a8569de67377ea7c7d64d8e6fb3fe0f9_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

a8569de67377ea7c7d64d8e6fb3fe0f9_JaffaCakes118
Size

143KB
MD5

a8569de67377ea7c7d64d8e6fb3fe0f9
SHA1

a9c5c1eed845da2e4de9e9060705d57c83647e76
SHA256

b52c0667f4dad8227eff199c11939734094cf276ba7272be53a2358c1e55a05b
SHA512

8c88e43fe72fabc3f2de9702727ef646a76a8d26a711d1144ad9441f7c8d2fb0b054cf8fc51de3eb59eaa0b18ee2a2d19da487c9ba104c0e1f694d106061328d
SSDEEP

3072:UUQ1vbYjCyfogO6pLsyJotVu+JS0CiA/ImfU9TArxv4jhy:UH5Yzog9ZU1Fw/viTAyhy

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a8569de67377ea7c7d64d8e6fb3fe0f9_JaffaCakes118

Files

a8569de67377ea7c7d64d8e6fb3fe0f9_JaffaCakes118
.exe windows:5 windows x86 arch:x86

e27d932db0f812e39e4845461d735ca4

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

P:\WdxVam\qsgEqvo\tiucbAz\enTzTobs\raYh.pdb

Imports

shlwapi

PathMakePrettyA
StrSpnW
PathCanonicalizeW

user32

GetDC
RegisterWindowMessageW
GetKeyState
GetClipboardData
GetKeyNameTextW
GetCursorPos
CharLowerA
SendNotifyMessageW
DialogBoxIndirectParamA
GetClassNameW
LoadImageA
GetMenu
DialogBoxParamW

msvcrt

exit

comctl32

ImageList_Write
CreatePropertySheetPageW
PropertySheetA

gdi32

CreateICW
AddFontResourceW
Escape
GetSystemPaletteUse
EnumFontsW
RemoveFontResourceW

kernel32

HeapValidate
LoadLibraryW
HeapCreate
GetStringTypeExW
HeapUnlock
GetFileTime
ExitProcess
GetSystemDirectoryW

Exports

Exports

?XO____V_Jv_thoqlUWyp@@YGPAIPAK@Z
?HBqc_TKDJ__PP@@YGGI@Z
?q_nMFLMUHTMrmKPOASbROP@@YGPADG@Z
?__TBDWNQ_FABdAhm___maq@@YGFDPAK@Z
?iEE_jzsizBAJB@@YGPAGMPAM@Z
?_cpuf_lYHP@@YGK_N@Z
?PHU_d_a@@YGHPAF@Z
?_Lc_ny__enm@@YGPAM_N@Z
?ytao__R_H_K__YJ__Genw_@@YGPAHPAD@Z
?o_hbfcz_msl__snl@@YGKGPAK@Z
?FDLDCsoj_n_qz_ye@@YGXGPAE@Z
?ggurpqpbmzt_oaavggx_a@@YGXFI@Z
?AQNX___u_o_dhIYs@@YGFPAFM@Z
?dp_ESOTNZbiINGKT_E@@YGPAEDI@Z
?_of_iAVQVMZ_HD@@YGPAGPAJ@Z
?QZY_GNTA_PIJMT_KQ_FPZ@@YGHE@Z

Sections

.text
Size: 48KB - Virtual size: 48KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.r_dat
Size: 17KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 26KB - Virtual size: 182KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 25KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.pdata
Size: 14KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 8KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e27d932db0f812e39e4845461d735ca4

Headers

File Characteristics

PDB Paths

Imports

shlwapi

user32

msvcrt

comctl32

gdi32

kernel32

Exports

Exports

Sections

.text Size: 48KB - Virtual size: 48KB

.r_dat Size: 17KB - Virtual size: 17KB

.data Size: 26KB - Virtual size: 182KB

.rdata Size: 25KB - Virtual size: 25KB

.pdata Size: 14KB - Virtual size: 13KB

.rsrc Size: 8KB - Virtual size: 12KB

.reloc Size: 2KB - Virtual size: 1KB

.text
Size: 48KB - Virtual size: 48KB

.r_dat
Size: 17KB - Virtual size: 17KB

.data
Size: 26KB - Virtual size: 182KB

.rdata
Size: 25KB - Virtual size: 25KB

.pdata
Size: 14KB - Virtual size: 13KB

.rsrc
Size: 8KB - Virtual size: 12KB

.reloc
Size: 2KB - Virtual size: 1KB