0d04c5e79900a369695bf58489fde9f1_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

0d04c5e79900a369695bf58489fde9f1_JaffaCakes118
Size

215KB
MD5

0d04c5e79900a369695bf58489fde9f1
SHA1

a19085cacf375800caec14e82ca67180bc3721bb
SHA256

bc0dad37339fbcbdd82448db5a44de950d6b7b24d2be4686f353e3ce3df88708
SHA512

fb58c46813f50014fc8d295fd70bef3529b7058ae861e0f5a87b1ac0b15dfb74082fc7d9606dfe46b2a210ce66600593db75a779af68f05b7c6cccb1891dd7dc
SSDEEP

6144:Ju4Gs2O6jDQBV2joZxAoGqvMxusGT8gLb:3Gs2O6jEBV8cAoGkMx4TNH

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0d04c5e79900a369695bf58489fde9f1_JaffaCakes118

Files

0d04c5e79900a369695bf58489fde9f1_JaffaCakes118
.exe windows:5 windows x86 arch:x86

191b3b355a03afd0c5814a8b4e461ee5

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

L:\qhhjuvjzu\XdUxNrgaiobp\DcjbpAsaFdMgz.pdb

Imports

gdi32

UnrealizeObject
CreateDCW
SelectPalette
GetTextExtentPointW
GetMapMode
ScaleWindowExtEx
StartDocW
EndDoc
GetNearestPaletteIndex
EndPage
CreateCompatibleDC
GetPixel
EnumFontsW
CloseFigure
FillRgn
StretchBlt

msvcrt

_controlfp
__set_app_type
fprintf
__p__fmode
__p__commode
wcscoll
_amsg_exit
_initterm
_acmdln
vswprintf
isalnum
wcsstr
getc
strncmp
exit
_ismbblead
_XcptFilter
_exit
iswctype
isxdigit
swprintf
_cexit
__setusermatherr
__getmainargs

user32

TabbedTextOutW
SetParent
AdjustWindowRectEx
SetScrollRange
MapDialogRect
LoadIconA
DefDlgProcW
GetClassNameW
MapVirtualKeyA
GetUpdateRgn
DialogBoxIndirectParamW
GetMessageA
RegisterClassExA
keybd_event
wsprintfA
IsCharLowerA
CreateIconIndirect
DrawFocusRect
GetMenu
GetWindowLongW
GetClientRect
InsertMenuW
VkKeyScanA
DefWindowProcW
AllowSetForegroundWindow
SetWindowTextA
SetWindowRgn
GetCaretPos
ArrangeIconicWindows
GetScrollInfo
DragObject
ScrollWindowEx
UnionRect
KillTimer
CreateIconFromResource
TileWindows

kernel32

lstrcatW
AddAtomW
SystemTimeToFileTime
ReleaseMutex
PulseEvent
Sleep
FindResourceExA
CreateThread
CreatePipe
FindFirstFileW
TlsGetValue
IsBadStringPtrA
LCMapStringW
GetCurrentThread
GetCommTimeouts
SetFilePointer
GetStartupInfoA
GetModuleFileNameA

Exports

Exports

?InitializeCriticalSectionAndSpinCountHDhdhHGHdhds@@YGKEPA_WG@Z

Sections

.text
Size: 172KB - Virtual size: 172KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.diag_y
Size: 512B - Virtual size: 68B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.diag_x
Size: 512B - Virtual size: 28B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idat
Size: 512B - Virtual size: 392B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.div
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.plus
Size: 1024B - Virtual size: 756B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.minus
Size: 512B - Virtual size: 140B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 32KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

191b3b355a03afd0c5814a8b4e461ee5

Headers

File Characteristics

PDB Paths

Imports

gdi32

msvcrt

user32

kernel32

Exports

Exports

Sections

.text Size: 172KB - Virtual size: 172KB

.data Size: 2KB - Virtual size: 1KB

.diag_y Size: 512B - Virtual size: 68B

.diag_x Size: 512B - Virtual size: 28B

.idat Size: 512B - Virtual size: 392B

.div Size: 2KB - Virtual size: 1KB

.plus Size: 1024B - Virtual size: 756B

.minus Size: 512B - Virtual size: 140B

.rsrc Size: 32KB - Virtual size: 32KB

.reloc Size: 2KB - Virtual size: 2KB

.text
Size: 172KB - Virtual size: 172KB

.data
Size: 2KB - Virtual size: 1KB

.diag_y
Size: 512B - Virtual size: 68B

.diag_x
Size: 512B - Virtual size: 28B

.idat
Size: 512B - Virtual size: 392B

.div
Size: 2KB - Virtual size: 1KB

.plus
Size: 1024B - Virtual size: 756B

.minus
Size: 512B - Virtual size: 140B

.rsrc
Size: 32KB - Virtual size: 32KB

.reloc
Size: 2KB - Virtual size: 2KB