4db90e4ec29d61e276b8a5e9deb833b5_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

4db90e4ec29d61e276b8a5e9deb833b5_JaffaCakes118
Size

149KB
MD5

4db90e4ec29d61e276b8a5e9deb833b5
SHA1

75baf568a56fa351e67095a3cdcc6412349e0a4c
SHA256

68d079b9b6d7e3262544be056216d598974dd6f74dc6583af99df1b77462a911
SHA512

bafb996b9302efb79e95cb31604e55900e38d17e57381536e839552eed6679f8956dbfd6a052d2c5a5103604b4af67cf3e34ba1bdf544ae000a16885f9408732
SSDEEP

3072:LHTYGWthYjcyJIeVu5XE99cOz06dZxQSpRfcLuPK:zcIj72RIBzBLxVplcL

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4db90e4ec29d61e276b8a5e9deb833b5_JaffaCakes118

Files

4db90e4ec29d61e276b8a5e9deb833b5_JaffaCakes118
.exe windows:5 windows x86 arch:x86

d3cbf0ed41b87730cad072c120e2bce1

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

H:\dhDtgjtwfdBbSNKhH\beVsHvoZeBcPenKFz\ierhnqnhyliJof\NmQuXgkhsuB\OhuNvMiLoVtw\haongccytPStydabcvnJf.pdb

Imports

shlwapi

StrChrNW
StrCpyNW

user32

ArrangeIconicWindows
mouse_event
CreateWindowExW
HideCaret
LookupIconIdFromDirectory
WaitForInputIdle
VkKeyScanW
SetRect
CallWindowProcW
GetWindowLongW
GetClientRect
LoadIconW
GetMonitorInfoW
GetMessagePos
InvalidateRect
SetForegroundWindow
CallWindowProcA
GetClassNameW
SetScrollRange
MapWindowPoints
MonitorFromPoint
GetDlgItem
EnumWindows
GetFocus
GetMenu
TranslateAcceleratorA
GetMenuItemID
IsZoomed

kernel32

GetWindowsDirectoryA
lstrcpynA
DefineDosDeviceW
GetFileType
MapViewOfFile
GetComputerNameExW
GetModuleHandleW
GetStartupInfoW
LockResource
RegisterWaitForSingleObject
LeaveCriticalSection
WaitForMultipleObjectsEx
lstrcatA
HeapFree
HeapAlloc
GetSystemDefaultLangID
GetProcessHeap
FindResourceExW
ReleaseSemaphore

comctl32

CreatePropertySheetPageA
PropertySheetA
ImageList_Write
ImageList_GetIconSize

gdi32

CreatePenIndirect
GetBkMode
SetAbortProc
GetTextExtentPointA
SaveDC
RestoreDC
SetStretchBltMode
CreateBitmapIndirect
GetDIBits
ExtFloodFill
CreateRectRgn
WidenPath

Exports

Exports

?DufiluIOQF67uiofYIFYfUFyf@@YGKEPA_WG@Z

Sections

.text
Size: 68KB - Virtual size: 68KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 44KB - Virtual size: 43KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.mdata
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 22KB - Virtual size: 130KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d3cbf0ed41b87730cad072c120e2bce1

Headers

File Characteristics

PDB Paths

Imports

shlwapi

user32

kernel32

comctl32

gdi32

Exports

Exports

Sections

.text Size: 68KB - Virtual size: 68KB

.rdata Size: 44KB - Virtual size: 43KB

.mdata Size: 11KB - Virtual size: 11KB

.data Size: 22KB - Virtual size: 130KB

.rsrc Size: 512B - Virtual size: 16B

.reloc Size: 1KB - Virtual size: 1KB

.text
Size: 68KB - Virtual size: 68KB

.rdata
Size: 44KB - Virtual size: 43KB

.mdata
Size: 11KB - Virtual size: 11KB

.data
Size: 22KB - Virtual size: 130KB

.rsrc
Size: 512B - Virtual size: 16B

.reloc
Size: 1KB - Virtual size: 1KB