bede7822f809b9be79365cb120c53c43_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

bede7822f809b9be79365cb120c53c43_JaffaCakes118
Size

174KB
MD5

bede7822f809b9be79365cb120c53c43
SHA1

7209a0ac2d217a8bd5e1f3a563c4b74529b5368a
SHA256

585ae9d3edf43a37aed13eba2ebee40434d55f29c783451f290da89365fe7bb2
SHA512

19f0f109515a9ef6e7280be7f0a50f71e9ee93e13e01ecc3b32214084e097740fd95832cae9393fc9fb7381e1e91227a734869514fa1b78317a13518a5506831
SSDEEP

3072:JfCVYkYFZWY0epbBT87f3lylpOtxKzi/IXJSC4LgmL1nY+jTy5jQDxuJE:FezYFsYlJwo3tJKgkYay5jgum

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
bede7822f809b9be79365cb120c53c43_JaffaCakes118

Files

bede7822f809b9be79365cb120c53c43_JaffaCakes118
.dll windows:5 windows x86 arch:x86

aefd43a35ad470f11bca036fb19ba0e1

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

H:\tlyr\XxKS\Qecjk\vyjeep\ysbks.pdb

Imports

user32

UnionRect
CheckMenuRadioItem
MessageBoxA
MessageBoxExW
ShowCaret
CreateWindowExW
RegisterWindowMessageW
GetMenu
OemToCharA
GetWindowDC
IsChild
GetMenuItemInfoW
PtInRect
TranslateAcceleratorW

gdi32

SelectObject
GetTextExtentPoint32A
CreatePalette
SetDIBits
GetROP2

msvcrt

exit

comdlg32

GetOpenFileNameA
PrintDlgExW

ntdll

RtlInitUnicodeString

comctl32

PropertySheetW
ImageList_Create
ImageList_Remove

kernel32

DeleteFileW
ExitProcess
GlobalFree
SleepEx
GetModuleHandleW
GlobalAlloc
CreateDirectoryA
ConnectNamedPipe
RemoveDirectoryW

shlwapi

PathGetArgsA
StrCmpIW

Exports

Exports

?piHTIDKB_KAH_AHCQSFD_@@YGXPAN@Z
?kjfLJJn@@YGDPAM@Z
?KoHi_tclgoe_mzw@@YGDPAEPAD@Z
?_he_rmnsh_syT_Ovs_@@YGXK@Z
?_hu___ddnd_C@@YGPA_NPAM@Z
?RTH_ARXg@@YGGPAK@Z
?txhrxscvx_NXBIPSEG_S@@YGPAEHPAH@Z
?RNAqewC_DHZWW_q@@YGIG@Z
?_zhpyk_QLYI_O@@YGPAEPAK@Z
?cZ_EIPUPaygzy_cOGQ@@YGMI@Z

Sections

.text
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.itext
Size: 512B - Virtual size: 180B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 155KB - Virtual size: 314KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

aefd43a35ad470f11bca036fb19ba0e1

Headers

File Characteristics

PDB Paths

Imports

user32

gdi32

msvcrt

comdlg32

ntdll

comctl32

kernel32

shlwapi

Exports

Exports

Sections

.text Size: 12KB - Virtual size: 12KB

.itext Size: 512B - Virtual size: 180B

.data Size: 155KB - Virtual size: 314KB

.rsrc Size: 4KB - Virtual size: 4KB

.reloc Size: 1KB - Virtual size: 1KB

.text
Size: 12KB - Virtual size: 12KB

.itext
Size: 512B - Virtual size: 180B

.data
Size: 155KB - Virtual size: 314KB

.rsrc
Size: 4KB - Virtual size: 4KB

.reloc
Size: 1KB - Virtual size: 1KB