8c4dbeb3ea0f6993d503fe2e5c6d8391_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

8c4dbeb3ea0f6993d503fe2e5c6d8391_JaffaCakes118
Size

33KB
MD5

8c4dbeb3ea0f6993d503fe2e5c6d8391
SHA1

92ae90e0c47b960c6c9b4fe79ce902473b0f5c7e
SHA256

3b60c98f688d478ac57916c230d20987a255e1426e39b12b847c5414aa01dc62
SHA512

5d76c0c2ac77d1c7e8c050ae2e91758a5dd3b778dfeba72b4baec5cbfa89ede85b55d9316539d4409d3476bd5c59bab69ab91ba974282145189192baa0d326af
SSDEEP

768:E9MZn0XXsUvLi/DEWVvCc4jMA+hxOX9Mu3wgi0JO/UF/EXsC4:HE8ILuDnvr4jjEgNMqwgDJHg4

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/Update.Pdf______________________________________________________________________.exe

Files

8c4dbeb3ea0f6993d503fe2e5c6d8391_JaffaCakes118
.zip
Update.Pdf______________________________________________________________________.exe
.exe windows:5 windows x86 arch:x86

c7749f6f9bc547345e41d839bb655235

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

Y:\DnjbJ\tsBch\emHe.pdb

Imports

user32

LoadStringA
OemToCharA
OemToCharBuffA
EndDialog
DestroyAcceleratorTable
SetForegroundWindow
GetKeyState
SetScrollInfo
WindowFromPoint
DrawTextW
DrawStateA
ChangeMenuW
UnloadKeyboardLayout
GetDialogBaseUnits
IsCharAlphaW
AdjustWindowRectEx
GetMessageW
GetDCEx
GetFocus
DrawTextA
GetWindow
GetClassInfoExW
IsCharAlphaNumericW
LoadCursorW
SetWindowLongA
DialogBoxIndirectParamA
wvsprintfW
BringWindowToTop
CreateIconFromResource
LoadBitmapW

shlwapi

StrCmpNW
UrlGetPartW
StrSpnW
UrlUnescapeA

gdi32

PatBlt
GetBitmapBits
OffsetViewportOrgEx
OffsetRgn
PolyBezier
StretchDIBits
CreateCompatibleDC
Polyline
CreateFontW
BeginPath
SelectPalette
EnumFontFamiliesExW

kernel32

LockFile
GetCommTimeouts
SetFilePointer
EnumResourceTypesA
lstrcatA
SetSystemTime
GlobalFlags
EnterCriticalSection
LCMapStringA
GetCurrentProcessId
SetSystemTimeAdjustment
lstrcmpiW
SetLastError
GetTimeFormatA
GlobalGetAtomNameA
GetOverlappedResult
GetStdHandle

comctl32

CreatePropertySheetPageW
PropertySheetW
ImageList_Destroy
ImageList_Create
ImageList_AddMasked

Exports

Exports

?___GITDXyfb_@@YGFF@Z

Sections

.text
Size: 26KB - Virtual size: 61KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.sdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rdata
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 13KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

c7749f6f9bc547345e41d839bb655235

Headers

File Characteristics

PDB Paths

Imports

user32

shlwapi

gdi32

kernel32

comctl32

Exports

Exports

Sections

.text Size: 26KB - Virtual size: 61KB

.data Size: 2KB - Virtual size: 1KB

.sdata Size: 2KB - Virtual size: 2KB

.rdata Size: 11KB - Virtual size: 11KB

.rsrc Size: 13KB - Virtual size: 16KB

.reloc Size: 1KB - Virtual size: 1KB

.text
Size: 26KB - Virtual size: 61KB

.data
Size: 2KB - Virtual size: 1KB

.sdata
Size: 2KB - Virtual size: 2KB

.rdata
Size: 11KB - Virtual size: 11KB

.rsrc
Size: 13KB - Virtual size: 16KB

.reloc
Size: 1KB - Virtual size: 1KB