8965c78a94fa70985f302d42bf482513_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

8965c78a94fa70985f302d42bf482513_JaffaCakes118
Size

146KB
MD5

8965c78a94fa70985f302d42bf482513
SHA1

c7f98f14f30e9b358d85de24f042a309ed27ce83
SHA256

d7ad4608d1af515db965612f0865c44205d6c8bbc139f3daea6b70f1102e7fd4
SHA512

fa252c71ba1269caf6448c959b7d4eb672493f8853765ed6893bd201d5424a6565c19d5caa5f4f0d654d68e7eb429c2fd78cea9247455e272db580ae5a05ccc5
SSDEEP

3072:/iPe8MjJ7tgjhfiS0Qany61jeh4IX+/Fo3GsH4oxzTfTe3dZ2A:/fjJ+ViS3CCtb3ftxzrTe3dE

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8965c78a94fa70985f302d42bf482513_JaffaCakes118

Files

8965c78a94fa70985f302d42bf482513_JaffaCakes118
.exe windows:5 windows x86 arch:x86

7039ef64af45412ddd8a28789907e21e

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

S:\yleKLwft\jsqGGQij\zopu.pdb

Imports

user32

ChildWindowFromPoint
SetRectEmpty
PostMessageW
MapVirtualKeyW
DestroyIcon
CharToOemBuffA
SwitchToThisWindow
MessageBoxExA
CharLowerW
LoadStringW
AttachThreadInput
BeginDeferWindowPos
DrawTextA
GetClientRect
GetParent
CreateDialogParamW
CopyImage
DrawFrameControl
DrawStateW
CallWindowProcA
SetScrollInfo
CharUpperBuffA
BeginPaint
DestroyMenu
GetSystemMetrics
SetScrollPos
EndPaint
IsRectEmpty
SetRect
IsChild

ole32

OleInitialize
OleUninitialize

kernel32

FileTimeToLocalFileTime
GetStdHandle
GetFileTime
QueryDosDeviceW
IsValidLocale
CreateWaitableTimerA
UnmapViewOfFile
SetCurrentDirectoryW
FlushViewOfFile
GetStartupInfoA
OpenFileMappingA
DeleteCriticalSection
GetCommandLineW
CreateSemaphoreW
CreateMutexA

gdi32

EndDoc
SetPixel
Polygon
CreateICW
RectInRegion
GetTextAlign
SetDIBitsToDevice
CreateCompatibleBitmap
EndPath
ExcludeClipRect
EnumFontFamiliesW
Rectangle
CreateBrushIndirect

comdlg32

FindTextW
ReplaceTextW
GetOpenFileNameA
GetSaveFileNameA

Exports

Exports

?bybqdaxrwRFOMEc_r@@YGMPAJ@Z
?vsnwApcpmkvpb@@YGFPAD@Z
?cjSARPQqjqoe_uyq_vyb_@@YGPA_NPAK@Z

Sections

.text
Size: 88KB - Virtual size: 88KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 21KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.mdata
Size: 11KB - Virtual size: 115KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 22KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

7039ef64af45412ddd8a28789907e21e

Headers

File Characteristics

PDB Paths

Imports

user32

ole32

kernel32

gdi32

comdlg32

Exports

Exports

Sections

.text Size: 88KB - Virtual size: 88KB

.rdata Size: 21KB - Virtual size: 21KB

.mdata Size: 11KB - Virtual size: 115KB

.data Size: 22KB - Virtual size: 21KB

.rsrc Size: 512B - Virtual size: 16B

.reloc Size: 1KB - Virtual size: 1KB

.text
Size: 88KB - Virtual size: 88KB

.rdata
Size: 21KB - Virtual size: 21KB

.mdata
Size: 11KB - Virtual size: 115KB

.data
Size: 22KB - Virtual size: 21KB

.rsrc
Size: 512B - Virtual size: 16B

.reloc
Size: 1KB - Virtual size: 1KB