48c2f54098effc088b4eedf116e85fbd_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

48c2f54098effc088b4eedf116e85fbd_JaffaCakes118
Size

120KB
MD5

48c2f54098effc088b4eedf116e85fbd
SHA1

9e8f40c762d0c578fbd8082fbda4e001af6a883c
SHA256

66f414c222a92b414e5109ed9998810336fc08fbd8b0ac4bde4219c56e6eb080
SHA512

f1e3f1718650a5574f39c0c33760558cf01675baf9b095f8bfd5b31d0c92a8d9f94606fd3a731fc954147f15fb2a0914c409ee4b33a6759daf8e11e8d0ebd8a6
SSDEEP

1536:WBHk4X+19m1jsQIqCQlCd7InQp+Z+3QgGL/4+glYInZtHylwHzkr6xSTcnrK7BQl:GI1XHHSQcUalwHKrIWBJy1/

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
48c2f54098effc088b4eedf116e85fbd_JaffaCakes118

Files

48c2f54098effc088b4eedf116e85fbd_JaffaCakes118
.exe windows:5 windows x86 arch:x86

5cf9f8e6ec59e09a56a9de95d96b3472

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

I:\XmhruSYq\uzft\cutdym.pdb

Imports

gdi32

GetDIBits
EndPath
CreateSolidBrush
GetTextAlign
CreateBitmap
CreateEllipticRgnIndirect

user32

AppendMenuW
GetWindowPlacement
DestroyIcon
ChangeMenuW
GetCursorPos
AdjustWindowRectEx
ShowScrollBar
SystemParametersInfoA
CharUpperBuffW
WaitMessage
GetMenuState
EnableScrollBar
GetDlgItemInt
RegisterWindowMessageA

shlwapi

UrlGetPartA
ChrCmpIA

comdlg32

GetFileTitleW
PageSetupDlgW
ChooseFontW

kernel32

LoadResource
GetFileInformationByHandle
GetTickCount
SetMailslotInfo
CreateMailslotW
RaiseException
lstrcpyA
SetThreadExecutionState

Exports

Exports

?irazfyqk@@YGIEJ@Z
?FTFF_ABWhuwvgoy_J_Q__Q@@YGDHPAI@Z
?kbbdi_iq_u@@YGGPAFI@Z
?_pkp_yyqdo_vg__@@YGEFM@Z
?_s_jnKUjU@@YGKE@Z

Sections

.text
Size: 46KB - Virtual size: 166KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 20KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idat
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rdata
Size: 22KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.pacdat
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 6KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

5cf9f8e6ec59e09a56a9de95d96b3472

Headers

File Characteristics

PDB Paths

Imports

gdi32

user32

shlwapi

comdlg32

kernel32

Exports

Exports

Sections

.text Size: 46KB - Virtual size: 166KB

.data Size: 20KB - Virtual size: 20KB

.idat Size: 11KB - Virtual size: 10KB

.rdata Size: 22KB - Virtual size: 22KB

.pacdat Size: 10KB - Virtual size: 9KB

.rsrc Size: 6KB - Virtual size: 8KB

.reloc Size: 2KB - Virtual size: 1KB

.text
Size: 46KB - Virtual size: 166KB

.data
Size: 20KB - Virtual size: 20KB

.idat
Size: 11KB - Virtual size: 10KB

.rdata
Size: 22KB - Virtual size: 22KB

.pacdat
Size: 10KB - Virtual size: 9KB

.rsrc
Size: 6KB - Virtual size: 8KB

.reloc
Size: 2KB - Virtual size: 1KB