5a0d049b29a9b6ebcb38a608497e0dbb_JaffaCakes118 | Triage

Sharing

General

Target

5a0d049b29a9b6ebcb38a608497e0dbb_JaffaCakes118
Size

174KB
MD5

5a0d049b29a9b6ebcb38a608497e0dbb
SHA1

411f12c079626edea7ac9c5bd7e13b8c63df5dea
SHA256

cd7676da552093665fa916d9412a9aaca05024f5ea3801ed11697906a796c27d
SHA512

0de42537882d956d6f481978ac6c7eda59e9eb5fa4f40f0f235f5fc5c5effe418fe49b8f799ad3b5995b18a02710914561f01f923d7ea86331ef4cf507330a48
SSDEEP

3072:W0s00T8UBb3NIGbVcnk4TGIS1nvxONJdvdxUHe8kroN7TbLFh6Pqg1EDvoDU:jszT8M7bcZ1SRxOhMeJO7XLbwqKEDvoY

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5a0d049b29a9b6ebcb38a608497e0dbb_JaffaCakes118

Files

5a0d049b29a9b6ebcb38a608497e0dbb_JaffaCakes118
.exe windows:5 windows x86 arch:x86

036c22ff8ed717f15da250823215d3dc

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

S:\vkwTMxv\EeufpftpCnDtZ\YifFWbusYlY\Duhapdi.pdb

Imports

shlwapi

UrlEscapeA
ChrCmpIW

user32

SetDlgItemTextW
GetMenuItemRect
ShowScrollBar
PostMessageA
RemoveMenu
GetPropW
LoadImageA
GetForegroundWindow
KillTimer
LoadIconW
TranslateMessage
SendMessageW
wsprintfW
MapDialogRect
DestroyMenu
IsCharAlphaW
IsCharUpperW
GetWindowDC
IsMenu

gdi32

CreateBitmapIndirect
RealizePalette
RestoreDC
RectInRegion
CreateSolidBrush
SetBitmapDimensionEx

kernel32

GetModuleFileNameA
LoadLibraryA
lstrlenA
LoadLibraryExA
QueryPerformanceCounter
lstrcpyA
LoadLibraryW
GetDateFormatW
LockResource
IsDBCSLeadByte
GetModuleHandleW
GetFileAttributesExW

msvcrt

_controlfp
__set_app_type
__p__fmode
__p__commode
_amsg_exit
bsearch
_initterm
_ismbblead
_XcptFilter
_exit
strlen
_cexit
realloc
isdigit
__setusermatherr
__getmainargs

Exports

Exports

?CreateDlgMessage@@YGHPAXPADK|U

Sections

.text
Size: 26KB - Virtual size: 25KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.xyz
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 143KB - Virtual size: 332KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE