a5798a9c544ec19d0db171dc0914d85f_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

a5798a9c544ec19d0db171dc0914d85f_JaffaCakes118
Size

199KB
MD5

a5798a9c544ec19d0db171dc0914d85f
SHA1

c0b0268ad8d33f289be2e7ba29821a7d6270ddc6
SHA256

59fd19c25ecf46f0a1b0e3e91d1753f1dda593cebeebcea8ceb33b73ada9170b
SHA512

798081fed51517469d1d8575e1f14b52e096f1068a5e53c8725ea7e49323851c27e48197592e31e8d47741f7397ed67317050ba42db308cf7943dea5004bfe79
SSDEEP

6144:She1/Pv0XjHe/lSIi7UamG7CeneJorZji:iehz/wIi7FdJeorJi

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a5798a9c544ec19d0db171dc0914d85f_JaffaCakes118

Files

a5798a9c544ec19d0db171dc0914d85f_JaffaCakes118
.exe windows:5 windows x86 arch:x86

e554ad87ba4273395ff34d477d470006

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

Z:\ijls\xzfmh\tzpej.pdb

Imports

gdi32

SaveDC
MoveToEx
PtVisible
ExcludeClipRect
BitBlt
RectVisible

shlwapi

PathIsPrefixA
PathSkipRootW

kernel32

GetComputerNameA
GetOverlappedResult
GetCurrentProcess
GetPriorityClass
GetExitCodeProcess
SetSystemTime
GetThreadLocale
lstrcatW
IsBadWritePtr

comdlg32

CommDlgExtendedError
ReplaceTextW
FindTextW
GetOpenFileNameA

user32

MapWindowPoints
CreateDialogParamA
TranslateAcceleratorW
SetDlgItemTextA
GetActiveWindow
SetSysColors
GetSubMenu
GetWindowTextLengthW
IsCharUpperW
SystemParametersInfoA
CharToOemW
RegisterWindowMessageW
MoveWindow
RegisterClassA

comctl32

PropertySheetA
InitCommonControlsEx
CreatePropertySheetPageA
ImageList_GetIconSize

Exports

Exports

?_LU_WPM_J___X_BW@@YGPAMJ@Z
?VB_FJLLNZH_RD_UW@@YGEGN@Z
?DZslhl_DLF@@YGFIJ@Z
?o_u_V_EV__@@YGXPAIN@Z
?QT_MGRAO_MH_U__VS_U@@YGPAHF@Z
?pjnzuxH@@YGHF@Z
?BZQGr__pdAGZC__J@@YGPAXFF@Z
?PPB__ivq_dkaegj@@YGPAHPAK@Z

Sections

.text
Size: 102KB - Virtual size: 102KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

DATA1
Size: 33KB - Virtual size: 33KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

DATA2
Size: 66KB - Virtual size: 230KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e554ad87ba4273395ff34d477d470006

Headers

File Characteristics

PDB Paths

Imports

gdi32

shlwapi

kernel32

comdlg32

user32

comctl32

Exports

Exports

Sections

.text Size: 102KB - Virtual size: 102KB

.rdata Size: 12KB - Virtual size: 11KB

.data Size: 2KB - Virtual size: 1KB

DATA1 Size: 33KB - Virtual size: 33KB

DATA2 Size: 66KB - Virtual size: 230KB

.rsrc Size: 512B - Virtual size: 16B

.reloc Size: 1KB - Virtual size: 1KB

.text
Size: 102KB - Virtual size: 102KB

.rdata
Size: 12KB - Virtual size: 11KB

.data
Size: 2KB - Virtual size: 1KB

DATA1
Size: 33KB - Virtual size: 33KB

DATA2
Size: 66KB - Virtual size: 230KB

.rsrc
Size: 512B - Virtual size: 16B

.reloc
Size: 1KB - Virtual size: 1KB