6859a68742eb401177ae4f626a97b913_JaffaCakes118 | Triage

Sharing

General

Target

6859a68742eb401177ae4f626a97b913_JaffaCakes118
Size

137KB
MD5

6859a68742eb401177ae4f626a97b913
SHA1

979e13d8f75156484a92804e7ef3947f42513dfb
SHA256

b6a8967032009064a860d26e06ffdd75e9235aeba64b91861bba0176e2038f19
SHA512

febcde2f84317e82ea0f827a8eae48ce583ca777751dff2df059b9a7261676cb35084cc6bcb284e0345ebaa443b49e6231f08154e958c22557e9c52118209b1f
SSDEEP

3072:qUHaLMQT8nBF270/WKnjNafKZNZrvbkDjqU4Jg+DHtHAPfjLnrw9y4M:vHUnT8BsgWKnjNafsZLb8jd4JgkGf3rE

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
6859a68742eb401177ae4f626a97b913_JaffaCakes118

Files

6859a68742eb401177ae4f626a97b913_JaffaCakes118
.exe windows:5 windows x86 arch:x86

036c22ff8ed717f15da250823215d3dc

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

S:\vkwTMxv\EeufpftpCnDtZ\YifFWbusYlY\Duhapdi.pdb

Imports

shlwapi

UrlEscapeA
ChrCmpIW

user32

SetDlgItemTextW
GetMenuItemRect
ShowScrollBar
PostMessageA
RemoveMenu
GetPropW
LoadImageA
GetForegroundWindow
KillTimer
LoadIconW
TranslateMessage
SendMessageW
wsprintfW
MapDialogRect
DestroyMenu
IsCharAlphaW
IsCharUpperW
GetWindowDC
IsMenu

gdi32

CreateBitmapIndirect
RealizePalette
RestoreDC
RectInRegion
CreateSolidBrush
SetBitmapDimensionEx

kernel32

GetModuleFileNameA
LoadLibraryA
lstrlenA
LoadLibraryExA
QueryPerformanceCounter
lstrcpyA
LoadLibraryW
GetDateFormatW
LockResource
IsDBCSLeadByte
GetModuleHandleW
GetFileAttributesExW

msvcrt

_controlfp
__set_app_type
__p__fmode
__p__commode
_amsg_exit
bsearch
_initterm
_ismbblead
_XcptFilter
_exit
strlen
_cexit
realloc
isdigit
__setusermatherr
__getmainargs

Exports

Exports

?CreateDlgMessage@@YGHPAXPADK|U

Sections

.text
Size: 26KB - Virtual size: 25KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.xyz
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 106KB - Virtual size: 231KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE