390949e91344a9d22bec321bf18082a4_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

390949e91344a9d22bec321bf18082a4_JaffaCakes118
Size

149KB
MD5

390949e91344a9d22bec321bf18082a4
SHA1

9020a79154032de698fb7d234f79656fdf9c173b
SHA256

d3b816b466891e1af3d8bec1fec8f1187f9d70a5cec995ec973e5d27a3c6b789
SHA512

a3f2a4612c41b4fa809396df6e28d54ea9116d9a5d93c8c4cb7c576a0b68a0dace38e93c9f86727aa1aa028025492ac4e2f8102c5dbd8f9d6bd8c4f8e3f40459
SSDEEP

3072:5ULV0Pt1WVSVwj9FiKvR1SxHT7Qocdbl/lrtAhGWR5NYwpRh6i+dxbM:mLuCQVwj9EUiPcllXAXNYwp+5

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
390949e91344a9d22bec321bf18082a4_JaffaCakes118

Files

390949e91344a9d22bec321bf18082a4_JaffaCakes118
.exe windows:5 windows x86 arch:x86

f0abedf687170e1d280d666ffbd53de2

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

M:\tsurykerPECiOKnGJ\AqeYIrJIKUFk\nJMbamCoUZeMXTIo\vpgLutibvOPcxlpfBiscxy\hjnznhXfywnmrzwfcvJSvo\KgxdlitqLpmiekoElHqv\fDtqvzffFvLhwxsFn.pdb

Imports

user32

GetMenuStringW
DrawStateA
wsprintfA
GetMessageW
GetFocus
CharLowerW
DrawTextExW
GetLastActivePopup
EnumWindows
SetFocus
LoadCursorA
DrawAnimatedRects
GetClassNameW
CreateDialogParamA
LoadAcceleratorsW
IntersectRect
DrawTextW
CreateWindowExA
IsRectEmpty
GetDlgItem
CharToOemW
ShowCaret
CharLowerA
GetForegroundWindow
CallWindowProcA
CharToOemBuffA
OffsetRect
GetWindowPlacement
SetUserObjectInformationW

gdi32

SelectPalette
CreateDIBSection
CreatePolygonRgn
EndPage
GetNearestPaletteIndex
SetTextAlign
CreateRoundRectRgn
CreatePalette
BitBlt
DeleteDC
StretchBlt
ExtFloodFill
SetAbortProc

kernel32

GetFileAttributesW
GetSystemWindowsDirectoryW
GetWindowsDirectoryA
GlobalLock
EscapeCommFunction
FindFirstChangeNotificationW
FindResourceExW
HeapUnlock
FindResourceA
HeapAlloc
DeleteFileA
AddAtomA
LocalUnlock
GetOEMCP
RegisterWaitForSingleObject
GetStringTypeExW
HeapFree
GetProcessHeap
GetModuleHandleW

shlwapi

StrChrNW
StrCpyNW

Exports

Exports

?DufiluIOQF67uiofYIFYfUFyf@@YGKEPA_WG@Z

Sections

.text
Size: 68KB - Virtual size: 67KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 44KB - Virtual size: 43KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.mdata
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 22KB - Virtual size: 130KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f0abedf687170e1d280d666ffbd53de2

Headers

File Characteristics

PDB Paths

Imports

user32

gdi32

kernel32

shlwapi

Exports

Exports

Sections

.text Size: 68KB - Virtual size: 67KB

.rdata Size: 44KB - Virtual size: 43KB

.mdata Size: 11KB - Virtual size: 11KB

.data Size: 22KB - Virtual size: 130KB

.rsrc Size: 512B - Virtual size: 16B

.reloc Size: 1KB - Virtual size: 1KB

.text
Size: 68KB - Virtual size: 67KB

.rdata
Size: 44KB - Virtual size: 43KB

.mdata
Size: 11KB - Virtual size: 11KB

.data
Size: 22KB - Virtual size: 130KB

.rsrc
Size: 512B - Virtual size: 16B

.reloc
Size: 1KB - Virtual size: 1KB