77cbbca3609d638ea324e27bb811796c_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

77cbbca3609d638ea324e27bb811796c_JaffaCakes118
Size

113KB
MD5

77cbbca3609d638ea324e27bb811796c
SHA1

750aade96630428945cd04503947f7f1d4cccc6f
SHA256

2599ecd5c4dc6c8fe15f9f61548013f64ff9ba76cff836f4ed86efd2bbc73c97
SHA512

581f4e7747b291223325480ddd8a08c17c819bf75dfd12bca4d6a54627988c5cc8a2d5a9045137ba630dac9021b0c96ec000f14b5fa34113ccb1a49b372d98da
SSDEEP

1536:alnRaAfsW4EdmxiDtAg0irci3hnCsnTQQ6ncvo6naks8sGAghXCpyjc:cRaE4xxOtWirc4cYQcA6na/MhXhjc

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
77cbbca3609d638ea324e27bb811796c_JaffaCakes118

Files

77cbbca3609d638ea324e27bb811796c_JaffaCakes118
.exe windows:5 windows x86 arch:x86

5c73b2dec10653704f10787e17aafd49

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

K:\zkEh\qfmo\nbpu.pdb

Imports

shlwapi

StrCmpNW

user32

GetActiveWindow
DefFrameProcA
GetPropW
FindWindowA
IsCharUpperA
GetWindowLongW
AllowSetForegroundWindow
ShowScrollBar
SetWindowLongW
DrawFocusRect
GetDC
GetCursorPos
SetDlgItemInt

comctl32

ImageList_GetIcon
InitCommonControlsEx
CreateToolbarEx

gdi32

RealizePalette
CreateBitmapIndirect
SetBitmapDimensionEx
StartPage
CreateDCW
CreateEllipticRgnIndirect
ScaleWindowExtEx

kernel32

lstrlenW
IsBadWritePtr
EnumResourceTypesA
QueryPerformanceCounter
SetErrorMode
CreateWaitableTimerA
GlobalDeleteAtom
GetTempFileNameW
VirtualFree
lstrcmpiW
GetProcAddress
LoadLibraryW
FindFirstFileW

Exports

Exports

?srttDprFVdGfCGuimlgJzi@@YGPAMK@Z
?eOlqikvad@@YGXF@Z
?dasuhqCvahdkdk@@YGPAHPAG@Z
?fwfgGbjVoxg@@YGNPANPAF@Z

Sections

.text
Size: 18KB - Virtual size: 17KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.idata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.edata
Size: 512B - Virtual size: 204B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.temp
Size: 75KB - Virtual size: 75KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.crt
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

5c73b2dec10653704f10787e17aafd49

Headers

File Characteristics

PDB Paths

Imports

shlwapi

user32

comctl32

gdi32

kernel32

Exports

Exports

Sections

.text Size: 18KB - Virtual size: 17KB

.idata Size: 1KB - Virtual size: 1KB

.edata Size: 512B - Virtual size: 204B

.temp Size: 75KB - Virtual size: 75KB

.data Size: 5KB - Virtual size: 17KB

.crt Size: 4KB - Virtual size: 4KB

.rsrc Size: 5KB - Virtual size: 4KB

.reloc Size: 2KB - Virtual size: 2KB

.text
Size: 18KB - Virtual size: 17KB

.idata
Size: 1KB - Virtual size: 1KB

.edata
Size: 512B - Virtual size: 204B

.temp
Size: 75KB - Virtual size: 75KB

.data
Size: 5KB - Virtual size: 17KB

.crt
Size: 4KB - Virtual size: 4KB

.rsrc
Size: 5KB - Virtual size: 4KB

.reloc
Size: 2KB - Virtual size: 2KB