255f8fa5eabc7dea262cfb7f6042199d_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

255f8fa5eabc7dea262cfb7f6042199d_JaffaCakes118
Size

147KB
MD5

255f8fa5eabc7dea262cfb7f6042199d
SHA1

ddc6f6e0fa52a67e0f9631225403f7e590e80c3f
SHA256

9a12ab2756bb9d70e039c5573d16a5ac117a5be7453cf02094cba8111cda1b86
SHA512

a2ac3ee41ede3066e804773f7fe5ddc0b8b925e24dee5372c1f6adc30975f6e3249aa4928235194468832c4102ab6fea80c52eab8b647853c2050a3459b5fe07
SSDEEP

3072:0lb9vaXaVTjb9A40FjjHyGla6k17YmG2a+aHg0FUmCj:07aXa9b9AHjz7la6k1EmGTJ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
255f8fa5eabc7dea262cfb7f6042199d_JaffaCakes118

Files

255f8fa5eabc7dea262cfb7f6042199d_JaffaCakes118
.exe windows:5 windows x86 arch:x86

0c0117eb64ea9925a0c9813962fcd238

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

Y:\ntfdxC\dLdoofY\wxgDylm.pdb

Imports

gdi32

CreateFontIndirectW
SelectObject
StretchDIBits
GetTextMetricsW
SetViewportOrgEx
GetRgnBox
CreatePatternBrush
EnumFontFamiliesExW
BeginPath
SetLayout
UnrealizeObject
GetCharWidth32W

kernel32

SetSystemTimeAdjustment
OpenEventW
AddAtomA
SetHandleInformation
FileTimeToLocalFileTime
HeapUnlock
GetFileAttributesExW
GetModuleHandleA
IsBadReadPtr
FindNextChangeNotification
GetSystemDirectoryW
DeviceIoControl
GetThreadTimes
CreateWaitableTimerA

user32

ValidateRect
GetDlgItemTextW
SetWindowPlacement
SetRect
BeginPaint
MapVirtualKeyW
GetNextDlgGroupItem
GetAsyncKeyState
GetShellWindow
CreateAcceleratorTableW
CopyRect
UpdateWindow
FindWindowExA
SetMenuItemBitmaps
ShowCursor
GetKeyboardLayout
MessageBoxW
TrackPopupMenuEx
MessageBoxA
DrawStateW
LoadStringW
DialogBoxParamA
GetClassLongA
CopyAcceleratorTableW
SetRectEmpty
LoadBitmapA
RegisterClassA
DialogBoxIndirectParamW
GetIconInfo

comctl32

DestroyPropertySheetPage
ImageList_Create
CreatePropertySheetPageA

Exports

Exports

?opo_mv_fmVYPO@@YGX_N@Z
?HLWG__DBCHvLF_gfgfem@@YG_NM@Z
?BXCD_qkc_yYk_p@@YGPAEG@Z
?rgtl_cwXCI_CC_G@@YGPAXK@Z
?_YWZJqGtqlpNgw_kxp_v@@YGFGK@Z

Sections

.text
Size: 90KB - Virtual size: 89KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 21KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.mdata
Size: 11KB - Virtual size: 115KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 22KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

0c0117eb64ea9925a0c9813962fcd238

Headers

File Characteristics

PDB Paths

Imports

gdi32

kernel32

user32

comctl32

Exports

Exports

Sections

.text Size: 90KB - Virtual size: 89KB

.rdata Size: 21KB - Virtual size: 20KB

.mdata Size: 11KB - Virtual size: 115KB

.data Size: 22KB - Virtual size: 21KB

.rsrc Size: 512B - Virtual size: 16B

.reloc Size: 1KB - Virtual size: 1KB

.text
Size: 90KB - Virtual size: 89KB

.rdata
Size: 21KB - Virtual size: 20KB

.mdata
Size: 11KB - Virtual size: 115KB

.data
Size: 22KB - Virtual size: 21KB

.rsrc
Size: 512B - Virtual size: 16B

.reloc
Size: 1KB - Virtual size: 1KB