a09c0fad3033777e3051d6aee28e22f2_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

a09c0fad3033777e3051d6aee28e22f2_JaffaCakes118
Size

124KB
MD5

a09c0fad3033777e3051d6aee28e22f2
SHA1

f262f770a2fd61034101961cf7e59f436e5ec4e2
SHA256

4baef42f07124b819866990e97745c2d44a95340fa0a54b8d4eddf7f2a30086c
SHA512

26d85b626767686ef0967f00dc4e223efbf979664c6f11fad656b96730d2b81e4078c7de4c168bce9b5892bb487377aea8f72c65535a8a31895d0ca96e6efa7a
SSDEEP

3072:Q9gg2CUptT76YtFD0PvqM28GSff3KDRZHt5HX00C9L:6/Ur6YtaPDj455k0a

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a09c0fad3033777e3051d6aee28e22f2_JaffaCakes118

Files

a09c0fad3033777e3051d6aee28e22f2_JaffaCakes118
.exe windows:5 windows x86 arch:x86

e4e191b29d3af3680b3d1d6e42cd7154

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

Z:\XIglwu\Tbkgrvo\GbZJrm\szqaiex\EvppbuKf.pdb

Imports

user32

LoadStringW
PostMessageA
LoadBitmapW
GrayStringW
DialogBoxParamA
GetDesktopWindow
AdjustWindowRect
DefWindowProcW
ToUnicodeEx
LoadIconW
GetSysColorBrush
CreateDialogParamA
LoadCursorW

comctl32

PropertySheetW
ImageList_ReplaceIcon
ImageList_Remove

kernel32

GetCurrentDirectoryW
ExitProcess
lstrlenA
GetCurrentThread
lstrcmpiA
FindResourceExW
MoveFileExW
IsDBCSLeadByteEx
WaitForMultipleObjectsEx
SetNamedPipeHandleState

gdi32

RectVisible
GetNearestColor
ExcludeClipRect
ScaleWindowExtEx
GetStockObject

comdlg32

CommDlgExtendedError
GetFileTitleW
PrintDlgW
ReplaceTextW

Exports

Exports

?CHKRU_DE_@@YGPAFK@Z
?EIJAX_c_sca@@YGXPAI@Z
?Y_E_GMZ@@YGH_N@Z
?buxq_A__Z@@YGXNH@Z
?c_eNPX_ICSSyu@@YGPAMPAHJ@Z
?_HQZ_AYX_Y@@YGPAHPAEPAD@Z
?_SPYSOXygP@@YGPAGHK@Z
?_xn__ijdQ@@YGEJ@Z
?_ASYCAfwdOPKNTLEI@@YGXPAK@Z
?YGPQXDVYL@@YGPADNPAE@Z
?C_Yoh_HJHVUDL_ZUAex@@YGIIPAF@Z
?fozatFIO_Tlj@@YGXK@Z
?h_uxQ_Xs_ddasqut___o_M@@YGPAHK@Z
?BT_N_hcygpQ@@YGPAHEPAH@Z
?j__lsxxmL_VLMZV@@YGXJ@Z

Sections

.text
Size: 512B - Virtual size: 160B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.code
Size: 23KB - Virtual size: 22KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.idata
Size: 1024B - Virtual size: 966B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 348KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 75KB - Virtual size: 75KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 1024B - Virtual size: 886B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e4e191b29d3af3680b3d1d6e42cd7154

Headers

File Characteristics

PDB Paths

Imports

user32

comctl32

kernel32

gdi32

comdlg32

Exports

Exports

Sections

.text Size: 512B - Virtual size: 160B

.code Size: 23KB - Virtual size: 22KB

.idata Size: 1024B - Virtual size: 966B

.data Size: 16KB - Virtual size: 348KB

.rdata Size: 75KB - Virtual size: 75KB

.edata Size: 1024B - Virtual size: 886B

.rsrc Size: 4KB - Virtual size: 4KB

.reloc Size: 1KB - Virtual size: 1KB

.text
Size: 512B - Virtual size: 160B

.code
Size: 23KB - Virtual size: 22KB

.idata
Size: 1024B - Virtual size: 966B

.data
Size: 16KB - Virtual size: 348KB

.rdata
Size: 75KB - Virtual size: 75KB

.edata
Size: 1024B - Virtual size: 886B

.rsrc
Size: 4KB - Virtual size: 4KB

.reloc
Size: 1KB - Virtual size: 1KB