bf9e4197c10e3423f386301d14766968_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

bf9e4197c10e3423f386301d14766968_JaffaCakes118
Size

157KB
MD5

bf9e4197c10e3423f386301d14766968
SHA1

631fd7a0828114c9c587b4ab46fb5621d8da1784
SHA256

7b8a045ff3fa04c0ef028d4d82275b1ef3b455307489c637b1424d72136f7628
SHA512

59b305fffd6763f678902f5709b978f69a787f47f09441d9239fe28908023ce6cdc71ca38e4227deddb165da121a6fbb5e66bc70cd71ccb461c42da0855554e2
SSDEEP

3072:WURo6SbI3HH+E6VAWwV29xQ2weyDkRdw3lcZHOT:ty6gI3Hp6VgV29nwpMoAHO

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
bf9e4197c10e3423f386301d14766968_JaffaCakes118

Files

bf9e4197c10e3423f386301d14766968_JaffaCakes118
.exe windows:5 windows x86 arch:x86

abc87084af53f3a6cfd833ac84e8cf23

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

Q:\Eham\eatqryi\rqcww\qGvax\gDejAf.pdb

Imports

shlwapi

StrToIntW
UrlGetPartA
StrCpyNW

gdi32

RectInRegion
GetTextExtentPoint32A
CreateBrushIndirect
GetFontData
EnumFontFamiliesExW

comctl32

CreateToolbarEx
CreateStatusWindowW
PropertySheetA
ImageList_Draw

user32

SetRectEmpty
CreateWindowExA
CreateDialogParamA
CharLowerW
GetDialogBaseUnits
GetDC
GetWindowRect
CharLowerBuffW
SetCaretPos
keybd_event
DefDlgProcA
OemToCharBuffA
LoadStringA
FindWindowA

kernel32

ReleaseSemaphore
LoadLibraryW
DeleteFileA
GetSystemDefaultUILanguage
SetThreadLocale
DefineDosDeviceW
lstrcmpiW
lstrcmpA
SleepEx

Exports

Exports

?AMFMulbdIX_A_WYy_@@YGDKF@Z
?XKCTZ_kky_n_T_X@@YGPA_NPADJ@Z
?tkioLIMKVJ_Pnfh@@YGXPAFG@Z
?_Sjgra__cg_lj@@YGGPAM@Z
?jzco__tED@@YGGD@Z
?_ZBIUAl@@YGPAXPADN@Z
?SEQYV_O_VRW@@YGEKPAM@Z
?_P_O_K_J_M@@YGPAND@Z
?UKFA_HNSCs___n_bykgwb_@@YGPAGK@Z
?AR_Tiw_lxM_S_CUHbmJAJ@@YGPAJK@Z
?jnJEU_FJ_MUG@@YGKPAI@Z
?hmczhk__l_VPPr_xwneRQS@@YGXD@Z

Sections

.text
Size: 57KB - Virtual size: 389KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 39KB - Virtual size: 38KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idat
Size: 15KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.pacdat
Size: 16KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rdata
Size: 20KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 5KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

abc87084af53f3a6cfd833ac84e8cf23

Headers

File Characteristics

PDB Paths

Imports

shlwapi

gdi32

comctl32

user32

kernel32

Exports

Exports

Sections

.text Size: 57KB - Virtual size: 389KB

.data Size: 39KB - Virtual size: 38KB

.idat Size: 15KB - Virtual size: 15KB

.pacdat Size: 16KB - Virtual size: 16KB

.rdata Size: 20KB - Virtual size: 19KB

.rsrc Size: 5KB - Virtual size: 8KB

.reloc Size: 2KB - Virtual size: 1KB

.text
Size: 57KB - Virtual size: 389KB

.data
Size: 39KB - Virtual size: 38KB

.idat
Size: 15KB - Virtual size: 15KB

.pacdat
Size: 16KB - Virtual size: 16KB

.rdata
Size: 20KB - Virtual size: 19KB

.rsrc
Size: 5KB - Virtual size: 8KB

.reloc
Size: 2KB - Virtual size: 1KB