ae4b2e2839800a7eb231e14e01784ce7_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

ae4b2e2839800a7eb231e14e01784ce7_JaffaCakes118
Size

98KB
MD5

ae4b2e2839800a7eb231e14e01784ce7
SHA1

9e943777d354cd248f401b83459d630af4c4ef39
SHA256

1a8c34c4fa87e1ce1f8ee3af83b146814f8c40b5be2e9e11963a3fc8874831f9
SHA512

53a5dc7bd0a1cfb2e4f3c4d8c3dd4860fd5e07abde61d87ee4ab288bf1a3f77b8d0d78e59831fa350113bc2a8fd5e115a28a27e3e26daaff097fb88f048d95f2
SSDEEP

3072:tGQvYZ8uvOM0AVxQgtab3SsAajau9BzG:gqE8ulNfQg0LNvGu

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ae4b2e2839800a7eb231e14e01784ce7_JaffaCakes118

Files

ae4b2e2839800a7eb231e14e01784ce7_JaffaCakes118
.exe windows:5 windows x86 arch:x86

bec60327090469491b9691a80f7e9125

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

B:\SoacfGh\vfrOtugv\jmzXlel.pdb

Imports

shlwapi

StrSpnA
PathMakePrettyW
UrlUnescapeA

kernel32

GetThreadContext
OpenEventA
lstrcpynW
OpenSemaphoreW
CreateNamedPipeW
GetCurrentThreadId
EnumResourceNamesA
CreateWaitableTimerA
lstrlenW
DeviceIoControl
CreateDirectoryA
PulseEvent
HeapReAlloc
GetComputerNameW
lstrcatA
GetShortPathNameW
TransactNamedPipe
lstrcmpiW

comctl32

InitCommonControlsEx
ImageList_GetIcon
ImageList_Read
ImageList_AddMasked

user32

EndPaint
keybd_event
IsWindow
VkKeyScanW
mouse_event
GetMessagePos
IsWindowUnicode
IsWindowVisible
RegisterHotKey
CreateCursor
CopyAcceleratorTableW
InSendMessage
IsChild
SetClassLongW
AdjustWindowRectEx
WaitForInputIdle
SetWindowLongA
LoadBitmapW
ActivateKeyboardLayout
LoadCursorW
wsprintfW
SystemParametersInfoW
CheckDlgButton
DeferWindowPos
SetDlgItemInt
PostQuitMessage
CascadeWindows
DestroyCursor

gdi32

CreateHalftonePalette
GetMapMode
FillRgn
CreateDiscardableBitmap
IntersectClipRect
CreateBitmapIndirect
CreateDIBSection
OffsetRgn
TextOutA
GetWindowOrgEx
SetDIBitsToDevice
CreateBitmap

Exports

Exports

?A_a_kj_vt_@@YGXPANPAK@Z
?_fLJAehkh_HUDBi_izs_@@YGPAHPAI@Z
?kwv_USSE_joAcQRx__@@YGPAXJE@Z
?UEFXKQrso_xomn_tikb@@YGFJE@Z
?ymwzg__i_ksRc@@YGKKN@Z
?MJMW_Yha_d_bgskSCC@@YGMI@Z
?zdzmm_LLMbdsa_LC_@@YG_NPAIPAM@Z
?Z_ZSVSLj_gcogYX_R_nZHL@@YGIN@Z
?IXF_Twj_aGTPl_rd@@YGMPAG@Z
?kygxkrniAPZD_G_f_h_@@YGGEK@Z
?JPUZ___Ewcum_w_at_ya_@@YGNI@Z
?_zjid_o_Ubiey_h_ygyL@@YGH_NM@Z
?C_VDZ__Pofct_Zb@@YGFGH@Z

Sections

.text
Size: 49KB - Virtual size: 157KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 19KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.xdata
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 7KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

bec60327090469491b9691a80f7e9125

Headers

File Characteristics

PDB Paths

Imports

shlwapi

kernel32

comctl32

user32

gdi32

Exports

Exports

Sections

.text Size: 49KB - Virtual size: 157KB

.rdata Size: 6KB - Virtual size: 6KB

.data Size: 19KB - Virtual size: 19KB

.xdata Size: 12KB - Virtual size: 12KB

.rsrc Size: 7KB - Virtual size: 8KB

.reloc Size: 2KB - Virtual size: 1KB

.text
Size: 49KB - Virtual size: 157KB

.rdata
Size: 6KB - Virtual size: 6KB

.data
Size: 19KB - Virtual size: 19KB

.xdata
Size: 12KB - Virtual size: 12KB

.rsrc
Size: 7KB - Virtual size: 8KB

.reloc
Size: 2KB - Virtual size: 1KB