a7c12ed9029ff41a011587b70f741d46_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

a7c12ed9029ff41a011587b70f741d46_JaffaCakes118
Size

150KB
MD5

a7c12ed9029ff41a011587b70f741d46
SHA1

af59a1e76ce97fbff9f528a7d2c7cff0f922095e
SHA256

ebab2fbf27f4a83f45e34762f6b1633dd4c50bd5f681ae9f78114a12dac1fc10
SHA512

fd71c912141d175b232fb88474ae00b0ffbbbf5e63c15c3487a3773b2105294c836db8328cb3c01bc0585dcf81341df0c713854a200172ad481c43f1b162df81
SSDEEP

3072:bO3DPMcygo5CrgpmJ+Q5XMojWYiiFU2GAsbsxrgDU9:i3DPqpc58oaYii+wy

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a7c12ed9029ff41a011587b70f741d46_JaffaCakes118

Files

a7c12ed9029ff41a011587b70f741d46_JaffaCakes118
.exe windows:5 windows x86 arch:x86

9058623ac5f8a20c5144b660a752c60a

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

W:\ggiJdod\gTtDktt\hifege\mjrLNh\OhIr.pdb

Imports

ole32

CoInitializeEx
CoUninitialize

user32

CreateAcceleratorTableW
CharUpperBuffA
RegisterWindowMessageA
DialogBoxParamW
IsDialogMessageW
FindWindowW
GetUpdateRgn
CallWindowProcW
GetMonitorInfoW
CreateWindowExA
SetSysColors
SetWindowPos
GetClassInfoW
CharPrevA
SetRect
WaitForInputIdle
ChildWindowFromPointEx
CheckMenuItem
AllowSetForegroundWindow
HiliteMenuItem
OffsetRect
ReleaseDC
ReplyMessage
EnableScrollBar
GetKeyboardLayoutList
MoveWindow
PostQuitMessage
GrayStringW
DrawTextW

gdi32

GetTextMetricsA
LineTo
GetFontData
EnumFontFamiliesW
Polygon
CreateSolidBrush
CreateRectRgn
GetTextColor
ExtFloodFill
SetPaletteEntries
ScaleViewportExtEx
CreatePenIndirect
CreateFontIndirectW

kernel32

TlsFree
TlsSetValue
LocalUnlock
GetWindowsDirectoryA
IsDBCSLeadByteEx
lstrlenW
GetStartupInfoW
GetComputerNameA
VerifyVersionInfoW
GetUserDefaultLCID
SetThreadExecutionState
SetSystemTimeAdjustment
LockResource
FileTimeToSystemTime
GetTempFileNameW

Exports

Exports

?ga_e_tyWUGNCDvj_bgE@@YGMKM@Z
?_E_O__LKA@@YGEM@Z
?VFRNTU__NM_L_F_Q_V@@YGGPAM@Z
?hxewpghw__X_@@YGMPAI@Z
?C_fyp_qqnHXDGXxetvekd@@YGJPAKPAG@Z
?AEAOZ_FJu@@YGKPAHJ@Z
?P_gwyVVIU__jytEGCto@@YGME@Z
?_VYBPIFb@@YGKPAFI@Z
?_btORVJKWPY@@YGXPAJ@Z
?CfvvBB_YW_Fi_h_eq@@YGPAHKPAF@Z
?_llCWdnSXMS_N@@YGXMN@Z
?Uq___jnowzn_gaNckzN@@YGFD@Z
?gbktCWPA_Q_FJ@@YGPADKJ@Z
?FqqXFL_@@YGIPANPA_N@Z
?S_WLZTr_uwllK___@@YGXDPAJ@Z
?emsdk_BQ@@YGPAXPAGF@Z
?rz_qB__C_IWHtzsK@@YGFJPAI@Z
?rjiteCMAADNZi@@YGMH@Z

Sections

.text
Size: 91KB - Virtual size: 91KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 21KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.mdata
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 22KB - Virtual size: 130KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

9058623ac5f8a20c5144b660a752c60a

Headers

File Characteristics

PDB Paths

Imports

ole32

user32

gdi32

kernel32

Exports

Exports

Sections

.text Size: 91KB - Virtual size: 91KB

.rdata Size: 21KB - Virtual size: 21KB

.mdata Size: 12KB - Virtual size: 11KB

.data Size: 22KB - Virtual size: 130KB

.rsrc Size: 512B - Virtual size: 16B

.reloc Size: 1KB - Virtual size: 1KB

.text
Size: 91KB - Virtual size: 91KB

.rdata
Size: 21KB - Virtual size: 21KB

.mdata
Size: 12KB - Virtual size: 11KB

.data
Size: 22KB - Virtual size: 130KB

.rsrc
Size: 512B - Virtual size: 16B

.reloc
Size: 1KB - Virtual size: 1KB