96b8fd7cc3d49b6849e1942e1d51b7a9_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

96b8fd7cc3d49b6849e1942e1d51b7a9_JaffaCakes118
Size

150KB
MD5

96b8fd7cc3d49b6849e1942e1d51b7a9
SHA1

ac0150de769560460357a6c0165d5b372b16ffc9
SHA256

e7be5cc158f73c59959d69f394c55f47bcff39b776ec77d841f322461ee5f909
SHA512

a2660f4860b4bb923652e9554d6b57c3dd09a9fa86e8dfa48930e9aeb1ac786e13ae1630426e8abecbc482e1db6def6581f6663c528934f3f973b0a8fa61abba
SSDEEP

3072:fBJ13gcd5rr126j0jhOQn2a86C/mZ/+5g2MLl3rmF5JOrnq3+65m8+Grhvaja76K:qcrhAjAQn2V4/cgHgPmqZ7cWz

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
96b8fd7cc3d49b6849e1942e1d51b7a9_JaffaCakes118

Files

96b8fd7cc3d49b6849e1942e1d51b7a9_JaffaCakes118
.exe windows:5 windows x86 arch:x86

f3ce9cded0d1f7eee08d3b6b065e8c2f

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

C:\WiomjMhhrmy\xouiIijgkspdiSrszgH\txpykFggsgrYcIHQqFv\QgqpjtsolGgmibjqea\fwxlOthvwwdoeZEjm\hiNpdiplgcghbOtYnJbf.pdb

Imports

user32

SetDlgItemTextA
LoadIconW
LookupIconIdFromDirectory
GetClassInfoW
GetWindowDC
InvertRect
SetCaretPos
CallWindowProcW
GetKeyboardLayout
HideCaret
RegisterClassExA
GetDlgCtrlID
RegisterClassExW
IsMenu
FindWindowA
MapVirtualKeyW
GetForegroundWindow
LoadIconA
EndDialog
DrawTextExW
GetWindowTextA
GetSysColor
TranslateMessage
SetMenuDefaultItem
GetScrollRange
GetMessagePos
DestroyCursor
TrackPopupMenu
KillTimer

kernel32

LoadResource
UnlockFile
SetWaitableTimer
FindResourceExW
CreateMailslotW
FindResourceW
IsBadCodePtr
SetCurrentDirectoryA
Sleep
SetSystemTimeAdjustment
SetCommMask
LocalAlloc
InitializeCriticalSection
GetPriorityClass
GetSystemTimeAsFileTime
lstrlenW

gdi32

GetRgnBox
ScaleViewportExtEx
CreateRoundRectRgn
PathToRegion
Rectangle
StretchDIBits
SetPaletteEntries
MoveToEx
PtInRegion
RemoveFontResourceW
CreateFontW
GetObjectW
SetDIBits

comdlg32

ChooseFontW
PageSetupDlgW

Exports

Exports

?_wcsnicoll_l@@YGKPA_WG@Z

Sections

.text
Size: 91KB - Virtual size: 90KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 43KB - Virtual size: 43KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.mdata
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1KB - Virtual size: 109KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f3ce9cded0d1f7eee08d3b6b065e8c2f

Headers

File Characteristics

PDB Paths

Imports

user32

kernel32

gdi32

comdlg32

Exports

Exports

Sections

.text Size: 91KB - Virtual size: 90KB

.rdata Size: 43KB - Virtual size: 43KB

.mdata Size: 11KB - Virtual size: 11KB

.data Size: 1KB - Virtual size: 109KB

.rsrc Size: 512B - Virtual size: 16B

.reloc Size: 1KB - Virtual size: 1KB

.text
Size: 91KB - Virtual size: 90KB

.rdata
Size: 43KB - Virtual size: 43KB

.mdata
Size: 11KB - Virtual size: 11KB

.data
Size: 1KB - Virtual size: 109KB

.rsrc
Size: 512B - Virtual size: 16B

.reloc
Size: 1KB - Virtual size: 1KB