45099dbb4c4917b138bce87845b51c7c_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

45099dbb4c4917b138bce87845b51c7c_JaffaCakes118
Size

176KB
MD5

45099dbb4c4917b138bce87845b51c7c
SHA1

10164106bf5b542ae964359c4cc79f32c8b2acab
SHA256

1beb7898c293ba44a10b1c41d27f6a2b50354d830063571150905b6bf0375a23
SHA512

22f2c16270254ca24735693de3f380c9aab8ab984af0c5dda88f91710db334427685892b97a78f9bc6d6d5819b2a0d99ef7830f3c24510770e9b99a65ec7dc93
SSDEEP

3072:2jjtzYkYFRBvrOjrknkpXwaVUwsHRVd/UOfe/2+y2GMT/eCjT1QrnJUwMx0hoApV:2jjJzYFLOvckpnVmxVdcOfTL2GMbeGu0

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
45099dbb4c4917b138bce87845b51c7c_JaffaCakes118

Files

45099dbb4c4917b138bce87845b51c7c_JaffaCakes118
.exe windows:5 windows x86 arch:x86

9eec0085c004a0e472357013176f91dd

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

A:\bwbtz\mlynD\BfJV.pdb

Imports

msvcrt

exit

comctl32

ImageList_Destroy
CreateStatusWindowW
ImageList_Read

user32

DefFrameProcA
SystemParametersInfoA
EnableScrollBar
MessageBoxExW
SendMessageA
OpenDesktopW
PtInRect
GetSysColor
IsIconic
GetKeyboardLayoutNameW
MapVirtualKeyExW
MapVirtualKeyW
GetUpdateRect

shlwapi

UrlCompareA
StrCmpIW

gdi32

CreateHatchBrush
TextOutA
GetTextExtentPoint32W
PolyBezier
RemoveFontResourceW
CreateFontIndirectW

kernel32

VirtualFree
GetLocaleInfoA
ExitProcess
GetTempFileNameA
lstrcmpW
GlobalAlloc
SetThreadExecutionState
GlobalFree
GetStdHandle

ntdll

RtlInitUnicodeString

comdlg32

GetOpenFileNameW
ChooseColorW
PrintDlgExW

Exports

Exports

?YM_Zo__vr__fG_RSlw@@YGEDM@Z
?sdw_lc__ALKGpxitaj_@@YGPAIFJ@Z
?HVj_UHLPh__jt_k_ts_y@@YGIPAGF@Z
?juRZOVD__@@YGPAJN@Z
?PJSnwilo_s_cx_eyYWnq_@@YGGJM@Z
?wln_sv_LPWXAcikjosztom@@YGDPAKI@Z
?NSz_ueMA@@YGPAEPAND@Z
?vpiyoYPJ_XVtzp@@YGFPADPAG@Z
?RJIdIWTSTfhkmQJX_YN_@@YGHPAK_N@Z
?_IKOz__js@@YG_NPAN_N@Z
?g_z_s_cS_TRY_IVZ_@@YGXPAJ@Z
?B_mxp_yzq_Ma_bxeXFY_KY@@YGDDF@Z
?rcSsy_x_HG__Yqa_utrgom@@YGPAFPAI@Z
?_elfyYBJKvz_ldcJVGlj@@YGFKPAN@Z
?yEU__DPErh_w_nxzptg@@YGJIPAF@Z
?pzRP_mika_gsc@@YGPANME@Z
?g_m_pQUhfy_utshnx@@YGIM@Z
?AXMP_htuC_PGGOg@@YGJFPAM@Z

Sections

.text
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.itext
Size: 512B - Virtual size: 184B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 156KB - Virtual size: 315KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

9eec0085c004a0e472357013176f91dd

Headers

File Characteristics

PDB Paths

Imports

msvcrt

comctl32

user32

shlwapi

gdi32

kernel32

ntdll

comdlg32

Exports

Exports

Sections

.text Size: 13KB - Virtual size: 13KB

.itext Size: 512B - Virtual size: 184B

.data Size: 156KB - Virtual size: 315KB

.rsrc Size: 4KB - Virtual size: 4KB

.reloc Size: 1KB - Virtual size: 1KB

.text
Size: 13KB - Virtual size: 13KB

.itext
Size: 512B - Virtual size: 184B

.data
Size: 156KB - Virtual size: 315KB

.rsrc
Size: 4KB - Virtual size: 4KB

.reloc
Size: 1KB - Virtual size: 1KB