a91ce12669b465a4c036416d21cab42d_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

a91ce12669b465a4c036416d21cab42d_JaffaCakes118
Size

160KB
MD5

a91ce12669b465a4c036416d21cab42d
SHA1

84b68801e5c04f583e067f0d181a7662d80314c2
SHA256

a2427ca47e7e83fa828539e85be9764067a35fbfa7085faf50188e9e4128108b
SHA512

119c4e5241e92bcaa9434f33b3de9107c3caae200f49a0cf27242c226393ad0629fb314f4f31920614ea40868f553e099e03b56e8db80091a6154b33aa8e724f
SSDEEP

3072:v/89kVyw5zv623sDeAHRS2947JeyDr3JhjOdHOb:H6kR5zv6ssDe6S294Jh9UHO

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a91ce12669b465a4c036416d21cab42d_JaffaCakes118

Files

a91ce12669b465a4c036416d21cab42d_JaffaCakes118
.exe windows:5 windows x86 arch:x86

e0c6a69b2d9334b1fc444f8e7ee81898

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

E:\HldMnhvl\sGqimmXq\wrMulu.pdb

Imports

gdi32

GetTextMetricsA
Escape
GetStockObject
SetLayout
PatBlt

kernel32

lstrcmpiA
OpenFileMappingA
FindClose
TlsSetValue
LocalFree
lstrcpyW
lstrcpynA
lstrcmpA
ReleaseMutex

comctl32

PropertySheetW
ImageList_Write

shlwapi

StrToIntW
StrCpyW
UrlGetPartA

comdlg32

ReplaceTextW
PrintDlgExW

user32

GetParent
CreateMenu
GetDlgItemInt
IsWindowEnabled
CharNextA
DialogBoxIndirectParamW
CharLowerBuffW
ScrollWindowEx
RegisterClassA
GetSystemMetrics
MapVirtualKeyW
LoadCursorW
GetKeyboardLayoutNameW

Exports

Exports

?_UDKVCI@@YGPADHJ@Z
?kq___okSKE@@YGPAEPAGN@Z
?ufw_zouhxzeuz_iPJazl@@YGHEM@Z
?DCAH_NGsre_@@YGGPAJPAK@Z
?RGZ_G_XI_R_XDDMPURlfa@@YGKD@Z
?l__kqgp@@YGPAEI@Z
?O_lz_UGMyzdlc_qc_md@@YGXPAI@Z
?OPWB_KzJ_R_KYE__HXkb@@YGMPAE@Z
?i__af_tiodGAH_y__uy@@YGHE@Z
?PVVE_Y_QDYan__qemrh_@@YGPAXPAM@Z
?k_trgTN@@YGPAIPAD@Z

Sections

.text
Size: 57KB - Virtual size: 388KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 40KB - Virtual size: 39KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pacdat
Size: 16KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idat
Size: 15KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rdata
Size: 20KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e0c6a69b2d9334b1fc444f8e7ee81898

Headers

File Characteristics

PDB Paths

Imports

gdi32

kernel32

comctl32

shlwapi

comdlg32

user32

Exports

Exports

Sections

.text Size: 57KB - Virtual size: 388KB

.data Size: 40KB - Virtual size: 39KB

.pacdat Size: 16KB - Virtual size: 16KB

.idat Size: 15KB - Virtual size: 15KB

.rdata Size: 20KB - Virtual size: 19KB

.rsrc Size: 8KB - Virtual size: 8KB

.reloc Size: 2KB - Virtual size: 1KB

.text
Size: 57KB - Virtual size: 388KB

.data
Size: 40KB - Virtual size: 39KB

.pacdat
Size: 16KB - Virtual size: 16KB

.idat
Size: 15KB - Virtual size: 15KB

.rdata
Size: 20KB - Virtual size: 19KB

.rsrc
Size: 8KB - Virtual size: 8KB

.reloc
Size: 2KB - Virtual size: 1KB