8c7b0e59b693de2dc83fc46064c86583_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

8c7b0e59b693de2dc83fc46064c86583_JaffaCakes118
Size

96KB
MD5

8c7b0e59b693de2dc83fc46064c86583
SHA1

e5b675ce92a31bf7a39eec266e5bbb025ae32d81
SHA256

d28c3e646bffc4a12cc1049c783727e04994d047ddeb77a6bb528604ad3d3102
SHA512

cf29cf1d294837d3650d0df3728031dd42900c6939ec16d1b5e66a69aee0c6be0db0f5a2ce956a11110414e8eb84c886ad48f8574931e5b900566c364ce9b612
SSDEEP

1536:4EJq+bch1NZMLTBbaYbwZK1ah4Uu2oo2IO3zKg5VmunlxY1FPOc50o2wmoxzC:4EJq+bcHnSTNaYc4ah4URmGgPlmPOqmJ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8c7b0e59b693de2dc83fc46064c86583_JaffaCakes118

Files

8c7b0e59b693de2dc83fc46064c86583_JaffaCakes118
.dll windows:5 windows x86 arch:x86

27f1b0650fb8c3e66882441843e60b16

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

G:\yuhojUDYA\bbaqzjd\GpeLmTSWr\yllbbehjpSy\wzlaopovcxtgBt.pdb

Imports

gdi32

EndDoc
CreateRectRgn
UnrealizeObject
GetClipBox
GetDIBits
GetRgnBox
CreateFontIndirectA
MoveToEx
TranslateCharsetInfo
FillRgn
Polygon
SetLayout
SetPaletteEntries
GetPixel
CombineRgn
EnumFontFamiliesExW
GetTextMetricsA
TextOutA
GetDeviceCaps

kernel32

GetModuleHandleA
DisconnectNamedPipe
GetWindowsDirectoryA
OpenFileMappingA
HeapValidate
GetTickCount
LCMapStringA
ReleaseSemaphore
IsValidLanguageGroup
WriteFile
GetCommModemStatus
DeleteCriticalSection
EnumResourceNamesA
GetProcAddress
GetWindowsDirectoryW
FindNextFileA
GetACP
CancelIo
SetCurrentDirectoryW
GetTempPathA
LoadLibraryW
FindFirstChangeNotificationW
FoldStringW

shlwapi

ord29
StrToIntExA

msvcrt

sprintf
_controlfp
ungetc
swprintf
__set_app_type
__p__fmode
__p__commode
wcscat
_amsg_exit
_initterm
_acmdln
exit
_ismbblead
fprintf
_XcptFilter
_exit
isalpha
_cexit
iswdigit
isxdigit
strstr
islower
fwrite
ftell
__setusermatherr
__getmainargs
strtoul

user32

DrawAnimatedRects
SetScrollPos
GetSystemMenu
FindWindowExA
ReplyMessage
CharUpperBuffA
DestroyIcon
EnumChildWindows
OpenInputDesktop
GetClassInfoExW
CharLowerW
TrackPopupMenu
SendMessageW
GetIconInfo
IsCharAlphaNumericW
CreateCursor
WaitMessage
LoadStringA
DefWindowProcA
CopyRect
GetScrollPos
SetTimer
IsCharUpperA
SetMenuDefaultItem
wsprintfW
GetClipCursor
IsCharAlphaW
IsCharLowerA
IsDlgButtonChecked
SetLastErrorEx
SendNotifyMessageW
ShowOwnedPopups
GetMenuItemInfoW
OemToCharA
LoadCursorA
CheckMenuRadioItem
InSendMessageEx
EndDialog
CreateWindowExA
GetDlgItem
InflateRect
InSendMessage
RegisterWindowMessageA
GetKeyState
GetDlgCtrlID
IsWindow
CreateIconFromResource
InvalidateRgn

Exports

Exports

?DecrementProjectNew@@YGHPA_N~U
?CancelModuleNew@@YGFHPAGJM~U
?ModifyCharExW@@YGPANGPAK~U
?InstallExpressionExW@@YGEIPAN~U
InstallU
?DecrementHeaderA@@YGKMPAEHM~U
PluginCommand
PluginMain
?EnumFullNameNew@@YGPAFPAKEM~U
?GetSectionExW@@YGF_N~U
?ModifyFolderA@@YGPAGDPAGPAGJ~U
?InsertStateExW@@YGPAGEFJ~U
?LoadWindowInfoNew@@YGPAMGPAGMD~U
?FindSemaphoreA@@YGKIPAKEJ~U
PluginName
PluginType
PluginVersion
WSPStartup
?DumpDigitalDataCBhJEB@@YGKGHE@Z

Sections

.text
Size: 21KB - Virtual size: 20KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.init
Size: 1024B - Virtual size: 528B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tidat
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tedat
Size: 1024B - Virtual size: 851B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 232B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.alloc
Size: - Virtual size: 79KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 64KB - Virtual size: 63KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

27f1b0650fb8c3e66882441843e60b16

Headers

File Characteristics

PDB Paths

Imports

gdi32

kernel32

shlwapi

msvcrt

user32

Exports

Exports

Sections

.text Size: 21KB - Virtual size: 20KB

.init Size: 1024B - Virtual size: 528B

.tidat Size: 3KB - Virtual size: 2KB

.tedat Size: 1024B - Virtual size: 851B

.rdata Size: 512B - Virtual size: 232B

.data Size: 2KB - Virtual size: 2KB

.alloc Size: - Virtual size: 79KB

.rsrc Size: 64KB - Virtual size: 63KB

.reloc Size: 2KB - Virtual size: 2KB

.text
Size: 21KB - Virtual size: 20KB

.init
Size: 1024B - Virtual size: 528B

.tidat
Size: 3KB - Virtual size: 2KB

.tedat
Size: 1024B - Virtual size: 851B

.rdata
Size: 512B - Virtual size: 232B

.data
Size: 2KB - Virtual size: 2KB

.alloc
Size: - Virtual size: 79KB

.rsrc
Size: 64KB - Virtual size: 63KB

.reloc
Size: 2KB - Virtual size: 2KB