f91744bb961b624c71be98a1ff09da5f_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

f91744bb961b624c71be98a1ff09da5f_JaffaCakes118
Size

83KB
MD5

f91744bb961b624c71be98a1ff09da5f
SHA1

625b98c5e4b23a2286276bfbde65155c8ba25a1c
SHA256

a879e07482913182b0b8e3de3a45ea86a82429ea055933489a524a33a1f12432
SHA512

82a157a9c297b9b857157596283172153b0ae75619bea0518c46e8a69bccf843ac05c69bc1e88d89714b2696f042146624321e8e7ed1c0a2d880b5db837790b2
SSDEEP

1536:ZRK5JLqO2rOWVgIfsGh/D/CLyr6t43JHOO2vKNNv8ME00PGkzp1:ZKZQOGgSsGBaL1tIEKv8ME00uMp

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f91744bb961b624c71be98a1ff09da5f_JaffaCakes118

Files

f91744bb961b624c71be98a1ff09da5f_JaffaCakes118
.exe windows:5 windows x86 arch:x86

480220f2207add29b759a1bedbd6b982

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

P:\lujztzvapE\cydtkAdy\SXvEdrqph\wtxvAyho.pdb

Imports

gdi32

GetSystemPaletteUse
CreateBitmap
GetBkMode
DPtoLP
SetROP2
SetPixel
GetRgnBox
GetCurrentObject
CreateSolidBrush
CreateICW
StartPage
GetViewportOrgEx
EndPath

user32

PostQuitMessage
OpenInputDesktop
DialogBoxIndirectParamA
GetMenu
SetWindowLongW
EnumChildWindows
IsDlgButtonChecked
CharToOemW
GetWindowTextA
CreateWindowExW
WindowFromPoint
MessageBoxW
ModifyMenuW
DragObject
GetWindowTextLengthW
GetMessageW
InvertRect
ScrollWindowEx
TrackPopupMenuEx
RegisterClassExA
SendNotifyMessageW
DefFrameProcA
MessageBoxA
GetWindow
GetClipCursor
GetMessagePos
SetTimer
GetParent

shlwapi

PathSearchAndQualifyA
UrlGetPartW
StrToIntA
StrFormatByteSizeA
StrStrIA
ChrCmpIA

kernel32

FindNextChangeNotification
SetUnhandledExceptionFilter
lstrcpynW
GetFileInformationByHandle
GetComputerNameExW
GetVersionExW
lstrlenA
GetCommTimeouts
CompareStringW
lstrcmpiW
lstrlenW
FindFirstFileA
CreateNamedPipeW
lstrcpynA
GetLongPathNameW
SetMailslotInfo
GetNumberFormatA
GetModuleFileNameW

msvcrt

exit

ntdll

memset

Exports

Exports

?c___vxxmqf_oq_@@YGMN@Z
?_wusscmrsd@@YGMPAMG@Z
?pk__ax___wKGRNVYZP__TH@@YGNPANK@Z
?mtcNB_A_ZL@@YGIDI@Z
?toW_j_y_f_HAS__H_XSea@@YGND@Z
?Bhzbzk_wq_C@@YG_NNF@Z
?gruqspn_gy_jn@@YGDEI@Z
?s_D__s_R_@@YGEFN@Z
?BJOIXFSV_@@YGEPAGPAI@Z
?_uyoreaf_vu_sKAC_@@YGPAMGPAF@Z
?Y_rjtz_r__@@YGPAIGI@Z
?_iljhc_pdzBIKXnj_wi_u@@YGEF@Z
?k_TYBM_oqN_SLJWYOGR@@YGGHD@Z
?J_HMmyay_f_@@YGPAHM@Z
?hcZPCIm_iqohbt__h@@YGHF@Z
?U_V__nimRNMc_k@@YGGD@Z
?lfetY__RPRVWZFXmmutu_@@YGD_N@Z
?NJDx_c__pDTf@@YGIJD@Z
?lXIPJVLBqmzx_s_mz_o@@YGPAKDI@Z
?lprwt_iz__ubfr@@YGPAKMD@Z
?AIfbQUWQ_K_Dpii@@YGXF@Z
?m_e_sygQQNNAXMXOD@@YGEE@Z
?_SV_Xb_@@YGIPAJ@Z
?__sofslrlFTfsje@@YGXF@Z
?xyvpuD__YUIGc@@YGGDM@Z
?_RXoz_mqsswz_dnRBceq@@YGKNPAE@Z
?IYPHrpm_@@YGPAXPAIPAI@Z
?A_EOWUkCXP_ruh__@@YGID@Z
?urhedbMikpFrb_MM_Ec_@@YGGF@Z
?EBFDsy_y__qznvAE@@YGFNK@Z
?a_jl_ixtuGZI@@YGPAXE@Z
?jz_ga_WCISGTCG_P_YXSE@@YGXK@Z
?wjvbFRQCcn_r_J_axtmzt@@YGPAKPAG@Z
?Rubo_fypxzLR_Il@@YGFH@Z
?PEGEPN_A_DF@@YGHNE@Z
?HZN_VNpocYJC_z__t__A_J@@YGPAHPAK_N@Z
?V_JWtmxegqHSW_PsFMRK@@YGPAXPAG@Z
?g_hrgft_u@@YGPANF@Z
?vo___CFE____EEw@@YGPAIPAMN@Z
?itdIZP__YAVO_CEMNS_N@@YGKPAI@Z
?my_klbno__CW_Joz@@YGGH@Z
?j_ir_T_XVRVVvZOCXTQG@@YGDPAMD@Z
?VQJZQ_DUCOZYW@@YGPAKI@Z
?SKH_GO__XMJQ@@YGHE@Z
?B_Fqumuh_miwwb_oK_@@YGPAII@Z
?SSDB__V_ihYERE@@YGKDPAM@Z
?mcnz_jbg_NJ_FV___UF@@YGPAEG@Z
?NT_BEAKQ@@YGKN@Z
?_qr_yhlthGCQ_PQMl_SK_G@@YGJPAE@Z
?ap_pdXkdmaLROLC_M_@@YGFM@Z
?_GFsv_omce_MGVHL_QLbD_@@YGDDF@Z
?om_WFN_WqoO_X_PKEGNTKY@@YGNPAF@Z
?ubewsiP__W___OEigt_@@YGPAMFE@Z
?VQNAzIFK@@YGEPAD@Z
?jkzox_ndjdfzZ_w_B@@YGEPAK@Z
?_c_lpmTGTRA_IQ_leyBCS@@YGXK@Z

Sections

.text
Size: 53KB - Virtual size: 53KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.icode
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 140KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

480220f2207add29b759a1bedbd6b982

Headers

File Characteristics

PDB Paths

Imports

gdi32

user32

shlwapi

kernel32

msvcrt

ntdll

Exports

Exports

Sections

.text Size: 53KB - Virtual size: 53KB

.idata Size: 3KB - Virtual size: 2KB

.icode Size: 11KB - Virtual size: 11KB

.data Size: 8KB - Virtual size: 140KB

.rdata Size: 3KB - Virtual size: 2KB

.rsrc Size: 512B - Virtual size: 16B

.reloc Size: 2KB - Virtual size: 2KB

.text
Size: 53KB - Virtual size: 53KB

.idata
Size: 3KB - Virtual size: 2KB

.icode
Size: 11KB - Virtual size: 11KB

.data
Size: 8KB - Virtual size: 140KB

.rdata
Size: 3KB - Virtual size: 2KB

.rsrc
Size: 512B - Virtual size: 16B

.reloc
Size: 2KB - Virtual size: 2KB