1bdf452acbad23b6e7436fb775718af3_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

1bdf452acbad23b6e7436fb775718af3_JaffaCakes118
Size

219KB
MD5

1bdf452acbad23b6e7436fb775718af3
SHA1

237309bd1cf3d12f4a4700169770ca4046dd97e7
SHA256

42407d516e3e2042cb630d44ad041703d1897dbcea62c1112fada25fca14d9e4
SHA512

e0b9e8e2b9e3825e96a856d4d4f0438589487482677fbeda65208bb0660099d1b0e11060f7333af784eff66f93ce080513192a64f6bb57485150df81ec931006
SSDEEP

6144:5irWUbhTqIc0Amjf5sI1j1ZY595Us92UwTs2yC:MlhTqIcDmr5P1Y5vlas2y

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1bdf452acbad23b6e7436fb775718af3_JaffaCakes118

Files

1bdf452acbad23b6e7436fb775718af3_JaffaCakes118
.exe windows:5 windows x86 arch:x86

add01f7424a8e4136f349824f2f22974

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

N:\Qsqav\tpYnlx\oFlosnLc\yeua\ymjtC.pdb

Imports

comdlg32

GetSaveFileNameA
GetSaveFileNameW
PageSetupDlgW
ReplaceTextW

kernel32

GetCurrentProcess
lstrcatA
GlobalGetAtomNameW
GetCurrentProcessId
IsValidLocale
GetComputerNameA
LoadLibraryA
GetFileTime
IsBadReadPtr

gdi32

PatBlt
DeleteDC
CreateDiscardableBitmap
SelectClipRgn
OffsetRgn
SetViewportExtEx

shlwapi

PathFindExtensionA

user32

SetClassLongW
IsCharLowerW
SetScrollRange
DrawCaption
GetMessageExtraInfo
GetIconInfo
GetWindowTextLengthW
ShowCursor
wvsprintfW
GetWindowDC
OemToCharA
OemToCharBuffA

Exports

Exports

?FI_UZagqml___@@YGXHH@Z
?OorCKMH_Wd@@YGHPAF@Z
?ITIID_v_@@YGHPAJPAJ@Z
?OKNQ__or@@YGPAKPA_N@Z
?cvgl__qrZuj_t_ijos_@@YGPAXEPAM@Z
?RJCWOIJRFAYukh_vbiRJ_N@@YGPANMD@Z
?_vbSBTXDVQRDDEHGVJVBB@@YGXI@Z
?EOS_UURK_@@YGKH@Z
?WbmunaV__aonS@@YGNPAIH@Z
?r_ex_WfVLCkSLT@@YGPAEDPAJ@Z
?zxtuiidvI_VEWIR__H@@YGPAIJD@Z
?zg_oqbASLK_BMYCNATEE@@YGHD@Z
?_VFKY_YcnuebMYDY@@YGXEPAK@Z
?_FLAA_jto_rh_rdgc_JTC@@YGPAKPAJ_N@Z
?lKGRDdIUExf____iuub@@YGIJPAK@Z
?_V_DPFFA_UUFdjod_@@YGPAJFD@Z
?C_BCXFNFTRYX_Tzbw__@@YGPAMIE@Z
?_tlibVKeR@@YGDIE@Z

Sections

.text
Size: 103KB - Virtual size: 102KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

DATA1
Size: 33KB - Virtual size: 33KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

DATA2
Size: 76KB - Virtual size: 239KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

add01f7424a8e4136f349824f2f22974

Headers

File Characteristics

PDB Paths

Imports

comdlg32

kernel32

gdi32

shlwapi

user32

Exports

Exports

Sections

.text Size: 103KB - Virtual size: 102KB

.rdata Size: 1KB - Virtual size: 1KB

.data Size: 2KB - Virtual size: 2KB

DATA1 Size: 33KB - Virtual size: 33KB

DATA2 Size: 76KB - Virtual size: 239KB

.rsrc Size: 512B - Virtual size: 16B

.reloc Size: 1KB - Virtual size: 1KB

.text
Size: 103KB - Virtual size: 102KB

.rdata
Size: 1KB - Virtual size: 1KB

.data
Size: 2KB - Virtual size: 2KB

DATA1
Size: 33KB - Virtual size: 33KB

DATA2
Size: 76KB - Virtual size: 239KB

.rsrc
Size: 512B - Virtual size: 16B

.reloc
Size: 1KB - Virtual size: 1KB