bf2eecf8035b095007f9a4c0fbf54a20_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

bf2eecf8035b095007f9a4c0fbf54a20_JaffaCakes118
Size

123KB
MD5

bf2eecf8035b095007f9a4c0fbf54a20
SHA1

8d824527a9f1454c2082fa67797d35bcd852a840
SHA256

f47ebe191e49273aef0d8db1611b38b7160b9030cabc5c0477f6c7817cb0dd25
SHA512

2a549fcae872ea677996c734e9c6c631c11148ec675977af1c1d23a843458cbf67ec3d3b0e6a218ba3b367907c63bb2d5f3df7bfe9cee390a7aee682f4a86d80
SSDEEP

3072:xLRZ3bsUWm/U7Qx95qvVQykX0TuBvq9O68Z1GhXL:B3bVhcsOFkX0Tky901Gl

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
bf2eecf8035b095007f9a4c0fbf54a20_JaffaCakes118

Files

bf2eecf8035b095007f9a4c0fbf54a20_JaffaCakes118
.exe windows:5 windows x86 arch:x86

08301eff775fccce492e66b46ebd9892

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

G:\JgjdzuOOgeeDfROqwrdj\mTZseslIezMoUmFjhwjF\azomBMgalaLq\SBnEyoakALnaPmaqAw\mufyntsyidGbVNTmwb\aAzrDKZnufsqarmqehRqqJ\jyzzhdrogmsmrphtbAcwYU\leHNdfIkfbKtlspwoMv.pdb

Imports

gdi32

GetTextExtentExPointW
SetBitmapDimensionEx
GetBkMode
CreateHatchBrush
AddFontResourceW
GetBitmapBits
ExtTextOutA
PolyBezier
CreateBitmap
StretchDIBits
GetTextAlign
SetDIBits
CreatePolygonRgn
SetLayout

ntdll

RtlInitAnsiString

kernel32

EnterCriticalSection
GetCurrentThreadId
EnumResourceTypesA
HeapAlloc
SetThreadExecutionState
GlobalMemoryStatus
GetSystemDefaultUILanguage
DeleteAtom
SetSystemTime
SetHandleCount
GlobalDeleteAtom
TlsSetValue
OpenFileMappingW
GetWindowsDirectoryA
DeleteCriticalSection

user32

GetMessageW
TranslateMessage
DrawStateA
GetWindowTextA
SetMenu
LoadMenuA
GetKeyState
DrawTextExW
IntersectRect
HideCaret
GetMenuItemCount
SetRect
DestroyWindow
CharLowerA
InsertMenuA
DrawMenuBar
LockWindowUpdate
GetDlgCtrlID
ModifyMenuW
GetPropW
ScreenToClient
SetForegroundWindow
LoadIconW
GetWindowTextW
CreateCursor
ChangeMenuW
DialogBoxParamA
MessageBoxExA
EqualRect
GetSubMenu
DialogBoxParamW
InSendMessage

Exports

Exports

?IDkjdkLUdojLKDUoduiduiuds@@YG_KKDEH@Z

Sections

.text
Size: 82KB - Virtual size: 81KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: - Virtual size: 136KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 38KB - Virtual size: 37KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

08301eff775fccce492e66b46ebd9892

Headers

File Characteristics

PDB Paths

Imports

gdi32

ntdll

kernel32

user32

Exports

Exports

Sections

.text Size: 82KB - Virtual size: 81KB

.rdata Size: - Virtual size: 136KB

.data Size: 38KB - Virtual size: 37KB

.rsrc Size: 512B - Virtual size: 16B

.reloc Size: 1KB - Virtual size: 1KB

.text
Size: 82KB - Virtual size: 81KB

.rdata
Size: - Virtual size: 136KB

.data
Size: 38KB - Virtual size: 37KB

.rsrc
Size: 512B - Virtual size: 16B

.reloc
Size: 1KB - Virtual size: 1KB