2f5007c2754b56f7fefbabc9e6e0447e_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

2f5007c2754b56f7fefbabc9e6e0447e_JaffaCakes118
Size

223KB
MD5

2f5007c2754b56f7fefbabc9e6e0447e
SHA1

862b4699931d708d8f044e1b61d58975b1d9d31a
SHA256

47830a40241508e740de9e02cf901b2529a8ce20954dae02cf2e95b9c7ecb202
SHA512

e16e23f1e7fc54bdd78f7e3f08335894ff5c822599924f7bf6b18ee230dc48870be9f142abfb27be847daa0ee0648e0ba2678d27b0ec7f43687f4382c14f5bd0
SSDEEP

6144:DR87+0pEuf3cU1sa4wyVXG73P+EDhk0CpKjRcVlhdx+:DRl0H0U15vyVwN9YpKulhd

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2f5007c2754b56f7fefbabc9e6e0447e_JaffaCakes118

Files

2f5007c2754b56f7fefbabc9e6e0447e_JaffaCakes118
.exe windows:5 windows x86 arch:x86

a165d8ded8ad4c0cbfd604030dfef78b

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

I:\mpzqFFwg\npsw\bysoq.pdb

Imports

user32

CreateIconFromResource
IsDialogMessageW
DrawCaption
GetDialogBaseUnits
ValidateRect
PostThreadMessageW
CheckMenuItem
IsCharLowerW
AdjustWindowRect
UpdateWindow
LoadAcceleratorsA
BeginDeferWindowPos

shlwapi

PathFindExtensionA

gdi32

SelectPalette
RoundRect
CreateSolidBrush
CreatePolygonRgn
SetWindowExtEx
CreateBrushIndirect

kernel32

CreateThread
GetCompressedFileSizeW
SuspendThread
GetCurrentProcessId
lstrcatA
GlobalHandle
GlobalGetAtomNameW
AddAtomW
GetCurrentProcess
InitializeCriticalSection

comctl32

CreateToolbarEx
PropertySheetW
ImageList_LoadImageW
ImageList_GetImageCount

Exports

Exports

?Imgzxi__tRQ_W@@YGEPAG@Z
?zwzSHJcPe@@YGPAXN@Z
?yhnxcl_vhn@@YGHHG@Z
?C_SXNJGKMQ@@YGPAXPAE@Z
?HUXVKFHUJPQN@@YGEPA_N@Z
?xyIVMTGJHQQ_XBXwSRrv_g@@YGPAJF@Z
?E_ODAGEIstwr_j_yv_na@@YGPAFFM@Z
?KS_YSSFNK_P_@@YGXPAG@Z
?YZApieeadtgjj_i@@YGFGPAJ@Z
?bG_RHEBJSVSmwt_fQRTG_t@@YGXF@Z
?_C_Cmrmymv_qh@@YGPAXG@Z
?_LTRHJy_xru_pcnwz_E@@YGGNM@Z
?rzrjenhaA_tm@@YGPAHPAIF@Z
?fnovr_UR_KBipze@@YGFPAJ@Z
?K_Q_KFEJR_Kdcq@@YGPAJI@Z
?s_B_ETOQ_rfcl_droykzp@@YGFJ@Z
?ze_pb_syxtbfI@@YGPAFPAN@Z

Sections

.text
Size: 105KB - Virtual size: 104KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 1024B - Virtual size: 987B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

DATA1
Size: 34KB - Virtual size: 33KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

DATA2
Size: 77KB - Virtual size: 240KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a165d8ded8ad4c0cbfd604030dfef78b

Headers

File Characteristics

PDB Paths

Imports

user32

shlwapi

gdi32

kernel32

comctl32

Exports

Exports

Sections

.text Size: 105KB - Virtual size: 104KB

.rdata Size: 1024B - Virtual size: 987B

.data Size: 3KB - Virtual size: 2KB

DATA1 Size: 34KB - Virtual size: 33KB

DATA2 Size: 77KB - Virtual size: 240KB

.rsrc Size: 512B - Virtual size: 16B

.reloc Size: 1KB - Virtual size: 1KB

.text
Size: 105KB - Virtual size: 104KB

.rdata
Size: 1024B - Virtual size: 987B

.data
Size: 3KB - Virtual size: 2KB

DATA1
Size: 34KB - Virtual size: 33KB

DATA2
Size: 77KB - Virtual size: 240KB

.rsrc
Size: 512B - Virtual size: 16B

.reloc
Size: 1KB - Virtual size: 1KB