2a8bab00f79f3c654c55dc581fdcdc03_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

2a8bab00f79f3c654c55dc581fdcdc03_JaffaCakes118
Size

134KB
MD5

2a8bab00f79f3c654c55dc581fdcdc03
SHA1

a98bd355529470099808d09be3eda50ea1c270c2
SHA256

179f4bcfbe9ce0871bcbfbc317e783a22e6f0ec320bb17f31d3a9c60a063dea0
SHA512

b74de3c86796639b9788176482d6da0f14157a2de18bce6640e76a848232079c7350750574aa3171a368433e387f4d6ac30341aac45d4530372f3b9633d3bf7f
SSDEEP

3072:cVznm26x4CJmcMFtJakH0gK9psOOlOnD+lzywmA:qU9JvSFEnOlMKJDm

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2a8bab00f79f3c654c55dc581fdcdc03_JaffaCakes118

Files

2a8bab00f79f3c654c55dc581fdcdc03_JaffaCakes118
.exe windows:5 windows x86 arch:x86

ee5980706d229ccf79b85a6564a65e1f

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

Q:\XAOchwqVpQpvindjOs\RvjzbhabktGChgktwgwgb\ojjCupJesus\shkISYyYljyUidyczY\GgyMkpQIukSfimaYPbg\kvxXrGwwskbjtegemcP\txYibaaewxoXVhds\DcyaNpkragfqhOg.pdb

Imports

comctl32

CreateStatusWindowW
ImageList_ReplaceIcon
ImageList_GetIconSize
PropertySheetA
ImageList_Write

ntdll

memset

user32

DrawTextExW
GetMenuCheckMarkDimensions
FillRect
AllowSetForegroundWindow
SetWindowTextA
keybd_event
CreateIconFromResource
IsIconic
wvsprintfW
GetKeyboardType
OemToCharA
TrackPopupMenu
LoadBitmapW
PeekMessageA
GetClientRect
TrackPopupMenuEx
SetUserObjectInformationW
ChangeMenuW
IsWindowUnicode
CascadeWindows
GetMenuItemRect
EnableMenuItem
LoadStringW
ArrangeIconicWindows
LoadMenuA
MonitorFromRect
CharUpperBuffW
CallWindowProcA
InternalGetWindowText
GetCursorPos

gdi32

SetWindowExtEx
GetBkMode
CreateDCW
CreateFontIndirectA
CreatePen
CreateICW
SetBitmapBits
StartPage
GetDIBColorTable
ScaleViewportExtEx
CreateBitmap
CreatePenIndirect

shlwapi

UrlGetPartW

kernel32

GetAtomNameA
EnumSystemLocalesA
lstrcatA
CompareStringW
GetUserDefaultLCID
LoadLibraryW
FindResourceExA
CreateSemaphoreA
VirtualProtect
SetMailslotInfo
LocalAlloc
CreateRemoteThread
QueryDosDeviceW
lstrlenW
DefineDosDeviceW
SetThreadAffinityMask

Exports

Exports

?_NKZW_C_UvtTVGDm@@YGMJE@Z
?S_TTTPV____e_fn_tuowi@@YG_NM@Z
?TN_X_ZBNKLUTJGM@@YGPAXEPAE@Z
?dhmdln_IOX@@YGHN@Z
?unxkez_g@@YGDEPAJ@Z
?CMDF__TDHNz@@YGPADPADPAD@Z
?Lb_dngh_ai_e_ky_yGIPOS@@YGPAEF@Z
?_kqMM_sbucuwdxbb_v@@YGNF@Z
?SXpydnczpyVOWCm_x@@YGEEK@Z
?XZLDPQTUSL@@YGXPAEG@Z
?__orHHVDAMDFqk_COKC_@@YGPAIEJ@Z
?gjhbZYE_E@@YGPAMPAJ@Z
?dqnvvwvthorbqvv@@YGXH@Z
?hq_sw_y__w___mUwh@@YGXG@Z
?_qlcnxJnvloq@@YGPAMPAGPAK@Z
?VUnmbvm_@@YGXIK@Z
?A__UKILT_R_ewcbq@@YGFJE@Z
?p_ktit_I_YDMLy_q_J_D@@YGXPAMJ@Z
?RX_CLhko_kc_luoin__n@@YGJG@Z
?d_o_wL_@@YGDD@Z
?GiNORXu@@YGEPAKK@Z
?nokajajJeegihLE_X_T_P_@@YGPAXN@Z
?wzizfe_mqwv_cgc@@YGFDPAG@Z
?VEdbhBMLGNGGUO_AL@@YGPAGFM@Z
?do_qLKUJPZ_Oqewk_WQN@@YGXJPAH@Z
?x_UHlofcqphu@@YGPAXPAJK@Z
?PXWXJP__JA__GKKYL_NGS@@YGPAGPAM@Z
?koCMQWDGa_S_GRCeaYW@@YGPAXG@Z
?_efzex___xyNW_OWL__@@YGXFH@Z
?h_tcxmJEULTD@@YGJ_N@Z
?_c_xuwhW@@YGKEI@Z
?hp_uy_TIJZ@@YGXN@Z
?xawd_tfmlco_jwo@@YGPAMPAI@Z
?glhz_aLB_RKLWomtjiq_@@YGPAXM@Z
?_N__NUpnv_@@YGDPAJ@Z
?X_Rrtoxt_y_o_inLCQ_SM@@YGPADPAKJ@Z
?ig_zsmSOXF@@YGPAIIPAJ@Z
?NU_JITd_uwjv_kbxTT_@@YGPADH@Z
?bfig_uIe@@YGHI_N@Z
?yth_OYTT@@YGPAKPAI@Z
?ef_Axzi_aoHNDh_m@@YGJKJ@Z
?HSTd_Q_BPHJZLY@@YGFPAEF@Z
?SKKN____PnkxdxywQ_RRPG@@YGPAHFM@Z
?EQLSPZW_CPNAWPXWHSR@@YGHH@Z

Sections

.text
Size: 90KB - Virtual size: 89KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 499B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 30KB - Virtual size: 165KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ee5980706d229ccf79b85a6564a65e1f

Headers

File Characteristics

PDB Paths

Imports

comctl32

ntdll

user32

gdi32

shlwapi

kernel32

Exports

Exports

Sections

.text Size: 90KB - Virtual size: 89KB

.rdata Size: 512B - Virtual size: 499B

.idata Size: 9KB - Virtual size: 9KB

.data Size: 30KB - Virtual size: 165KB

.rsrc Size: 512B - Virtual size: 16B

.reloc Size: 2KB - Virtual size: 2KB

.text
Size: 90KB - Virtual size: 89KB

.rdata
Size: 512B - Virtual size: 499B

.idata
Size: 9KB - Virtual size: 9KB

.data
Size: 30KB - Virtual size: 165KB

.rsrc
Size: 512B - Virtual size: 16B

.reloc
Size: 2KB - Virtual size: 2KB