95ddb85a1d1ff0315ffa782a04b10d1d_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

95ddb85a1d1ff0315ffa782a04b10d1d_JaffaCakes118
Size

159KB
MD5

95ddb85a1d1ff0315ffa782a04b10d1d
SHA1

572d7b04a54a1bce0c855a48f1da283462a5dd1c
SHA256

1fd83b590b120ef1a9043ea24f9d4281e2f0ed6c078ebbd0d14f43fcce234428
SHA512

f50487e714a4ca5648b198347ce0b709ff6a52f4b1f0fcc37b5504ac515f3362c50ce487601798739658d4f54f5fc48f106b3b5f5d581a3b5b4f0cbf460ae7f6
SSDEEP

3072:1Mi9fypMurQH0TKuTdpXZpoxisvjBsVhGLfhnd6lb9V6F6j8vAm5uo0:1Ms4muTdpppwXjB8hUklJAF660

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
95ddb85a1d1ff0315ffa782a04b10d1d_JaffaCakes118

Files

95ddb85a1d1ff0315ffa782a04b10d1d_JaffaCakes118
.exe windows:5 windows x86 arch:x86

f628e03c917e9b31d6705247814e571b

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

P:\yRoz\rixZiFm\YwOOiata\jhghnym\hwdmm.pdb

Imports

shlwapi

StrToInt64ExW

gdi32

SetViewportExtEx
AddFontResourceW
GetStockObject
BeginPath
SetStretchBltMode
DeleteDC

kernel32

GetShortPathNameW
GetTickCount
ExitThread
TlsGetValue
GetLocaleInfoA
GetWindowsDirectoryW
MapViewOfFile
GlobalHandle
GetCurrentProcessId
SizeofResource
ExitProcess
GetConsoleWindow

user32

GetKeyboardLayoutNameA
IsDialogMessageW
GetTopWindow
IsDialogMessageA
GetMessageTime
SendMessageA
CreateDialogParamW
GetWindowTextLengthW
InternalGetWindowText
GetMenuItemID
EnumWindows
GetNextDlgGroupItem
InSendMessageEx

Exports

Exports

?V_DJ__Doz_j_@@YGPANEPAF@Z
?BBHCLQZ__TGH@@YGPADD@Z
?cbcs___yPDS_EDB_XB@@YGJJ@Z
?km_gSHWw@@YGIPAD@Z
?QYRS_EIPYDNmsndYSD_A@@YGF_N@Z
?_KBY_WGQ@@YGDF@Z
?b_cw_wkqwprts_T_T__@@YGIPAJPAD@Z
?YIFUJLj_r_n_IJ@@YGPAXPAI@Z
?kjjsfpEB__YSp___vx_rC_@@YGPAXPAKK@Z
?NP_O_BkgxXNMr__@@YGFKF@Z
?vvr_jue_jy__EB@@YGNK@Z
?SS_UAXmq_a_bvx@@YGGHG@Z
?L_NNFSZYg@@YGXIE@Z

Sections

.text
Size: 53KB - Virtual size: 385KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 31KB - Virtual size: 31KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 31KB - Virtual size: 30KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idat
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.pacdat
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f628e03c917e9b31d6705247814e571b

Headers

File Characteristics

PDB Paths

Imports

shlwapi

gdi32

kernel32

user32

Exports

Exports

Sections

.text Size: 53KB - Virtual size: 385KB

.data Size: 31KB - Virtual size: 31KB

.rdata Size: 31KB - Virtual size: 30KB

.idat Size: 16KB - Virtual size: 15KB

.pacdat Size: 16KB - Virtual size: 15KB

.rsrc Size: 8KB - Virtual size: 8KB

.reloc Size: 2KB - Virtual size: 1KB

.text
Size: 53KB - Virtual size: 385KB

.data
Size: 31KB - Virtual size: 31KB

.rdata
Size: 31KB - Virtual size: 30KB

.idat
Size: 16KB - Virtual size: 15KB

.pacdat
Size: 16KB - Virtual size: 15KB

.rsrc
Size: 8KB - Virtual size: 8KB

.reloc
Size: 2KB - Virtual size: 1KB