e93d9e8b93c9aeea2d91da9ed82445f9_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

e93d9e8b93c9aeea2d91da9ed82445f9_JaffaCakes118
Size

35KB
MD5

e93d9e8b93c9aeea2d91da9ed82445f9
SHA1

31d06e6bd622622fdac40b779642a50db4ad57ac
SHA256

090de2df23fe026eb42961c03cb0acd8a9877791158de6614cd64047db48f586
SHA512

2744f63aa192fef4538382d49f81ad9931ec992c7478b45a86f7e0d83001708ac95090b7bddfabe47ac78ce1091cc578f7327302b3815913b8747cb3d7985773
SSDEEP

768:r0MsKBnGoobxQhMHmxfUDuirstD2vpgBop3iaqC0imZ5FgYUuxEe:r0MLWFBHLXrA2xgO5SCRgkYU1e

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/Scaninfo.Pdf______________________________________________________________________.exe

Files

e93d9e8b93c9aeea2d91da9ed82445f9_JaffaCakes118
.zip
Scaninfo.Pdf______________________________________________________________________.exe
.exe windows:5 windows x86 arch:x86

bc0c6a53fef3d2438036c0c5765b0b0c

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

H:\dhXayty\qglud\iymt\BYHbwP\iacywhb.pdb

Imports

gdi32

ScaleWindowExtEx
EnumFontFamiliesW
CreateCompatibleBitmap
CreateDCW
GetLayout
PtInRegion
CreateRectRgnIndirect
CreatePenIndirect
CreatePatternBrush
LPtoDP
StartPage
SetViewportOrgEx
WidenPath

shlwapi

StrToIntA
UrlUnescapeA
StrSpnA
PathMakePrettyW

kernel32

GetProcAddress
lstrcmpiW
TerminateThread
lstrcatA
GlobalAddAtomW
lstrlenW
CompareStringW
SetPriorityClass
FileTimeToLocalFileTime
GetOEMCP
SetFileAttributesW
CreateNamedPipeA
SetCommTimeouts
lstrcpynW
FormatMessageA
GetCommModemStatus
GetCommandLineW

user32

GetPropW
TabbedTextOutW
MapVirtualKeyW
CharNextExA
CharLowerBuffW
GetDlgItemTextA
SetWindowLongA
GetDialogBaseUnits
CharUpperBuffA
PostMessageW
GetMenuItemCount
SetRectEmpty
GetFocus
MessageBoxExW
EndPaint
WindowFromPoint
LoadStringW
CharToOemBuffA
InSendMessageEx
IsWindowVisible
FindWindowA
ShowOwnedPopups
LoadMenuW
RegisterWindowMessageW
RegisterHotKey
SetDlgItemInt
FrameRect
MessageBoxExA
WaitForInputIdle
DrawEdge

Exports

Exports

?dXRPsyxse@@YGPAGFPAD@Z
?B_RCnf_ssp_mfS@@YGKEPAN@Z
?M_WABFDT_OnbP__F@@YGHM@Z
?_nkzzylj@@YGPAGPAF@Z
?XUT_KRKLhcreolgoxs_bw@@YGPANIPAI@Z
?sVGPGYxhf_obvj_nP@@YGJDJ@Z
?plkzqUV@@YGPAXM@Z

Sections

.text
Size: 28KB - Virtual size: 64KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.xdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 6KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

bc0c6a53fef3d2438036c0c5765b0b0c

Headers

File Characteristics

PDB Paths

Imports

gdi32

shlwapi

kernel32

user32

Exports

Exports

Sections

.text Size: 28KB - Virtual size: 64KB

.data Size: 12KB - Virtual size: 12KB

.xdata Size: 1KB - Virtual size: 1KB

.rdata Size: 2KB - Virtual size: 1KB

.rsrc Size: 6KB - Virtual size: 8KB

.reloc Size: 2KB - Virtual size: 1KB

.text
Size: 28KB - Virtual size: 64KB

.data
Size: 12KB - Virtual size: 12KB

.xdata
Size: 1KB - Virtual size: 1KB

.rdata
Size: 2KB - Virtual size: 1KB

.rsrc
Size: 6KB - Virtual size: 8KB

.reloc
Size: 2KB - Virtual size: 1KB