f3dbd4dd2b7cc18a443bca380d50e50a_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

f3dbd4dd2b7cc18a443bca380d50e50a_JaffaCakes118
Size

124KB
MD5

f3dbd4dd2b7cc18a443bca380d50e50a
SHA1

a578fd4f8fadd5b3f585fd93c75f2d93838012a4
SHA256

f7c36d8923275ff3fc7fe52967e8caf9e67bb5f6112ebf421e480d88c08712c2
SHA512

9fcfbf6080aa3e4c3a78da65a059fbabb14777be0651e62984dad3b687b33682ebec820952a368329fa910669a18e998ff0f52ef43a5ad571bad8bda67fe235b
SSDEEP

3072:2L/OgYHoPVr3Hw7UqjT3gUdSHH6r57PjTwJehAu7Cp:MORy5OT3gUInWfTxhAL

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f3dbd4dd2b7cc18a443bca380d50e50a_JaffaCakes118

Files

f3dbd4dd2b7cc18a443bca380d50e50a_JaffaCakes118
.exe windows:5 windows x86 arch:x86

b2aeb953a16a33bcd2d49667845aa16f

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

K:\XeZxa\mmYO\lBbn.pdb

Imports

comdlg32

GetOpenFileNameA
GetSaveFileNameA
PrintDlgExW
ChooseFontW

shlwapi

StrCmpNIA

user32

GetMenuStringA
GetWindowTextLengthA
RegisterClassW
ShowCursor
wsprintfW
GetWindowTextLengthW
RegisterClassA
InvalidateRgn
CheckDlgButton
SetWindowPos
GetMessagePos
MessageBoxExW

kernel32

GetStartupInfoW
lstrlenA
LoadLibraryW
FindNextFileA
lstrlenW
EnumResourceTypesA
SetThreadContext
LoadLibraryA
GetComputerNameExA
GetComputerNameW
CreatePipe
ResumeThread
GetLongPathNameW

gdi32

RectVisible
ScaleViewportExtEx
ResizePalette
OffsetRgn
GetWindowOrgEx
CreateFontA
StartPage
GetTextMetricsA

comctl32

CreatePropertySheetPageW
InitCommonControlsEx
ImageList_Read

Exports

Exports

?CpaBajqdLjcbWiC@@YGDJPAJ@Z
?nyvuiilkjPmFHahvnxkmqf@@YGEPAD@Z

Sections

.text
Size: 18KB - Virtual size: 17KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.edata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 7KB - Virtual size: 87KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.xdata
Size: 76KB - Virtual size: 76KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 6KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b2aeb953a16a33bcd2d49667845aa16f

Headers

File Characteristics

PDB Paths

Imports

comdlg32

shlwapi

user32

kernel32

gdi32

comctl32

Exports

Exports

Sections

.text Size: 18KB - Virtual size: 17KB

.edata Size: 1KB - Virtual size: 1KB

.data Size: 7KB - Virtual size: 87KB

.pdata Size: 11KB - Virtual size: 11KB

.xdata Size: 76KB - Virtual size: 76KB

.rsrc Size: 6KB - Virtual size: 8KB

.reloc Size: 3KB - Virtual size: 2KB

.text
Size: 18KB - Virtual size: 17KB

.edata
Size: 1KB - Virtual size: 1KB

.data
Size: 7KB - Virtual size: 87KB

.pdata
Size: 11KB - Virtual size: 11KB

.xdata
Size: 76KB - Virtual size: 76KB

.rsrc
Size: 6KB - Virtual size: 8KB

.reloc
Size: 3KB - Virtual size: 2KB