480bb6a85ff8aec11a04a374ffd9da39_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

480bb6a85ff8aec11a04a374ffd9da39_JaffaCakes118
Size

158KB
MD5

480bb6a85ff8aec11a04a374ffd9da39
SHA1

28f812fd5488eee0879638bb4c03a290e36b4490
SHA256

128a98490f9af8ab945fa4d47f1395b5127109283025ff35b772d6ef5c8b63eb
SHA512

cead14251821a9257cce39a80eccdb2711c9abc8c0a5fe5a2f2c491fda4e89a25ddffdf842e3ade89e6095886abda6d18fae21f30aa29395b90e06eb2d861b8f
SSDEEP

3072:JCSyOij7qZGVZBz9S/AAkRAd2G4ceyvy3k0sA98wCdTOg2:QLOif40BzY/GAd2GX1vfHRTO

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
480bb6a85ff8aec11a04a374ffd9da39_JaffaCakes118

Files

480bb6a85ff8aec11a04a374ffd9da39_JaffaCakes118
.exe windows:5 windows x86 arch:x86

6d325530d194209a7f4628b04d04f029

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

D:\YmUro\tlmdUw\bfzpAtlj\ewcqbcg\RVbDyO.pdb

Imports

shlwapi

StrToIntW
UrlGetPartA
StrCpyW

kernel32

lstrcpyW
IsBadWritePtr
GetWindowsDirectoryW
TlsFree
lstrcmpA
CreateFileA
lstrcmpiA
GlobalMemoryStatus
CreateNamedPipeW

comctl32

ImageList_AddMasked
CreatePropertySheetPageA
ImageList_ReplaceIcon

gdi32

IntersectClipRect
EnumFontFamiliesW
SetWindowOrgEx
PolyBezier
Rectangle
TextOutA

user32

LoadImageA
IsCharAlphaNumericW
ReplyMessage
GetUserObjectInformationA
RegisterWindowMessageA
DestroyCursor
CharLowerBuffW
RegisterClassW
CharLowerW
LoadIconA
SystemParametersInfoW
CreateCaret
CreateIconIndirect

Exports

Exports

?_qhssqigpcfqh__sxvw_i@@YGXPA_NE@Z
?mvn_SJS___olxvd_aokb@@YGXPAM@Z
?UR_XebeXJBFlwkjtdmzxqS@@YGXPAE@Z
?OYxTZFD@@YGPAFPAE@Z
?__dy_scig@@YG_NKD@Z
?_DYRUKFCXR@@YGJPAFPAK@Z
?__LCgtzwhLTFNJ_V_@@YGHI@Z
?EG_YJTCFQS@@YGGK@Z
?emyrra_iUACCec@@YGEI@Z

Sections

.text
Size: 56KB - Virtual size: 387KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 36KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pacdat
Size: 20KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idat
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rdata
Size: 20KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 6KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

6d325530d194209a7f4628b04d04f029

Headers

File Characteristics

PDB Paths

Imports

shlwapi

kernel32

comctl32

gdi32

user32

Exports

Exports

Sections

.text Size: 56KB - Virtual size: 387KB

.data Size: 36KB - Virtual size: 36KB

.pacdat Size: 20KB - Virtual size: 20KB

.idat Size: 16KB - Virtual size: 15KB

.rdata Size: 20KB - Virtual size: 19KB

.rsrc Size: 6KB - Virtual size: 8KB

.reloc Size: 2KB - Virtual size: 1KB

.text
Size: 56KB - Virtual size: 387KB

.data
Size: 36KB - Virtual size: 36KB

.pacdat
Size: 20KB - Virtual size: 20KB

.idat
Size: 16KB - Virtual size: 15KB

.rdata
Size: 20KB - Virtual size: 19KB

.rsrc
Size: 6KB - Virtual size: 8KB

.reloc
Size: 2KB - Virtual size: 1KB