtualAlloc
CompareFileTime
CreateNamedPipeA
RaiseException
LocalLock
SetCurrentDirectoryA
GetModuleFileNameA
RemoveDirectoryA
IsValidLocale
GetStartupInfoA
IsBadReadPtr
SetTimerQueueTimer
FormatMessageA
GlobalMemoryStatus
ClearCommBreak
GetCommTimeouts
GetLongPathNameW
HeapCreate

msvcrt

wcstoul
_controlfp
iswxdigit
iswdigit
calloc
strtol
wcscmp
isupper
fprintf
wcscat
system
wcstod
fseek
__set_app_type
malloc
perror
wcsstr
mbtowc
strncpy
rand
__p__fmode
__p__commode
sprintf
isalpha
atoi
swscanf
strspn
strerror
_amsg_exit
wcslen
clearerr
islower
_initterm
_ismbblead
vswprintf
_XcptFilter
srand
_exit
fwrite
_cexit
__setusermatherr
memset
free
towlower
floor
time
__getmainargs
fputs
fputc

shlwapi

PathIsUNCA

Exports

Exports

?ForwardControlItem@@YGK_KK:O

Sections

.itext
Size: 21KB - Virtual size: 21KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.ips1
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ips2
Size: 512B - Virtual size: 88B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.read
Size: 1024B - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.ips3
Size: 512B - Virtual size: 192B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ips4
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f9fd9fd22788b7616e4ebf40a1b7a50c

Headers

File Characteristics

PDB Paths

Imports

user32

kernel32

msvcrt

shlwapi

Exports

Exports

Sections

.itext Size: 21KB - Virtual size: 21KB

.ips1 Size: 6KB - Virtual size: 5KB

.ips2 Size: 512B - Virtual size: 88B

.read Size: 1024B - Virtual size: 16KB

.ips3 Size: 512B - Virtual size: 192B

.data Size: 3KB - Virtual size: 2KB

.ips4 Size: 2KB - Virtual size: 2KB

.rsrc Size: 6KB - Virtual size: 5KB

.reloc Size: 1KB - Virtual size: 1KB

.itext
Size: 21KB - Virtual size: 21KB

.ips1
Size: 6KB - Virtual size: 5KB

.ips2
Size: 512B - Virtual size: 88B

.read
Size: 1024B - Virtual size: 16KB

.ips3
Size: 512B - Virtual size: 192B

.data
Size: 3KB - Virtual size: 2KB

.ips4
Size: 2KB - Virtual size: 2KB

.rsrc
Size: 6KB - Virtual size: 5KB

.reloc
Size: 1KB - Virtual size: 1KB