3d5261d18fbca8d2b1843771fa59bbcb_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

3d5261d18fbca8d2b1843771fa59bbcb_JaffaCakes118
Size

127KB
MD5

3d5261d18fbca8d2b1843771fa59bbcb
SHA1

15c01623450334239294260fd04be727984a0a74
SHA256

2bfdc4c029a65c38130514606e2da86f9caedc2e7641232e23ee9eb927ac60a7
SHA512

8e062d5176e3116b61fab9b40cba62a725632111bbbb740bcd640ad19f10b5af7ae0782b02b94a05149e085cbf30cb30fafbed3eec63e2e7c13f885ad75f6f9a
SSDEEP

3072:Sz9HMxm7LQw5H+RSHXB3pA//ipx2nxMowBIdTWKpDb3:Sz9ss70mH+RmrAHWQxkml

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3d5261d18fbca8d2b1843771fa59bbcb_JaffaCakes118

Files

3d5261d18fbca8d2b1843771fa59bbcb_JaffaCakes118
.exe windows:5 windows x86 arch:x86

14fa2bba0aa8018fbd77e758196c72d1

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

S:\egrgospghjoo\DAftOeeyapeZk\cXdioTbp\whbiweibDBtpn.pdb

Imports

msvcrt

__argc

kernel32

lstrlenA
ConnectNamedPipe
VirtualProtect
SearchPathA
SetPriorityClass
FindNextFileW
IsBadStringPtrW
IsBadWritePtr
FindFirstChangeNotificationW
lstrcmpW
GetComputerNameW
lstrcmpiA
VirtualFree
GlobalUnlock
ReadFile
CreateDirectoryA
Sleep
SetCommTimeouts
CreateWaitableTimerW
FileTimeToSystemTime
GetCommandLineA
GlobalFindAtomW
HeapValidate
GetUserDefaultLCID

user32

RegisterWindowMessageA
CharToOemW
GetWindowDC
SystemParametersInfoA
mouse_event
CreateMenu
GetSysColor
AppendMenuW
DispatchMessageW
LoadAcceleratorsA
EnableScrollBar
IsCharAlphaNumericW
GetMenuItemInfoW
DrawIcon
DefWindowProcA
CallWindowProcA
GetSysColorBrush
LockWindowUpdate
SetWindowPos
GetParent
GetActiveWindow
MessageBoxExW
GetUserObjectInformationW
FindWindowW
GetUserObjectInformationA
GetIconInfo
CreateIconFromResource
CharToOemA
CharLowerW
GetMenuCheckMarkDimensions
SetTimer
PostMessageA
IsChild
SetDlgItemInt
SetRect
CharUpperA
RegisterClassW
SetScrollRange
ExitWindowsEx
EnableMenuItem
DefFrameProcA
InvertRect
FindWindowExA
CopyRect
LoadBitmapW
InvalidateRgn
LoadIconW
WaitMessage
MoveWindow

gdi32

SetStretchBltMode
CreateBitmap
SetTextAlign
GetBkMode
RealizePalette
SetBrushOrgEx
EndPath
LPtoDP
StretchBlt
GetPaletteEntries
GetDIBColorTable
CreatePenIndirect
UnrealizeObject
CreateDiscardableBitmap
RoundRect
GetTextMetricsA
CreateDIBSection
Ellipse
GetStockObject
MoveToEx
TextOutW
LineTo
TextOutA

ole32

OleBuildVersion

advapi32

IsTextUnicode

comdlg32

ReplaceTextW
GetSaveFileNameW
CommDlgExtendedError
PageSetupDlgW

Exports

Exports

?IFifioflklkFKLofd@@YGPA_WPA_WKK@Z

Sections

.text
Size: 53KB - Virtual size: 52KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 34KB - Virtual size: 107KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 39KB - Virtual size: 38KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

14fa2bba0aa8018fbd77e758196c72d1

Headers

File Characteristics

PDB Paths

Imports

msvcrt

kernel32

user32

gdi32

ole32

advapi32

comdlg32

Exports

Exports

Sections

.text Size: 53KB - Virtual size: 52KB

.data Size: 34KB - Virtual size: 107KB

.rsrc Size: 39KB - Virtual size: 38KB

.reloc Size: 1KB - Virtual size: 1KB

.text
Size: 53KB - Virtual size: 52KB

.data
Size: 34KB - Virtual size: 107KB

.rsrc
Size: 39KB - Virtual size: 38KB

.reloc
Size: 1KB - Virtual size: 1KB