9fef68a1ebe233a77ed360244df0e976_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

9fef68a1ebe233a77ed360244df0e976_JaffaCakes118
Size

124KB
MD5

9fef68a1ebe233a77ed360244df0e976
SHA1

dbec58653c8ad6f651fb2c0c36f250b462675886
SHA256

acedb15b58f5138694a82d6fcfa378634ae0c2c40c7edc6d4d70bcaa4fee51c5
SHA512

c280b65080dddf96d0e5b1f7792cc7fff5e15fdab0c98cbf564161b06fd6c1c88840f602e9476e17f04ecd39b1728681b8d43d57bf08f2300dfeb5c6f7ab30f8
SSDEEP

3072:teDVm7TQw+0seK1jldeIBhV3twhuDmyp2N:twyQw+1BAEV2huDmq2

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
9fef68a1ebe233a77ed360244df0e976_JaffaCakes118

Files

9fef68a1ebe233a77ed360244df0e976_JaffaCakes118
.exe windows:5 windows x86 arch:x86

2bb76522f13e62c7b7887e837a1b7fa9

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

S:\zgUci\lvnrzcye\Mvcty\byrRkgu\vzjwuH.pdb

Imports

gdi32

Rectangle
Polygon
GetPaletteEntries
SetDIBColorTable
GetTextMetricsA
DeleteDC

comdlg32

GetSaveFileNameW
PrintDlgExW
GetSaveFileNameA
GetFileTitleW

user32

RemovePropW
CreateMenu
CreateIconIndirect
WindowFromPoint
DefFrameProcA
SetScrollRange
keybd_event
RegisterWindowMessageW
ChildWindowFromPointEx
TranslateAcceleratorW
GetSystemMenu
ReplyMessage
CreateDialogParamW

ntdll

_stricmp
memset

shlwapi

StrSpnA
PathMakePrettyW

kernel32

GetModuleHandleW
GetCurrentProcessId
UnlockFile
InterlockedExchangeAdd
InterlockedExchange
ExitProcess
UnhandledExceptionFilter
GetTempPathA
lstrcmpiW
CreateFileA
GetExitCodeThread
CreateDirectoryA

Exports

Exports

?EOD_GLYYbr@@YGEMPAK@Z
?_u__meyZKrpzfaXOE@@YGPADF@Z
?sltxF_BC@@YGFD@Z
?gje_yc_O_zypajG@@YGEPAI@Z

Sections

.code
Size: 23KB - Virtual size: 23KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 27KB - Virtual size: 359KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 63KB - Virtual size: 62KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 330B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.import
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 5KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

2bb76522f13e62c7b7887e837a1b7fa9

Headers

File Characteristics

PDB Paths

Imports

gdi32

comdlg32

user32

ntdll

shlwapi

kernel32

Exports

Exports

Sections

.code Size: 23KB - Virtual size: 23KB

.data Size: 27KB - Virtual size: 359KB

.rdata Size: 63KB - Virtual size: 62KB

.edata Size: 512B - Virtual size: 330B

.import Size: 1KB - Virtual size: 1KB

.rsrc Size: 5KB - Virtual size: 8KB

.reloc Size: 2KB - Virtual size: 1KB

.code
Size: 23KB - Virtual size: 23KB

.data
Size: 27KB - Virtual size: 359KB

.rdata
Size: 63KB - Virtual size: 62KB

.edata
Size: 512B - Virtual size: 330B

.import
Size: 1KB - Virtual size: 1KB

.rsrc
Size: 5KB - Virtual size: 8KB

.reloc
Size: 2KB - Virtual size: 1KB