b34db656fbcffb41ac1dced3c9cfa4b5_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

b34db656fbcffb41ac1dced3c9cfa4b5_JaffaCakes118
Size

226KB
MD5

b34db656fbcffb41ac1dced3c9cfa4b5
SHA1

054f91626432cd0c31e67de5e7bf4b754be793fc
SHA256

0f83652bba39babbf992cf21cc2953ed824dce9831c7af363556418ae2815a63
SHA512

40a0d4d3e80472fdc32397ed9c76768f172812d85ce9d936eb3333549be65fd3f64f70544fc3636e5aa3c5030e82f6044191e2b9b96f21f755c393321ddc7d58
SSDEEP

3072:Y3Dxl3gSHPEqXjrLSb1LSGYns+SmdmuRs3X65esfWXGHV8YXienpRPub4Xo3:UDng2PcSGTNmde67W2HDpdHo

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b34db656fbcffb41ac1dced3c9cfa4b5_JaffaCakes118

Files

b34db656fbcffb41ac1dced3c9cfa4b5_JaffaCakes118
.exe windows:5 windows x86 arch:x86

c9380306e4d824db677a6d75f7962f95

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

F:\zmvtHJcqdzGKrksCr\RcMnhDEzxknhNczdmcAswt\KZvhwojLRhTiGfHl\NZwdtYILeuLylKUvp\mGwplLMfMwbjdT\wXNEuqqjEukjJvoqgsf.pdb

Imports

user32

IsCharAlphaW
SetCursor
GetKeyboardType
ScrollWindowEx
SetWindowPos
SetTimer
CheckRadioButton
DeleteMenu
KillTimer
DefDlgProcA
IsWindowUnicode
DrawTextA
MonitorFromPoint
RemovePropW
SetWindowPlacement
MapVirtualKeyA
SetActiveWindow
GetMenuItemCount
IsRectEmpty
keybd_event
GetSysColorBrush
MapWindowPoints
GetWindowLongA
RegisterClassExA
GetMenuItemRect
WindowFromPoint
BeginDeferWindowPos
GetDlgCtrlID
CharUpperW

kernel32

ClearCommError
EnumResourceLanguagesA
CreateFileW
GetModuleFileNameW
FileTimeToDosDateTime
LocalFree
SetSystemTimeAdjustment
FindResourceExW
MoveFileW
FindNextFileA
SetThreadContext
GetFullPathNameA
CompareFileTime
LocalUnlock
HeapFree
HeapAlloc
GetProcessHeap
GetModuleHandleW

comctl32

DestroyPropertySheetPage
CreateToolbarEx

shlwapi

StrChrNW
StrCpyNW

gdi32

GetObjectA
PatBlt
CreateFontIndirectW
GetDeviceCaps
CreatePalette
DPtoLP
BeginPath
TranslateCharsetInfo
GetStockObject
SetBitmapDimensionEx
SetROP2
CreateFontA

comdlg32

ReplaceTextW
GetFileTitleW
ChooseFontW
GetSaveFileNameW

Exports

Exports

?DufiluIOQF67uiofYIFYfUFyf@@YGKEPA_WG@Z

Sections

.text
Size: 104KB - Virtual size: 104KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 71KB - Virtual size: 70KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.mdata
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 36KB - Virtual size: 199KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

c9380306e4d824db677a6d75f7962f95

Headers

File Characteristics

PDB Paths

Imports

user32

kernel32

comctl32

shlwapi

gdi32

comdlg32

Exports

Exports

Sections

.text Size: 104KB - Virtual size: 104KB

.rdata Size: 71KB - Virtual size: 70KB

.mdata Size: 11KB - Virtual size: 11KB

.data Size: 36KB - Virtual size: 199KB

.rsrc Size: 512B - Virtual size: 16B

.reloc Size: 1KB - Virtual size: 1KB

.text
Size: 104KB - Virtual size: 104KB

.rdata
Size: 71KB - Virtual size: 70KB

.mdata
Size: 11KB - Virtual size: 11KB

.data
Size: 36KB - Virtual size: 199KB

.rsrc
Size: 512B - Virtual size: 16B

.reloc
Size: 1KB - Virtual size: 1KB