4608cdc64a3579754a3a899eedc4a392_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

4608cdc64a3579754a3a899eedc4a392_JaffaCakes118
Size

61KB
MD5

4608cdc64a3579754a3a899eedc4a392
SHA1

ba37076951d5b2e8e36cf5fa254f8cde0090752c
SHA256

36d436c2c542f11f79a28461febdaf20dcc567763a9c00fd1e0b3e370f84a57a
SHA512

6fd4f99f661cb0a308241ce9c4fe7e8dbd99515c948ca603a9de9d94640f5df5f9615f2971148f9b13582e1e6cb42cc01ded825f0ef4eb7c8b0fa779df01bd23
SSDEEP

1536:gLbE+N8ykeIfbZqczTYFS4vY3sp6vdXm0dGFJGQp:wTueO3/YjpIAkQp

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4608cdc64a3579754a3a899eedc4a392_JaffaCakes118

Files

4608cdc64a3579754a3a899eedc4a392_JaffaCakes118
.exe windows:5 windows x86 arch:x86

bfc8db3f62b972306b737328aedb4390

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

S:\qtum\qjtAbi\rTWPgfF\ZXwvx\gDmPNez.pdb

Imports

user32

SetForegroundWindow
GetKeyState
SetMenuItemBitmaps
ShowOwnedPopups
FrameRect
OffsetRect
ChildWindowFromPointEx
IsDialogMessageA
DrawMenuBar
GrayStringW
GetWindowLongA
CreateIconIndirect
MapWindowPoints

gdi32

TranslateCharsetInfo
EnumFontFamiliesExW
ScaleViewportExtEx
GetTextFaceW
OffsetRgn
CreateRoundRectRgn

ntdll

_stricmp

shlwapi

StrSpnA
ord29

kernel32

GetCommandLineW
GlobalGetAtomNameA
GetCurrentProcessId
CreateEventA
ExitProcess
lstrcmpW
lstrcmpiA
ReleaseSemaphore
GetModuleHandleW

comdlg32

GetSaveFileNameW
PrintDlgW

Exports

Exports

?f_ubtneuov_y__jvbbe@@YGXM@Z
?PRDqyirtzhtj@@YG_ND@Z
?AZQWWF_U_FJ@@YGDPAI@Z
?Jm_ur_b_hkvwuiisu_OAD@@YGPAKPAKG@Z
?cmRLRARztb__mKGDF@@YGXGPAK@Z
?rxsrfpf_h_@@YGDPAD@Z
?IRQQkh_NG_C@@YGPAJPAG@Z
?PSKFjxhtpSRYjieocU@@YGDM@Z
?TFjy___vmakjbrqe@@YGJD@Z
?I_EFOTb@@YGPAGJJ@Z
?__Q_LUIBE@@YGFPAFF@Z
?ua_fvjJ_rxd_rk_sz@@YGXPA_N@Z
?u__fd_igx_rZC@@YG_NPAF@Z
?n_stSuznt_jn_@@YGFPAIJ@Z
?_yr__vlibz__qd@@YGPAXGM@Z
?qlp_eorbzebYM@@YGPADMM@Z
?BDQqpwlo_@@YGXIE@Z
?_nwrihwvcq@@YGPAKE@Z

Sections

.text
Size: 15KB - Virtual size: 15KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 12KB - Virtual size: 84KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 24KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1024B - Virtual size: 930B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.export
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 3KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

bfc8db3f62b972306b737328aedb4390

Headers

File Characteristics

PDB Paths

Imports

user32

gdi32

ntdll

shlwapi

kernel32

comdlg32

Exports

Exports

Sections

.text Size: 15KB - Virtual size: 15KB

.data Size: 12KB - Virtual size: 84KB

.rdata Size: 24KB - Virtual size: 23KB

.idata Size: 1024B - Virtual size: 930B

.export Size: 1KB - Virtual size: 1KB

.rsrc Size: 3KB - Virtual size: 4KB

.reloc Size: 2KB - Virtual size: 1KB

.text
Size: 15KB - Virtual size: 15KB

.data
Size: 12KB - Virtual size: 84KB

.rdata
Size: 24KB - Virtual size: 23KB

.idata
Size: 1024B - Virtual size: 930B

.export
Size: 1KB - Virtual size: 1KB

.rsrc
Size: 3KB - Virtual size: 4KB

.reloc
Size: 2KB - Virtual size: 1KB