28b48acdf5a36f3efcf6884be759198c_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

28b48acdf5a36f3efcf6884be759198c_JaffaCakes118
Size

86KB
MD5

28b48acdf5a36f3efcf6884be759198c
SHA1

68cde752ec1a1da23af2c4dcef0678456b042258
SHA256

4bea6df36a87e969dc125972ae97ec5fec0da6243acce8294c538175abcf53f7
SHA512

31becd6ee2aa941256f6221084ef79a137d14bdcbed22f5052361bf5b93a38907b5bf61789c1281046dd35d7f90338229bb359fc5387744b8f57d800dc623e0a
SSDEEP

1536:nRqbnu4TSC6Wha1mEHrxeFM8nfrsApGjNhm7MguU/0EN+Bj1PJdu6I2T9Dq:RqbuISC6Sy3L6MiQ7jNs7MsuRdu6IsDq

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
28b48acdf5a36f3efcf6884be759198c_JaffaCakes118

Files

28b48acdf5a36f3efcf6884be759198c_JaffaCakes118
.exe windows:5 windows x86 arch:x86

7c2cefcb9e337df734a13878e0b754a0

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

F:\vAew\Dcbbwaj\vhwF\zpvllS.pdb

Imports

shlwapi

StrSpnA
StrToIntA
PathCanonicalizeW
UrlUnescapeA

gdi32

WidenPath
PtVisible
SetViewportOrgEx
StartPage
LPtoDP
EndPath
GetSystemPaletteEntries
SetDIBColorTable
OffsetRgn
SetLayout
CreateFontA
GetCharWidth32W

user32

GetMessageA
DestroyMenu
MessageBoxExW
RemovePropW
GetCursorPos
GetScrollPos
SetForegroundWindow
EnableWindow
SetLastErrorEx
IsIconic
ShowOwnedPopups
DialogBoxParamW
GetMessagePos
CopyAcceleratorTableW
ArrangeIconicWindows
CharLowerW
MapVirtualKeyExW
SetScrollPos
InvalidateRgn
GetMessageTime
SetPropW
GetUpdateRect
LoadStringA
EnableMenuItem
GetClassInfoA
ShowScrollBar
GetWindowTextA
SetUserObjectInformationW

kernel32

CopyFileA
GetTimeFormatA
lstrcatA
ResumeThread
AddAtomW
GetFileAttributesExW
SetPriorityClass
GetDateFormatW
CreateRemoteThread
UnmapViewOfFile
CreateSemaphoreA
GlobalLock
TlsSetValue
SetThreadContext
lstrlenW
lstrcpynW
lstrcmpiW

comctl32

ImageList_Read
PropertySheetA
CreatePropertySheetPageW

comdlg32

PrintDlgExW
GetSaveFileNameA
GetOpenFileNameW

Exports

Exports

?uvwg_aR_W_Xj_dRE_NE@@YG_NPAI@Z
?CTTIM__lr@@YGJE@Z
?sOYPM_p@@YGEPAFG@Z
?M_PNKAph_yfxwUN@@YGJ_ND@Z
?_yusnXNQ_WGTVW_Xsu@@YGMI@Z
?__FXNODPT_roveDT@@YGHE@Z
?vkguLLNWE@@YGDMK@Z
?k_d_n_mD_@@YGPAEPAJ@Z
?NAEURIXSTD_NQQfr@@YGEFE@Z
?j_oba_d_c_affwoH@@YGPAKFM@Z
?f_auwbtOSL__NDCPAN_MQZ@@YGPAKPAF@Z
?am_moOLYWA_Pka_BJT_K@@YGEPAF@Z
?onvx__qYYAJf_ukbx_jr@@YGPAGG@Z
?EDNMURef__kx@@YGPAFH@Z
?qeFGAIswU_SGQAO@@YGMH@Z
?iLSL_ex___@@YGXPAG@Z
?_X___H__hkwgUcehDmv@@YGXK@Z
?e_et_rh@@YGHPAD@Z

Sections

.text
Size: 48KB - Virtual size: 179KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.xdata
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 8KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

7c2cefcb9e337df734a13878e0b754a0

Headers

File Characteristics

PDB Paths

Imports

shlwapi

gdi32

user32

kernel32

comctl32

comdlg32

Exports

Exports

Sections

.text Size: 48KB - Virtual size: 179KB

.data Size: 16KB - Virtual size: 15KB

.xdata Size: 8KB - Virtual size: 7KB

.rdata Size: 2KB - Virtual size: 2KB

.rsrc Size: 8KB - Virtual size: 12KB

.reloc Size: 2KB - Virtual size: 1KB

.text
Size: 48KB - Virtual size: 179KB

.data
Size: 16KB - Virtual size: 15KB

.xdata
Size: 8KB - Virtual size: 7KB

.rdata
Size: 2KB - Virtual size: 2KB

.rsrc
Size: 8KB - Virtual size: 12KB

.reloc
Size: 2KB - Virtual size: 1KB