21bcb72e9e832407755da9a5ea2dc044_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

21bcb72e9e832407755da9a5ea2dc044_JaffaCakes118
Size

223KB
MD5

21bcb72e9e832407755da9a5ea2dc044
SHA1

db8afa6d270409b3f3f006d7f4d8f95bcf6ae05d
SHA256

e6f06113045160eb2af0b84ea54f9e8206b0635c2e5ef07438a5c87b1b252a1d
SHA512

2baf9a302bcd58941fd47b293fe4ca56bd4251d46e6d27780d2283ed91c2ecf7fd545fa40e2d9aeee3445b8f969a3cf2c21563b84a763eafc61271e1b1569008
SSDEEP

6144:J7d33Z/y2WZM2Xju5um2+rov3YVYzy7s:jZalM2zO2+rovYWy

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
21bcb72e9e832407755da9a5ea2dc044_JaffaCakes118

Files

21bcb72e9e832407755da9a5ea2dc044_JaffaCakes118
.exe windows:5 windows x86 arch:x86

743bdb1559255332ff7b4ff5b4e7a0a7

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

H:\soKnQuZLObs\olzoSLnRrcexyfplsdM\FxFeozXNzacukS\EqXrluJuQrtfMlqg\tLtVkjtHbXqzsgJsOpccv\bolARiZfDbywgzQkdnys.pdb

Imports

shlwapi

StrChrIW

user32

GetDCEx
CharLowerA
RegisterClassExW
DispatchMessageA
GetDC
CheckDlgButton
LoadImageW
WaitForInputIdle
GetMenuItemID
GetScrollPos
CharToOemBuffA
ClientToScreen
MapDialogRect
DefWindowProcA
FindWindowA
TranslateAcceleratorW
GrayStringW
GetMessageExtraInfo
SetTimer
ChildWindowFromPoint
SetMenuItemInfoW
SetRect
IsCharAlphaNumericW
CharUpperA
LoadMenuW
SetActiveWindow
MapVirtualKeyExW
GetMenuItemRect
ToUnicodeEx
LoadBitmapW

comctl32

ImageList_Destroy
ImageList_GetIcon
CreateStatusWindowW
ImageList_Write

comdlg32

GetSaveFileNameA
PageSetupDlgW
ChooseFontW
FindTextW

kernel32

LoadLibraryW
TlsSetValue
HeapValidate
SetupComm
DisconnectNamedPipe
GetModuleHandleW
MapViewOfFile
OpenEventW
GetVersion
FindResourceExW
lstrcpyW
RemoveDirectoryW
UnlockFile
GetFullPathNameA
GetFullPathNameW
FileTimeToSystemTime

gdi32

GetTextExtentPointA
Rectangle
SetBrushOrgEx
RemoveFontResourceW
Ellipse
MoveToEx
SetBitmapDimensionEx
CreateRectRgnIndirect
EnumFontFamiliesW
GetCurrentObject
SetDIBitsToDevice
SetViewportExtEx

shell32

ord196
ord195

Exports

Exports

?DufiluIOQF67uiofYIFYfUFyf@@YGKEPA_WG@Z

Sections

.text
Size: 102KB - Virtual size: 102KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 70KB - Virtual size: 69KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.mdata
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 35KB - Virtual size: 195KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

743bdb1559255332ff7b4ff5b4e7a0a7

Headers

File Characteristics

PDB Paths

Imports

shlwapi

user32

comctl32

comdlg32

kernel32

gdi32

shell32

Exports

Exports

Sections

.text Size: 102KB - Virtual size: 102KB

.rdata Size: 70KB - Virtual size: 69KB

.mdata Size: 12KB - Virtual size: 11KB

.data Size: 35KB - Virtual size: 195KB

.rsrc Size: 512B - Virtual size: 16B

.reloc Size: 1KB - Virtual size: 1KB

.text
Size: 102KB - Virtual size: 102KB

.rdata
Size: 70KB - Virtual size: 69KB

.mdata
Size: 12KB - Virtual size: 11KB

.data
Size: 35KB - Virtual size: 195KB

.rsrc
Size: 512B - Virtual size: 16B

.reloc
Size: 1KB - Virtual size: 1KB