2d37d4b8e29ba548c235707169edfbe2_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

2d37d4b8e29ba548c235707169edfbe2_JaffaCakes118
Size

123KB
MD5

2d37d4b8e29ba548c235707169edfbe2
SHA1

5177f93fc7faaad00a3a33d0335c3fc58aea666d
SHA256

0a18c2cf1390260ce2b0be4d61708ffbbccda02cd29cf9b9d7cff05503e2b462
SHA512

e9e1a1c1a4f085b7277501749fb4ea35f55594e1d4732f4f33ee9c61d5d87340ccf0cd920508ddf8d98b45b69dadceeecf4da36c515261aa6a76902efef08ddf
SSDEEP

3072:744IRX91ssOPbqEQT0QAYP4T7alimC5fGt3I3pNwP:04c7obqrgT2DC5+tYZ2

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2d37d4b8e29ba548c235707169edfbe2_JaffaCakes118

Files

2d37d4b8e29ba548c235707169edfbe2_JaffaCakes118
.dll windows:5 windows x86 arch:x86

5d20ae8b7a8293afaffe48f65faac613

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

U:\kwomzXxzLFnnHSwk\vCFKwyxRmaetzgfcp\PlUdEttzgLtxnkeNf\iPumalezArbNal\uTVqhuNgkzqtjjlowIuha\ickwpXhyTggmjdbz\pvdaGudrmzpxXsvv\swbmuWpRqKap.pdb

Imports

gdi32

CreateBitmapIndirect
TextOutW
SetDIBits
GetObjectA
GetDIBColorTable
SetBkMode
GetTextExtentPointW
ResizePalette
SetBkColor
SetStretchBltMode
GetDIBits
CreateDIBitmap

comctl32

ImageList_AddMasked
ImageList_Read
ImageList_ReplaceIcon
ImageList_Draw

shell32

ord196
ord195

kernel32

SetEndOfFile
GetShortPathNameA
QueryDosDeviceW
TerminateThread
IsBadReadPtr
GetModuleHandleW
QueryPerformanceCounter
RaiseException
GetTimeZoneInformation
lstrcpyW
GetSystemDirectoryA
CallNamedPipeW
FindResourceExW
GlobalMemoryStatusEx
SetEvent

shlwapi

StrChrIW

user32

DrawIcon
wsprintfA
MoveWindow
GetCursorPos
RedrawWindow
OffsetRect
DestroyCursor
TrackPopupMenu
IsDlgButtonChecked
CopyRect
ShowWindowAsync
IsDialogMessageW
MapDialogRect
EndPaint
LoadIconA
CreatePopupMenu
GetKeyState
SetWindowLongW
wvsprintfA
InflateRect
GetWindowTextA
KillTimer
MessageBoxA
GetMenuStringA
ArrangeIconicWindows
CharUpperBuffA
LoadBitmapA
InsertMenuW
GetForegroundWindow
IsCharAlphaNumericW

Exports

Exports

AlphaBlend
?DufiluIOQF67uiofYIFYfUFyf@@YGKEPA_WG@Z

Sections

.text
Size: 65KB - Virtual size: 65KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 28KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.mdata
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 15KB - Virtual size: 154KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

5d20ae8b7a8293afaffe48f65faac613

Headers

File Characteristics

PDB Paths

Imports

gdi32

comctl32

shell32

kernel32

shlwapi

user32

Exports

Exports

Sections

.text Size: 65KB - Virtual size: 65KB

.rdata Size: 28KB - Virtual size: 28KB

.mdata Size: 11KB - Virtual size: 11KB

.data Size: 15KB - Virtual size: 154KB

.rsrc Size: 512B - Virtual size: 16B

.reloc Size: 1KB - Virtual size: 1KB

.text
Size: 65KB - Virtual size: 65KB

.rdata
Size: 28KB - Virtual size: 28KB

.mdata
Size: 11KB - Virtual size: 11KB

.data
Size: 15KB - Virtual size: 154KB

.rsrc
Size: 512B - Virtual size: 16B

.reloc
Size: 1KB - Virtual size: 1KB