a91b417e7efdf558d0ee37b2e0b1be69_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

a91b417e7efdf558d0ee37b2e0b1be69_JaffaCakes118
Size

143KB
MD5

a91b417e7efdf558d0ee37b2e0b1be69
SHA1

6d52bd80755c37c3f43dd9e4fb49f5e950c69ea2
SHA256

6caa84534aead8cd41865cec9a3c07b7f6deafe20b337f1a86a842494e52b99d
SHA512

db79eea067c74bb4fc379edb287b3c240eb6ab65f8988fd8ec25e5a87b3de8e658e298be6bfb66df917b7b079df62c7e6418cd6ed1e645602e19db01b2b36059
SSDEEP

3072:FD5qw1lYuQ7pBgw/Q2YgXY2hGhf9HkNuwySw12g7FTxISxZZ4l:n51muQ7TofghG7Hk8wyx12gRzvZ4

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a91b417e7efdf558d0ee37b2e0b1be69_JaffaCakes118

Files

a91b417e7efdf558d0ee37b2e0b1be69_JaffaCakes118
.exe windows:5 windows x86 arch:x86

14cb3ddb709e558e6dd88483175fe5a5

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

M:\FjmoGvqzmzmrH\MkrqngwyfGVq\zMfboonuccwtwPkai\FbtfiZTevKM\BjUNtdzzpqnsViCamkdu\UvrmYFCxjdiwtL\HlGHluheSpjsi.pdb

Imports

msvcrt

exit

comdlg32

CommDlgExtendedError
PrintDlgW
PrintDlgExW
GetSaveFileNameW
ChooseFontW

gdi32

IntersectClipRect
ExtFloodFill
Polygon
SetRectRgn
StretchBlt
ScaleWindowExtEx
OffsetRgn
CreatePalette
CreateCompatibleDC
GetTextFaceW
GetRgnBox
CreateHatchBrush
SetDIBitsToDevice
GetObjectW

shlwapi

PathSearchAndQualifyA
ChrCmpIA
StrToIntA

kernel32

GetDateFormatW
FileTimeToDosDateTime
WaitForSingleObject
ResumeThread
OpenFileMappingA
SetupComm
lstrcmpiW
DeleteCriticalSection
GetFileAttributesExA
SetFileAttributesA
GlobalMemoryStatus
GetCommTimeouts
CreateDirectoryW
lstrlenW
CreateNamedPipeA
lstrcatA
ConvertDefaultLocale

user32

TrackPopupMenu
RegisterClassW
GetMenuItemID
CreateIconFromResource
CreateCaret
GetForegroundWindow
LoadImageW
GetCaretPos
FindWindowW
WindowFromPoint
CharLowerW
SetTimer
LoadCursorA
GetWindowPlacement
ActivateKeyboardLayout
GetUpdateRgn
SetWindowTextW
KillTimer
GetClassInfoA
LoadImageA
FindWindowA
GetClassInfoW
BeginDeferWindowPos
GetParent
AttachThreadInput
DestroyAcceleratorTable
CreateDialogIndirectParamW
TranslateAcceleratorA

Exports

Exports

?___o_jw_asf_gP_IMAJ__@@YGGF@Z
?tfngadrNXO__Mfr_jV@@YGNK@Z
?hlcHAV_y_v_@@YGIEJ@Z
?pcF_Lnr_hHTpkPMH@@YGGPAHK@Z
?wiui__fWQPBurp@@YGPAMN@Z
?EilixwpD__OXAF@@YGPANMI@Z
?a___wj_irWW@@YGPAEH@Z
?uibZJOkhcb_bE_OH@@YGPAGGJ@Z
?nec_fsZGN@@YGXPAF@Z
?okvwjvx_kxxft_riwfii@@YGJNI@Z
?LSW___EPy_@@YGPAFPAEPAM@Z
?____XB_pf_@@YGPAXG@Z
?PZ_LGroXZGK@@YGEF@Z
?_uuOO_WD_je_ghNMn@@YGMFG@Z
?RASUEQLSPZW_@@YG_NMPAE@Z
?_QPYo_qwvdpxcjy@@YGPAII@Z
?h_eYN__NUp@@YGPAMPAHH@Z
?irpK_XGF_Y_ZYZGQ_wn@@YGIPAH@Z
?_bjhlRA@@YGPAFK@Z
?_eigdyoylnqe@@YGIK@Z
?MAGSq_wlad_k__sDAk_JGj@@YGPAXPAE@Z
?_LZYE_E_O_LBS_GM@@YGPAFPAEM@Z
?X_XC___MqVLOYTTZZGDvy@@YGGNPAG@Z
?OM_ENGt_lehUIB@@YGPAIPAM@Z
?Y_lcfBZ_GWItk_zq_y_WO@@YGPAMKPA_N@Z
?QFxge_dr@@YGDE@Z
?yrrvuikmyxxOUFEQ@@YGEIJ@Z
?VI__ITWVE_@@YGXJ_N@Z
?D__IBBPRIFPceDV@@YGMK@Z
?WOWMefzex___@@YGPAKFD@Z
?_nwczpJTOWCK_xa@@YGDH@Z
?dkao_jydMFL_Bcjr_emfuf@@YGPAXKM@Z
?Su_wBFVQ_c@@YGFPAE@Z
?PD_CWS__jqezb_eos@@YGFPAG@Z
?_UTG__MGZp__zlnjm_@@YG_NDJ@Z
?JraswZPLCNHLligKBG@@YGGPAIG@Z
?CUNAKez@@YGFFE@Z
?tw_w_QDL@@YGPA_NPAGPAF@Z
?CATmlXLrl_o_ALK@@YGFJD@Z
?znrlTOXR@@YGXD@Z

Sections

.text
Size: 94KB - Virtual size: 93KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 34KB - Virtual size: 189KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 511B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

14cb3ddb709e558e6dd88483175fe5a5

Headers

File Characteristics

PDB Paths

Imports

msvcrt

comdlg32

gdi32

shlwapi

kernel32

user32

Exports

Exports

Sections

.text Size: 94KB - Virtual size: 93KB

.idata Size: 10KB - Virtual size: 10KB

.data Size: 34KB - Virtual size: 189KB

.rdata Size: 512B - Virtual size: 511B

.rsrc Size: 512B - Virtual size: 16B

.reloc Size: 2KB - Virtual size: 2KB

.text
Size: 94KB - Virtual size: 93KB

.idata
Size: 10KB - Virtual size: 10KB

.data
Size: 34KB - Virtual size: 189KB

.rdata
Size: 512B - Virtual size: 511B

.rsrc
Size: 512B - Virtual size: 16B

.reloc
Size: 2KB - Virtual size: 2KB