727dff5e2321172a24de35076a6b602c_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

727dff5e2321172a24de35076a6b602c_JaffaCakes118
Size

112KB
MD5

727dff5e2321172a24de35076a6b602c
SHA1

a93e7402b7481523d1c81fe2acb13d1da2bb3f89
SHA256

203060a2300b1a809aa1e1677de0d4eb59481c3a1f3f8dc8f31dae537919200f
SHA512

b80265d0451119a22a7ffb850682e00410931135822e45b25db7f4d92f5b850aa5e229e14fe990715bf4976db6fc6b49ad3079302b4195c4187e18218f56bd7b
SSDEEP

1536:F3J8emkaL/dISzQeyA9pMs6JwZAyJOILR6rDC9GUemk46TJb0aAgOuu:X8ehSzQQWEYikmkxZ0qOuu

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
727dff5e2321172a24de35076a6b602c_JaffaCakes118

Files

727dff5e2321172a24de35076a6b602c_JaffaCakes118
.dll windows:5 windows x86 arch:x86

2bef78cab8569834cf131fd0b5fe5f2e

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

G:\gjdroka\ttxgpuk\dsqGl.pdb

Imports

user32

OpenInputDesktop
GetClassLongA
ShowScrollBar
wsprintfA
GetPropW
InternalGetWindowText
GetScrollInfo
RegisterClassExW
GetUpdateRgn
GetScrollRange
LoadStringW
IsCharUpperA
GetWindowLongW
SetWindowPlacement

kernel32

GlobalFree
DeleteFileW
SetThreadContext
GetProcAddress
GetSystemDirectoryA
LoadLibraryW
GetPriorityClass
GetStartupInfoW
LocalLock
lstrlenW
lstrcmpiW
ResumeThread
GetTempFileNameA

gdi32

GetTextExtentExPointW
PolyBezier
SetROP2
GetDeviceCaps
CreateHatchBrush
LineTo
CreateFontIndirectA
CreateCompatibleDC

comdlg32

ChooseColorW
PrintDlgW
PrintDlgExW
CommDlgExtendedError

comctl32

CreateStatusWindowW
ImageList_GetImageCount
PropertySheetA

shlwapi

StrCmpNW

Exports

Exports

?vptyceDzPshulkZgW@@YGEGF@Z
?Ntnxanjywoyo@@YGPAXGPAE@Z
?RDJqtpFsasaEtiohrcNZda@@YGPAD_NE@Z
?qzozoAtaw@@YGXPAEPAH@Z

Sections

.text
Size: 18KB - Virtual size: 18KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.idata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.edata
Size: 512B - Virtual size: 212B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.temp
Size: 75KB - Virtual size: 75KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.crt
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

2bef78cab8569834cf131fd0b5fe5f2e

Headers

File Characteristics

PDB Paths

Imports

user32

kernel32

gdi32

comdlg32

comctl32

shlwapi

Exports

Exports

Sections

.text Size: 18KB - Virtual size: 18KB

.idata Size: 1KB - Virtual size: 1KB

.edata Size: 512B - Virtual size: 212B

.temp Size: 75KB - Virtual size: 75KB

.data Size: 5KB - Virtual size: 17KB

.crt Size: 4KB - Virtual size: 4KB

.rsrc Size: 3KB - Virtual size: 3KB

.reloc Size: 3KB - Virtual size: 2KB

.text
Size: 18KB - Virtual size: 18KB

.idata
Size: 1KB - Virtual size: 1KB

.edata
Size: 512B - Virtual size: 212B

.temp
Size: 75KB - Virtual size: 75KB

.data
Size: 5KB - Virtual size: 17KB

.crt
Size: 4KB - Virtual size: 4KB

.rsrc
Size: 3KB - Virtual size: 3KB

.reloc
Size: 3KB - Virtual size: 2KB