ad4748d01ef07b43d3f2cb3add9da911_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

ad4748d01ef07b43d3f2cb3add9da911_JaffaCakes118
Size

144KB
MD5

ad4748d01ef07b43d3f2cb3add9da911
SHA1

e1ae4f4512d6b98c81d18d7cdf9a24dbc6d0ef0d
SHA256

b4ed4637cccd997870068114c3c7d1d1cd49625620e9880a8161555b00ba2e2a
SHA512

e3c10bbd7a0adcc5f58d5c286de2f49713792bae1b2269c8ac308795d5c78c54de912a3f3cd0f8965dd41f311ac8c04d3e8442e0554cc8bfbcf5450b8d0d433f
SSDEEP

3072:MrMUqcZLEHGtzbPTHfEfXRp79MPcSI9SFcZtAbmy+nIdIe/:Mr1HEHwPPEhMPcSI9SFfll

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ad4748d01ef07b43d3f2cb3add9da911_JaffaCakes118

Files

ad4748d01ef07b43d3f2cb3add9da911_JaffaCakes118
.exe windows:5 windows x86 arch:x86

0dcd4eec2fc9c9c902ffa6dacb25d5fa

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

H:\nvxHo\zpnk\aCkfmG.pdb

Imports

gdi32

SelectPalette
SetPaletteEntries
CreateBitmapIndirect
LineDDA
CreatePen
CreateDIBSection
LPtoDP
SetBitmapBits
TextOutW
PtInRegion
GetCurrentObject
FillRgn

shlwapi

StrToIntW
UrlGetPartA

user32

GetScrollRange
ModifyMenuW
DestroyMenu
MapVirtualKeyA
LoadAcceleratorsW
GetWindowTextA
DrawMenuBar
DestroyCursor
FrameRect
GetWindowLongA
EnumChildWindows
RemoveMenu
DefFrameProcW
CharUpperA
ShowCaret
GetMenuStringW
GetFocus
CloseDesktop
AppendMenuA
ClipCursor
GetNextDlgGroupItem
CharLowerBuffW
SendInput
GetUserObjectInformationW
TranslateAcceleratorW
InsertMenuA
MonitorFromRect

kernel32

lstrcmpiA
EnumResourceNamesW
FindClose
HeapFree
GlobalAlloc
SetFileApisToOEM
HeapLock
WinExec
GetFullPathNameA
SetSystemTimeAdjustment
SearchPathW
LoadLibraryExW
DuplicateHandle
GetVersionExA

comctl32

InitCommonControlsEx
ImageList_GetImageCount
ImageList_LoadImageW

comdlg32

PrintDlgW
PageSetupDlgW

Exports

Exports

?mhoyZDOOZ_KsevwwIYJS@@YGHI@Z
?__MxdyE@@YGENPAK@Z
?XBP__PDc_YIE@@YGPAXIPAK@Z
?SYTVJNDGSNDdy@@YGDPAJI@Z
?zybolmecxZU@@YGXFPAE@Z

Sections

.text
Size: 52KB - Virtual size: 211KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 14KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 33KB - Virtual size: 33KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.xdata
Size: 36KB - Virtual size: 35KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 5KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

0dcd4eec2fc9c9c902ffa6dacb25d5fa

Headers

File Characteristics

PDB Paths

Imports

gdi32

shlwapi

user32

kernel32

comctl32

comdlg32

Exports

Exports

Sections

.text Size: 52KB - Virtual size: 211KB

.rdata Size: 14KB - Virtual size: 14KB

.data Size: 33KB - Virtual size: 33KB

.xdata Size: 36KB - Virtual size: 35KB

.rsrc Size: 5KB - Virtual size: 8KB

.reloc Size: 2KB - Virtual size: 1KB

.text
Size: 52KB - Virtual size: 211KB

.rdata
Size: 14KB - Virtual size: 14KB

.data
Size: 33KB - Virtual size: 33KB

.xdata
Size: 36KB - Virtual size: 35KB

.rsrc
Size: 5KB - Virtual size: 8KB

.reloc
Size: 2KB - Virtual size: 1KB