ba6988e062a6a3a791cc0902199b4751_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

ba6988e062a6a3a791cc0902199b4751_JaffaCakes118
Size

114KB
MD5

ba6988e062a6a3a791cc0902199b4751
SHA1

f7ac1f2026db9086123a55192c4e2771650ca242
SHA256

9dfa51e3554829f62f8d15cd03a7d4435d2f2c360dc52af5084c140e5ef66359
SHA512

52e2b879592b5d0cf256541f0e8be5fabfd590c4f4a157c97c6eee1abf721fe999c273afbc2ada14cad07d121a9d772dd40b57883136c6d4fa5dadfc5ebbf15d
SSDEEP

3072:K5GWUGHTVmJ+SC3aFGVZq4gbfjLblZLd1id:mXbTVkC8X4WfnblZS

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ba6988e062a6a3a791cc0902199b4751_JaffaCakes118

Files

ba6988e062a6a3a791cc0902199b4751_JaffaCakes118
.dll windows:5 windows x86 arch:x86

f102b15625bb068c2a60f2b25caa632b

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

D:\ArdY\uRgr\pzSkK.pdb

Imports

user32

IntersectRect
GetShellWindow
CreateAcceleratorTableW
ShowScrollBar
DialogBoxIndirectParamW
GetPropW
GetDlgCtrlID
IsCharUpperA
GetWindowLongW
DrawAnimatedRects
SendMessageTimeoutW
InvalidateRect
RegisterClassExA
SetWindowPlacement

shlwapi

StrCmpNW

gdi32

SelectPalette
EndDoc
GetTextExtentPoint32W
LPtoDP
RectInRegion
CreateSolidBrush
FillRgn
GetDeviceCaps
SetPaletteEntries

comdlg32

PageSetupDlgW
PrintDlgW
GetSaveFileNameA
CommDlgExtendedError

kernel32

QueryPerformanceCounter
GetSystemWindowsDirectoryW
SuspendThread
EnumSystemLocalesA
LoadLibraryW
GetCurrentThreadId
GetCommState
GetProcAddress
lstrcmpiW
UnhandledExceptionFilter
FindCloseChangeNotification
SetWaitableTimer
lstrlenW
ResetEvent

Exports

Exports

?gdQhgfrgMLsoeVcQK@@YGXPAEE@Z
?yEcUnLfeDfG@@YGXGG@Z
?radelqqeHmksrumIHj@@YGPAEPAM@Z
?mmyGtwrr@@YGPAFI@Z

Sections

.text
Size: 19KB - Virtual size: 18KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.idata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.edata
Size: 512B - Virtual size: 201B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.temp
Size: 76KB - Virtual size: 76KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.crt
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f102b15625bb068c2a60f2b25caa632b

Headers

File Characteristics

PDB Paths

Imports

user32

shlwapi

gdi32

comdlg32

kernel32

Exports

Exports

Sections

.text Size: 19KB - Virtual size: 18KB

.idata Size: 1KB - Virtual size: 1KB

.edata Size: 512B - Virtual size: 201B

.temp Size: 76KB - Virtual size: 76KB

.data Size: 5KB - Virtual size: 17KB

.crt Size: 4KB - Virtual size: 4KB

.rsrc Size: 4KB - Virtual size: 4KB

.reloc Size: 2KB - Virtual size: 2KB

.text
Size: 19KB - Virtual size: 18KB

.idata
Size: 1KB - Virtual size: 1KB

.edata
Size: 512B - Virtual size: 201B

.temp
Size: 76KB - Virtual size: 76KB

.data
Size: 5KB - Virtual size: 17KB

.crt
Size: 4KB - Virtual size: 4KB

.rsrc
Size: 4KB - Virtual size: 4KB

.reloc
Size: 2KB - Virtual size: 2KB