47f2fdb1889cef6554221da9755c6f9c_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

47f2fdb1889cef6554221da9755c6f9c_JaffaCakes118
Size

146KB
MD5

47f2fdb1889cef6554221da9755c6f9c
SHA1

2dbc9ce97a99deda1cef5f296cdac4835180a422
SHA256

b5ae46422602a3422548ed39cabd839593517dd62869f3bae1507715a36ca600
SHA512

faced795f17a6d625474ca8660095220c3fcddd28f20f82f5568ef27f7ce8ac2655a413971e95dff45be54e906ad56076a5619f9ab423fbff34ba1fda46b4497
SSDEEP

3072:jRgnrXmGZPl+5jtkHnWAkaIjzYafTlvYvM5j6Nex:tCXzo5jtk2PzdxKMR6ex

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
47f2fdb1889cef6554221da9755c6f9c_JaffaCakes118

Files

47f2fdb1889cef6554221da9755c6f9c_JaffaCakes118
.exe windows:5 windows x86 arch:x86

e3da7efbb68d382ab2299c71a2af49a1

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

U:\efbbcRzxq\seJCxvskumlun\uozfTAbabpZjjx\rymjgvTAncuta\cdqdfcyYqPyl.pdb

Imports

user32

GetClassNameW
DrawEdge
GetDoubleClickTime
DefDlgProcW
keybd_event
CreateDialogParamW
ScrollWindow
DispatchMessageA
GetIconInfo
KillTimer
DragObject
PostMessageW
GetDCEx
GetKeyboardLayoutList
ShowCaret
GetDlgItemTextA
SetWindowPlacement
GetFocus
DrawTextA
CallWindowProcW
DialogBoxParamA
CopyAcceleratorTableW
CopyImage
CharNextExA
GetActiveWindow
BeginDeferWindowPos
GetWindowTextW
PostThreadMessageW
CreatePopupMenu
IsCharAlphaW

gdi32

CreateDIBSection
CombineRgn
CreatePalette
PtInRegion
CreateFontIndirectA
RectVisible
SetPaletteEntries
RectInRegion
GetClipBox
SelectObject
Polyline
GetTextFaceW

comctl32

CreateToolbarEx
ImageList_Remove
ImageList_LoadImageW
ImageList_GetIcon

ntdll

memset

msvcrt

exit

kernel32

DeleteFileA
FindFirstFileA
FindNextFileA
GetAtomNameW
lstrlenW
CompareStringW
GetVersionExW
lstrcmpiW
lstrlenA
GetStringTypeExW
GlobalSize
GetDateFormatW
SetHandleInformation
SetSystemTime
CreatePipe
SetCommTimeouts
GetTickCount

