b57750915fb0d1839f08696bbf3f8b14_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

b57750915fb0d1839f08696bbf3f8b14_JaffaCakes118
Size

145KB
MD5

b57750915fb0d1839f08696bbf3f8b14
SHA1

361ac077f8ce5a7384420eda613e12b54c971424
SHA256

17b93558e0fa2ba24817ecf12267c26c60272b3017813a49f9b68fb0b8334a32
SHA512

be23e771b4c7eb624d54f7a87d4fa3cd21cf3dbfe0368b1fca4e36edd6504499b31692d8a6809e49cd8f8b05bfeba393c5d547092ca6fb732f020e07478ba832
SSDEEP

3072:aMVAyP7rTYj68C02v6d4QrzcrehE/9/X1RvjD4csNuMt8H+MB:aM5vkj6B02GBnc6y9/X1FjDKNZ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b57750915fb0d1839f08696bbf3f8b14_JaffaCakes118

Files

b57750915fb0d1839f08696bbf3f8b14_JaffaCakes118
.exe windows:5 windows x86 arch:x86

d650fd3dbf29c6e76b959ad296252264

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

T:\lAsl\zwmtA\hvEJ.pdb

Imports

gdi32

SetAbortProc
GetWindowOrgEx
SetPaletteEntries
TextOutA
CreateRectRgnIndirect
SetROP2
EndDoc
EnumFontFamiliesExW
ExtFloodFill
GetFontData
PtVisible
RectVisible
CreatePolygonRgn
StartDocW

kernel32

FindFirstFileA
SetFileApisToOEM
CreateWaitableTimerA
GetSystemDefaultLangID
lstrcpyA
lstrcpynW
GlobalAddAtomA
lstrcmpiW
GetThreadPriority
GetExitCodeThread
TlsFree
CreateWaitableTimerW
lstrlenW
CreateDirectoryW
lstrcatA
CreateFileA
GetFileSize
FlushFileBuffers

user32

GetScrollPos
InvertRect
CreateAcceleratorTableW
CharNextW
IsDialogMessageA
FindWindowW
LookupIconIdFromDirectory
DefFrameProcW
GetMenuItemID
GetMonitorInfoW
AttachThreadInput
SetWindowPos
KillTimer
SendMessageTimeoutW
SendMessageA
SetWindowRgn
LoadImageA
LoadStringA
GetMenuItemInfoW
IsRectEmpty
CopyImage
DestroyCursor
PostMessageW
CharLowerW
GetMenuItemRect
SendMessageW
DestroyWindow
CheckDlgButton
PostThreadMessageA

shlwapi

StrSpnA
UrlUnescapeA
StrToIntA
PathMakePrettyW

comdlg32

ReplaceTextW
GetSaveFileNameW
PrintDlgW
GetOpenFileNameA
PrintDlgExW

Exports

Exports

?_m_gwokRDS_qp@@YGFD@Z
?FSHOYMGNst@@YGHFE@Z
?rrifb_oN_C@@YGPAXF@Z
?ruUNBQQUZ_I@@YGPAXHF@Z
?pd__wzv_h_svfQimgho@@YGX_N@Z
?_MF_ai_@@YGIGPAI@Z
?avvH_Z_zYM@@YGNPAE@Z
?_vr_ljqd@@YGMDN@Z
?scgae_c_xycwQLF@@YGPAJPAFI@Z
?lyB__EEG@@YGMD@Z
?_KDI_Lga@@YGJPAJ@Z
?zzkaqt_m_eJ_j@@YGPAMPAJ@Z
?JSOOIVVVWw___tafybq@@YGFPAM@Z

Sections

.text
Size: 53KB - Virtual size: 213KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 36KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.xdata
Size: 31KB - Virtual size: 31KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rdata
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 5KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d650fd3dbf29c6e76b959ad296252264

Headers

File Characteristics

PDB Paths

Imports

gdi32

kernel32

user32

shlwapi

comdlg32

Exports

Exports

Sections

.text Size: 53KB - Virtual size: 213KB

.data Size: 36KB - Virtual size: 36KB

.xdata Size: 31KB - Virtual size: 31KB

.rdata Size: 16KB - Virtual size: 15KB

.rsrc Size: 5KB - Virtual size: 8KB

.reloc Size: 2KB - Virtual size: 1KB

.text
Size: 53KB - Virtual size: 213KB

.data
Size: 36KB - Virtual size: 36KB

.xdata
Size: 31KB - Virtual size: 31KB

.rdata
Size: 16KB - Virtual size: 15KB

.rsrc
Size: 5KB - Virtual size: 8KB

.reloc
Size: 2KB - Virtual size: 1KB