6a49d0b9c70cab688bc49d540112b555_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

6a49d0b9c70cab688bc49d540112b555_JaffaCakes118
Size

123KB
MD5

6a49d0b9c70cab688bc49d540112b555
SHA1

a728fbf450d7a0266223f8ba597a041bfae12be8
SHA256

f1edb14af8fcb03ef2b4f6202f190e0ebbc6987e5d86fd12cf7565f30a870346
SHA512

2b5c0451854cd915bb7f992639ce7904a8f8b5630150fe2c41b2ccba02570d5940986f1e7641cfceaaf6592c437f51d314ed1574e7ade951add0ac1ba5ec0e8f
SSDEEP

1536:Pqq85+50vqf/FhSNQweT5flLUnSPZItk0rOWMSQl7LTVcps+L16jHWcisM9bcovy:kA2vlQJflLUnOBLlcd67ibTvSkR2

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
6a49d0b9c70cab688bc49d540112b555_JaffaCakes118

Files

6a49d0b9c70cab688bc49d540112b555_JaffaCakes118
.exe windows:5 windows x86 arch:x86

8ab6447bc08c30968079d125482655e9

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

N:\DetTvdgkIhxbKZa\zblBlBwJzwUpQtxtbazrW\fpdaezeyQEplLacjhitJ\uJFiDqBfbvjf\LymUydbhRmQnoeQqMqsu\MuRhrzdtvRpKTMGev\ZcTdbNvbWhVGHwcHhnDrFJ.pdb

Imports

ntdll

RtlInitAnsiString

kernel32

LoadResource
GlobalMemoryStatus
TransactNamedPipe
SizeofResource
CreateNamedPipeW
GetExitCodeThread
FileTimeToSystemTime
FindNextFileA
CloseHandle
lstrcpynW
WinExec
GetBinaryTypeW
FindFirstFileW
LocalReAlloc
CreateFileMappingW
SetCommState

comdlg32

FindTextW
PrintDlgExW
ChooseFontW

gdi32

GetTextMetricsA
SetBitmapDimensionEx
GetRgnBox
CreateDIBitmap
StartDocW
GetNearestColor
CreateDCW
GetSystemPaletteUse
GetROP2
UnrealizeObject
CreateHatchBrush
SetLayout
Escape
MoveToEx
CreateEllipticRgnIndirect

user32

GetMenuState
GetClassInfoA
EndDialog
GetDC
InvertRect
GetMessageTime
SendDlgItemMessageA
PostQuitMessage
CharToOemBuffA
SetRectEmpty
ModifyMenuW
GetMenuItemInfoW
CopyImage
OpenIcon
IsWindow
IsDialogMessageW
DispatchMessageA
GetMessageA
DrawStateA
SetSysColors
SetMenuItemInfoW
GetMonitorInfoW
SendDlgItemMessageW
TrackPopupMenu
BeginDeferWindowPos
DrawMenuBar
GetMessageW
GetNextDlgTabItem
AdjustWindowRect
SetDlgItemTextW
AdjustWindowRectEx
AllowSetForegroundWindow

Exports

Exports

?IDkjdkLUdojLKDUoduiduiuds@@YG_KKDEH@Z

Sections

.text
Size: 82KB - Virtual size: 81KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: - Virtual size: 136KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 38KB - Virtual size: 37KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

8ab6447bc08c30968079d125482655e9

Headers

File Characteristics

PDB Paths

Imports

ntdll

kernel32

comdlg32

gdi32

user32

Exports

Exports

Sections

.text Size: 82KB - Virtual size: 81KB

.rdata Size: - Virtual size: 136KB

.data Size: 38KB - Virtual size: 37KB

.rsrc Size: 512B - Virtual size: 16B

.reloc Size: 1KB - Virtual size: 1KB

.text
Size: 82KB - Virtual size: 81KB

.rdata
Size: - Virtual size: 136KB

.data
Size: 38KB - Virtual size: 37KB

.rsrc
Size: 512B - Virtual size: 16B

.reloc
Size: 1KB - Virtual size: 1KB