2880d9cb54d2f146b388ba78a023ff85_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

2880d9cb54d2f146b388ba78a023ff85_JaffaCakes118
Size

227KB
MD5

2880d9cb54d2f146b388ba78a023ff85
SHA1

b2a7f2e42eb3da11951269d0b3749c33c69949db
SHA256

5634dbeae32cac1541561e69aa924af9b10f13e707539766a767553bd994e179
SHA512

9422c6342f51631ba8c97c8586bb49445188d34eb25b9fc5e2815da27b824fd38a5e6db710e34af709c98744b0d17d797c7b597b3643583dc6b80baeee4af7e5
SSDEEP

6144:jVbu/GbFUqgWWMxlA2ZG5LK91fjwSkVMpVEQobXV:U/4JvzT17JQSGQ6

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2880d9cb54d2f146b388ba78a023ff85_JaffaCakes118

Files

2880d9cb54d2f146b388ba78a023ff85_JaffaCakes118
.exe windows:5 windows x86 arch:x86

b3adae3b2dfa999bfc058a8c3aba1707

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

T:\lvvhofklxnbkUnFCCJnmzH\zJeyPuvncHeixLoqYIroa\UkuYfkasqtGTBfjxi\aLyTsukknePjaxtvcKvhq\bEgsJCoqOjYBzhwfGOrv\TaIVoqhSfanl.pdb

Imports

shlwapi

StrChrNW
StrCpyNW

kernel32

CreateEventA
FindResourceExW
TlsGetValue
GetFileType
OpenFile
GetProcessHeap
FileTimeToDosDateTime
SetHandleCount
GetTempPathW
ClearCommError
HeapFree
WaitForSingleObjectEx
GetModuleFileNameW
LocalLock
HeapAlloc
FindNextFileW
GetModuleHandleW
FlushFileBuffers

user32

LoadMenuA
MessageBoxExW
CheckDlgButton
PeekMessageA
OffsetRect
SetRect
ValidateRect
CharUpperA
GetMenuCheckMarkDimensions
GetClassInfoExA
SetClassLongW
DialogBoxParamA
BringWindowToTop
UpdateWindow
ArrangeIconicWindows
SetForegroundWindow
DrawStateA
MapVirtualKeyW
WindowFromPoint
CharUpperW
DispatchMessageW
InflateRect
EqualRect
GetKeyboardType
LoadMenuW
GetWindowPlacement
CharLowerA
SetScrollInfo

comctl32

ImageList_Destroy
ImageList_AddMasked
ImageList_Create
ImageList_GetIconSize
ImageList_Remove

gdi32

GetWindowOrgEx
CreatePalette
GetTextMetricsA
ExtTextOutA
EnumFontFamiliesExW
GetCharWidth32W
DeleteDC
CreateCompatibleDC
CreateRoundRectRgn
SetPixel
SelectClipRgn
StretchBlt

Exports

Exports

?DufiluIOQF67uiofYIFYfUFyf@@YGKEPA_WG@Z

Sections

.text
Size: 104KB - Virtual size: 104KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 71KB - Virtual size: 71KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.mdata
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 36KB - Virtual size: 200KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b3adae3b2dfa999bfc058a8c3aba1707

Headers

File Characteristics

PDB Paths

Imports

shlwapi

kernel32

user32

comctl32

gdi32

Exports

Exports

Sections

.text Size: 104KB - Virtual size: 104KB

.rdata Size: 71KB - Virtual size: 71KB

.mdata Size: 11KB - Virtual size: 11KB

.data Size: 36KB - Virtual size: 200KB

.rsrc Size: 512B - Virtual size: 16B

.reloc Size: 1KB - Virtual size: 1KB

.text
Size: 104KB - Virtual size: 104KB

.rdata
Size: 71KB - Virtual size: 71KB

.mdata
Size: 11KB - Virtual size: 11KB

.data
Size: 36KB - Virtual size: 200KB

.rsrc
Size: 512B - Virtual size: 16B

.reloc
Size: 1KB - Virtual size: 1KB