2981ce584e362696122d81f25b22da59_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

2981ce584e362696122d81f25b22da59_JaffaCakes118
Size

148KB
MD5

2981ce584e362696122d81f25b22da59
SHA1

e9cd473219e0251a4ae9a584d3c99167734275ed
SHA256

2db61d81efcb179cd279b3dddf29fb43e50cf5fb2c7b473fc76c3d30f39ba267
SHA512

fc056a6c32d62eeccbe9d6c40ba41262aaa226239cc1113a5353fbaaa7daefccd60e23649742425b2ba90784871f68e267efa8f0d7fdbdf6573aaf4f8a47c970
SSDEEP

3072:OGi+CelqMCFVC733jPAOQzQbs+OP46pzlbeSxv9pmw9:OGi+UhVmHjPmz0OP4Oppvzh

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2981ce584e362696122d81f25b22da59_JaffaCakes118

Files

2981ce584e362696122d81f25b22da59_JaffaCakes118
.exe windows:5 windows x86 arch:x86

f686bc8cf6d4b33dbeffba9bec5b1654

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

A:\WwwfLyd\aArGXJev\SepqjqFh\njfacgpy.pdb

Imports

comdlg32

PageSetupDlgW
GetOpenFileNameA
GetSaveFileNameA

user32

TabbedTextOutW
ShowWindowAsync
SetWindowLongA
SetWindowLongW
EqualRect
SetWindowTextA
SystemParametersInfoW
MonitorFromRect
IsWindowEnabled
ArrangeIconicWindows
UpdateWindow
wsprintfA
EnableScrollBar
PostThreadMessageW
AppendMenuW
GetWindow
CreateIconIndirect
OpenInputDesktop
GetKeyNameTextW
GetKeyboardLayoutNameW
LoadMenuW
IsWindow
CheckDlgButton
GetPropW
IsMenu
VkKeyScanW
GetMessagePos
GetDialogBaseUnits
SetScrollPos

ole32

OleUninitialize
OleInitialize

gdi32

GetTextColor
GetDIBits
OffsetViewportOrgEx
CreateDIBSection
CreateBrushIndirect
DeleteDC
SetPixel
SelectPalette
CreateFontIndirectA
SetWindowExtEx
TextOutA
CreatePalette

comctl32

ImageList_GetIcon
CreatePropertySheetPageA
PropertySheetA

kernel32

GetDateFormatA
GetCompressedFileSizeW
HeapReAlloc
SetThreadLocale
lstrcatW
GetTimeFormatA
CancelIo
GetSystemDefaultUILanguage
CompareStringA
SetUnhandledExceptionFilter
SetErrorMode
SetTimerQueueTimer
CreateEventW

Exports

Exports

?SQBTrNb_bi_eDAS_B__e@@YGGMPAE@Z
?xqvO_A__@@YGFEPAE@Z
?_LpI_ML@@YGFGG@Z
?_sfvco_rjIRDA_Oecc@@YGMD@Z
?jpbd_ouu_b_gcdlm_ifxq@@YGKG@Z
?hmR_SS_vw@@YGDEI@Z
?jvcW_BHVUkyFOJE_@@YGXPA_NPAJ@Z
?_NLV__j@@YGJMPAI@Z
?_aoEPJ_UAkiqePQDLVlxwp@@YGPAXM@Z
?V_OQI_L___F@@YGXPAM@Z
?MpegZMKL@@YGIKM@Z
?OU_UARCWT@@YGXH@Z
?V_IeCFRBE_n_VGU@@YGHJPAH@Z
?S_KJ___x@@YGPADH@Z
?_rz__pa_nE_MN@@YGXPAMPAK@Z
?_JMhWN_WE_XcW_@@YGPAH_NM@Z
?UXDOx___vP__G__@@YGPAGGPAH@Z
?X_lgmnbsONVjUQ_@@YGHPANPAE@Z

Sections

.text
Size: 90KB - Virtual size: 89KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 21KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.mdata
Size: 11KB - Virtual size: 114KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 23KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f686bc8cf6d4b33dbeffba9bec5b1654

Headers

File Characteristics

PDB Paths

Imports

comdlg32

user32

ole32

gdi32

comctl32

kernel32

Exports

Exports

Sections

.text Size: 90KB - Virtual size: 89KB

.rdata Size: 21KB - Virtual size: 20KB

.mdata Size: 11KB - Virtual size: 114KB

.data Size: 23KB - Virtual size: 22KB

.rsrc Size: 512B - Virtual size: 16B

.reloc Size: 1KB - Virtual size: 1KB

.text
Size: 90KB - Virtual size: 89KB

.rdata
Size: 21KB - Virtual size: 20KB

.mdata
Size: 11KB - Virtual size: 114KB

.data
Size: 23KB - Virtual size: 22KB

.rsrc
Size: 512B - Virtual size: 16B

.reloc
Size: 1KB - Virtual size: 1KB