3f89069f092023a5a9305d483c9989b3_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

3f89069f092023a5a9305d483c9989b3_JaffaCakes118
Size

226KB
MD5

3f89069f092023a5a9305d483c9989b3
SHA1

dde27a17f54fb1125e2df2eebc4d3e27f540040a
SHA256

5bfb38ae140275e43473d4def2ac216e05132905a70896b6bfa88df429d22ed7
SHA512

5af5fed7dd2d33d741bc5f79e2eb6a0b2f6667a348615497e85d2bde43c85925a6a2872c3c46d59fb3deec14f747e58ba05d750e9285ca016b0562ddc6ab4e66
SSDEEP

6144:idUTD1s/FUyKhxp7402yy+2J47aY0vvvpA:i2f+tUJl/DQgaYgvRA

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3f89069f092023a5a9305d483c9989b3_JaffaCakes118

Files

3f89069f092023a5a9305d483c9989b3_JaffaCakes118
.exe windows:5 windows x86 arch:x86

2183226ea31748f871d83ac78f810018

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

S:\jRdjfmxuPtdKw\FisTgvMcpbxXnqhYa\lEOskMkDekiVrrpTzumnP\aoQgsnnjgbkoqyxnQcowt\ixsYIBFKlhr\tYrbicRzxyOaIhknkoJv.pdb

Imports

shlwapi

StrChrIW

gdi32

StretchBlt
GetTextFaceW
GetTextExtentExPointW
CreateBitmapIndirect
RemoveFontResourceW
CreateDCW
SetDIBits
StartDocW
SetBitmapBits
SetBkColor
GetSystemPaletteEntries
SetBrushOrgEx
CreateFontIndirectW

user32

CharNextW
CharUpperBuffA
GetNextDlgGroupItem
UnloadKeyboardLayout
CharToOemW
GetWindowPlacement
RegisterWindowMessageA
CopyAcceleratorTableW
ShowCaret
SetWindowRgn
GetKeyboardLayoutNameW
DrawTextA
IsDialogMessageW
LoadMenuA
CloseDesktop
CharLowerBuffW
SetWindowPos
SetWindowLongA
MessageBoxExW
InsertMenuItemW
CheckMenuItem
ShowWindow
SetTimer
InsertMenuA
OffsetRect
ClientToScreen
CreateWindowExA
RegisterClassExW
SystemParametersInfoA

kernel32

FoldStringW
CopyFileW
GetTempFileNameW
RemoveDirectoryA
GetHandleInformation
LoadLibraryExA
GetTimeFormatA
lstrcpyW
GetModuleHandleW
HeapUnlock
GetLocalTime
GetStartupInfoA
GetComputerNameExW
GetComputerNameExA
FreeLibrary
FindResourceExW

shell32

ord196
ord195

Exports

Exports

?DufiluIOQF67uiofYIFYfUFyf@@YGKEPA_WG@Z

Sections

.text
Size: 104KB - Virtual size: 103KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 71KB - Virtual size: 70KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.mdata
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 36KB - Virtual size: 199KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

2183226ea31748f871d83ac78f810018

Headers

File Characteristics

PDB Paths

Imports

shlwapi

gdi32

user32

kernel32

shell32

Exports

Exports

Sections

.text Size: 104KB - Virtual size: 103KB

.rdata Size: 71KB - Virtual size: 70KB

.mdata Size: 12KB - Virtual size: 11KB

.data Size: 36KB - Virtual size: 199KB

.rsrc Size: 512B - Virtual size: 16B

.reloc Size: 1KB - Virtual size: 1KB

.text
Size: 104KB - Virtual size: 103KB

.rdata
Size: 71KB - Virtual size: 70KB

.mdata
Size: 12KB - Virtual size: 11KB

.data
Size: 36KB - Virtual size: 199KB

.rsrc
Size: 512B - Virtual size: 16B

.reloc
Size: 1KB - Virtual size: 1KB