84caf2674a888aac0f8f649c467fa26f_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

84caf2674a888aac0f8f649c467fa26f_JaffaCakes118
Size

144KB
MD5

84caf2674a888aac0f8f649c467fa26f
SHA1

6a5927e751dd993a3814504851af3bc5602e5d00
SHA256

c4b180fd0bfc6fe098268d746e2945ff84eef1e13a18962804467a6f8ad4875b
SHA512

dcad034628b7202038dbfd12f37d5e0a41ea244d2b3ca88cef7caf310605c3425ab5c2e03f0f8171e9b1f9dce019c46b3ff2eef1e4778fc0f8c814ecbc0ffc13
SSDEEP

3072:8bBNtO8GAlAh24lzEkYLSDZcWczpIgx2t0zMsb9JkFqNIPTxFZQRRZ5:GBNtJtA0fLSl5czpLx2QMsE6IbLZQR

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
84caf2674a888aac0f8f649c467fa26f_JaffaCakes118

Files

84caf2674a888aac0f8f649c467fa26f_JaffaCakes118
.exe windows:5 windows x86 arch:x86

41708011e2d9f3b504529acb7b3c2caa

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

S:\KsviBzYngwtoppjkp\idxDUoXDYreHYnZrlnnu\MfwpgxfoDpyejsjquc\thvbpGPcNeq\oozaeOOJctaDWAJeo\JxIioiyckGmzRhaeSqQX.pdb

Imports

ntdll

memset

kernel32

HeapValidate
SetFileAttributesW
DeleteFileA
FindFirstChangeNotificationW
LockResource
CreateFileMappingW
lstrlenW
MoveFileW
SetEvent
GetBinaryTypeW
SetHandleCount
GetTimeFormatA
lstrcmpiW
lstrcpynA
GetNumberFormatA
ConnectNamedPipe

gdi32

ExtFloodFill
GetPaletteEntries
RectVisible
SetBitmapBits
LineTo
ExcludeClipRect
GetROP2
CreateDiscardableBitmap
GetTextExtentPointA
SaveDC
ScaleWindowExtEx
PtVisible

comctl32

PropertySheetW
ImageList_GetIcon
ImageList_GetImageCount
CreatePropertySheetPageA
ImageList_Create

msvcrt

exit

user32

AppendMenuW
SendDlgItemMessageW
SetMenuItemBitmaps
RegisterClassA
CopyImage
DefFrameProcA
WindowFromPoint
UnloadKeyboardLayout
IsDialogMessageW
TranslateAcceleratorW
MessageBoxW
ShowScrollBar
CallWindowProcA
SetDlgItemInt
DrawStateA
CharUpperA
ValidateRect
GrayStringW
CharUpperBuffA
SetMenuItemInfoW
GetMenu
IsCharAlphaW
SetScrollInfo
SendInput
LoadCursorW
CreateMenu
CharLowerW
HideCaret
RegisterWindowMessageW

shlwapi

ChrCmpIA
PathSearchAndQualifyA
UrlGetPartW
StrToIntA

Exports

Exports

?juk_qhj_h@@YGKMM@Z
?ZElW_LcLD_kutd_Qqtjp@@YGXPAH@Z
?FI_Mtv_bh_k@@YGDFPAH@Z
?e_cXUyqujzS__KAC_KO@@YGPAFD@Z
?xvvb_fd_wyt_qet@@YGPAIE@Z
?s_ZDXSJAO_JMGuhpgO@@YGXMM@Z
?__UTFL_Jo@@YGMIG@Z
?jtt_bq_ZXJL@@YGPAKPAM@Z
?_f_G_I_J__QAY@@YGDE@Z
?opccmXK_HEmjk_xyIAMI_@@YGFMG@Z
?OHQP__s_qb_fxuVKEC@@YGHN_N@Z
?VPO_T_ZJmlk___ucrxLT_@@YGGJPAH@Z
?__djtdaM_C_XBAWKY@@YGXDPAE@Z
?fa_plz__QNOWRQZBIYSxpa@@YGPAEPANK@Z
?_Z___t_GD_KL_HACGRVOEO@@YGGD@Z
?TQG_IdI_RHFZlcx_z_sF@@YGJPAF@Z
?__upwx_c@@YGJH@Z
?by_bniui_ygf_a_pdk@@YGDG@Z
?QKH_y__p_ivz@@YGGPAH@Z
?Zq_wxfn_eI@@YGPAJDPAF@Z
?_Cbiujpwr_yr_c_wwtJO_P@@YGPAGPADF@Z
?J_GFJVXp_gindLN_B@@YGPAND@Z
?VKDND_uuQ_BNO_bb_z_o@@YGEKPAK@Z
?PBDMDN__BTFD_y@@YGME@Z
?cn_lo_hjtvYVN_Ah@@YGHD@Z
?TGHEbJFGNmhfmHDZ@@YGXKPAK@Z
?vV__RUGAJJ@@YGKPAK@Z
?HEFCNXT_mtOIIRXj_@@YGMPAD@Z
?D___LM_RCDIKL@@YGDI_N@Z
?_BGHNxqvaJM_JFVT_@@YGPAXJ@Z
?AUZ__Vb_oc_CX@@YGPAXIG@Z
?jw_eeHBvsz_yrYCKT@@YGPAGPAK@Z
?f_vtXP__WQ__ES_KH_rtp@@YG_NF@Z
?giev_j_alm_ujtocwiyy_@@YGKJ@Z
?vrusfXG_Rsv_o@@YGPAXPAFE@Z
?Y_PH_N_uJQqpFREB@@YGMPAJH@Z
?wbiuzQBUd_jv@@YGPAHE@Z
?LAI_IAEWZZHHWDAU_UZt@@YGGPADE@Z
?bc_xneu@@YGXD@Z
?SJUXWXG_wUL@@YGGE@Z

Sections

.text
Size: 91KB - Virtual size: 91KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 34KB - Virtual size: 189KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

41708011e2d9f3b504529acb7b3c2caa

Headers

File Characteristics

PDB Paths

Imports

ntdll

kernel32

gdi32

comctl32

msvcrt

user32

shlwapi

Exports

Exports

Sections

.text Size: 91KB - Virtual size: 91KB

.idata Size: 12KB - Virtual size: 11KB

.data Size: 34KB - Virtual size: 189KB

.rdata Size: 2KB - Virtual size: 2KB

.rsrc Size: 512B - Virtual size: 16B

.reloc Size: 2KB - Virtual size: 2KB

.text
Size: 91KB - Virtual size: 91KB

.idata
Size: 12KB - Virtual size: 11KB

.data
Size: 34KB - Virtual size: 189KB

.rdata
Size: 2KB - Virtual size: 2KB

.rsrc
Size: 512B - Virtual size: 16B

.reloc
Size: 2KB - Virtual size: 2KB