shlwapi

StrFormatByteSizeA
StrToIntA
PathSearchAndQualifyA
ChrCmpIA
UrlGetPartW
StrStrIA

Exports

Exports

?jlzIMKo@@YGPADIE@Z
?L_CBOZAOZ_TI@@YGPAKN@Z
?FJJKKfua@@YGJE@Z
?Tjb_p__piVTVNSxzc_p@@YGXPAGM@Z
?fsnr_ss_u@@YGPAXPAI@Z
?I_Ce_qxyl@@YGPAXPAJ@Z
?mrlxxVSSUUmtfqeA_@@YG_NPAI@Z
?HHCYIT_VMLT@@YGPAEM@Z
?_KM_IMS_Z_AEO@@YGFK@Z
?yjwQRJAKRWDGI_dbuqhu@@YGFPAG_N@Z
?Vs_u_v_mhMNBMYD___TD@@YGI_N@Z
?gzfndalgTD__SCN__@@YGIE@Z
?hsdi_sYITDVVV@@YGHHI@Z
?td_f_Y_WUOF__HLb@@YGEF@Z
?JONATHJD_OVSVdkEm@@YGPAEF@Z
?kj_i_d_@@YGPAHPAED@Z
?E_DYZD_Q_ITLT@@YGGDPAE@Z
?EPDB_BKQyyHDAE_AEQU_@@YGXKK@Z
?_dw_sieKRBFAX_S_LTVUA@@YGPAFPAD@Z
?itIJdtfdlynCGgwdlEO@@YGPAFNPAJ@Z
?Nks_p_j_wG@@YGNPAN@Z
?J_J_KYRAu_l_b_rjfjnbt@@YGPAIFPAE@Z
?FXEKTJXDBl___@@YGX_NPAK@Z
?_fLZH_MP_HV_CRDbpgxn@@YGDPA_NG@Z
?_ihw_M_BGXb___hrprollk@@YGGPAK@Z
?w_ZVFB_RHFZPA_H@@YGPAHK@Z
?i_rrlDGMUK_UGwms_AR@@YGDE@Z
?db_uc_fyu_tWMYOONC@@YGPANKPAD@Z
?weFDEJb_F__DICQtx_olQ@@YGXPANJ@Z
?thadfaWK_PZNJdrIL_@@YGXMD@Z
?_cs_r_kg_@@YGPAXG@Z
?s_voTznazjc_HMIK_K_@@YGPAK_N@Z
?TNPQ_Vv_n_i@@YGHF@Z
?Qqh_CLT_@@YGXPAI@Z
?MCN_CUkfzQIFZx_qcg@@YGHDPAE@Z
?gznpkubguaSPc_p@@YGJDF@Z
?soquNpofvf_jVBOXWC@@YGPAXPAHM@Z
?Z_EDCvgoeph_n_q_dfJ_@@YGNKD@Z
?_X_XF___GXldq@@YGGE@Z
?i_lNKXCympmm@@YGXK@Z
?f_nzhxu@@YGPAFF@Z
?R__R_LAV_jhC__BQPXFCAd@@YGPAMPAF@Z
?SQXfidw_@@YGEI@Z
?fjBqp_x_p_ynwDR@@YGGI@Z
?__IAL_A_VHMKJAXTX__NR@@YGPAMPAKF@Z
?Fn_fhdgt_wxM_Dha_avNHI@@YGPAKPAM@Z
?jokMTNUQBa@@YGXD@Z
?_HRI_GSGS__Eu@@YGPANG@Z
?wmnf__yb__Fbs@@YGIK@Z
?__povjhwUFBRPHBGFBJ_@@YGPAJG@Z
?__jyknb@@YGPADPA_NPAG@Z
?kGNYYVX@@YGPANPAI@Z
?yd_JXPtka@@YGPAEII@Z
?QTw_ji_x_bouie@@YGIPA_N@Z
?lAJKQYyc@@YGXPAK@Z
?vul_ibb_bjkut__xdukNW@@YGFPAKG@Z
?_l_sg__ei__paFLH@@YGPA_NPAIPA_N@Z

Sections

.text
Size: 84KB - Virtual size: 83KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.icode
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 34KB - Virtual size: 190KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e3da7efbb68d382ab2299c71a2af49a1

Headers

File Characteristics

PDB Paths

Imports

user32

gdi32

comctl32

ntdll

msvcrt

kernel32

shlwapi

Exports

Exports

Sections

.text Size: 84KB - Virtual size: 83KB

.idata Size: 9KB - Virtual size: 8KB

.icode Size: 11KB - Virtual size: 11KB

.data Size: 34KB - Virtual size: 190KB

.rdata Size: 3KB - Virtual size: 2KB

.rsrc Size: 512B - Virtual size: 16B

.reloc Size: 2KB - Virtual size: 2KB

.text
Size: 84KB - Virtual size: 83KB

.idata
Size: 9KB - Virtual size: 8KB

.icode
Size: 11KB - Virtual size: 11KB

.data
Size: 34KB - Virtual size: 190KB

.rdata
Size: 3KB - Virtual size: 2KB

.rsrc
Size: 512B - Virtual size: 16B

.reloc
Size: 2KB - Virtual size: 2KB