892a0db4d394442b652fd970054ba4d2_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

892a0db4d394442b652fd970054ba4d2_JaffaCakes118
Size

224KB
MD5

892a0db4d394442b652fd970054ba4d2
SHA1

52571fd6596343a2b1bcbf5da79e25923794e4cf
SHA256

89f0686ff14bffb9233b74f12f07b8208e4b0b1194464ca7f45a4b4f0a9f981b
SHA512

c3c4d7e039c9a77d138c3c27034a1d6257e06cda052c8dd53d6780d3bb3ad5a7f9502877f6ce54fb1b82b92b40d732530d764d7e30f7d9118e5819b4cebcd551
SSDEEP

6144:otY99mfR96Z3qpjoX86vvOIaPKCfKkUKO5uGQYhgNlJk:o6uf/6QjOFaPW5LWYePJ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
892a0db4d394442b652fd970054ba4d2_JaffaCakes118

Files

892a0db4d394442b652fd970054ba4d2_JaffaCakes118
.exe windows:5 windows x86 arch:x86

6aaff507133a431e9dcaf9bddae08429

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

G:\EBrtbuanmEVNsdBoIa\dycgfvyjpdwvexanBw\tjyjcdarciEDwXrLk\QSlszLqtbgvEoc\gfWsqxxmlVljqup\rhaYpktXomZmelvdyBhM\pgcjKmDoqqltUvQLgrxZ.pdb

Imports

gdi32

SetViewportOrgEx
GetTextExtentPointA
EnumFontFamiliesW
CreateCompatibleDC
CreatePalette
SaveDC
DeleteObject
CreateFontIndirectA
TranslateCharsetInfo
CreateBrushIndirect
SetPaletteEntries
UnrealizeObject
DeleteDC

comdlg32

ChooseFontW
PrintDlgW
FindTextW
CommDlgExtendedError
PageSetupDlgW

kernel32

SetTimerQueueTimer
GetProcessHeap
GetModuleHandleW
LocalLock
GetWindowsDirectoryA
WaitForMultipleObjects
TerminateThread
UnmapViewOfFile
FindResourceExW
MulDiv
GetFileTime
OpenFileMappingA
RaiseException
HeapFree
HeapAlloc
GetCurrentThread
CreateEventW

comctl32

ImageList_GetIconSize
ImageList_Destroy
ImageList_Remove

shlwapi

StrChrNW
StrCpyNW

user32

GetSystemMenu
CreateDialogParamW
LoadCursorA
ToUnicodeEx
EnumChildWindows
DestroyCaret
RegisterWindowMessageA
DrawIconEx
SetMenuDefaultItem
MapVirtualKeyExW
SetWindowLongA
EnableWindow
CheckDlgButton
GetFocus
DialogBoxParamA
GetActiveWindow
PostThreadMessageW
LoadBitmapA
GetDlgCtrlID
SetPropW
SetWindowTextW
GetMenuStringA
GetMenuItemInfoW
MapDialogRect
FillRect
CallWindowProcA
InvalidateRgn
CreateIconFromResource
GetWindowPlacement

Exports

Exports

?DufiluIOQF67uiofYIFYfUFyf@@YGKEPA_WG@Z

Sections

.text
Size: 103KB - Virtual size: 103KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 70KB - Virtual size: 70KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.mdata
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 36KB - Virtual size: 203KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

6aaff507133a431e9dcaf9bddae08429

Headers

File Characteristics

PDB Paths

Imports

gdi32

comdlg32

kernel32

comctl32

shlwapi

user32

Exports

Exports

Sections

.text Size: 103KB - Virtual size: 103KB

.rdata Size: 70KB - Virtual size: 70KB

.mdata Size: 11KB - Virtual size: 11KB

.data Size: 36KB - Virtual size: 203KB

.rsrc Size: 512B - Virtual size: 16B

.reloc Size: 1KB - Virtual size: 1KB

.text
Size: 103KB - Virtual size: 103KB

.rdata
Size: 70KB - Virtual size: 70KB

.mdata
Size: 11KB - Virtual size: 11KB

.data
Size: 36KB - Virtual size: 203KB

.rsrc
Size: 512B - Virtual size: 16B

.reloc
Size: 1KB - Virtual size: 1KB