bf47fba33d17a478919747a8103b76fa_JaffaCakes118

General

Target

bf47fba33d17a478919747a8103b76fa_JaffaCakes118
Size

189KB
MD5

bf47fba33d17a478919747a8103b76fa
SHA1

3e9283d1e5f539e1d9d4687ea62d81c94fc8a5d4
SHA256

3f4cce21e459ddcaf2be53330baf48bc88edce900308417beafb92539ef4410e
SHA512

82a2ecd4f4814e40577ef236e6043bdece83db258ecc7bd00701be879c0d1eb4e980b62a1b6ab1ac9fba7b4254d24979336aae96715700361257e9b162bae440
SSDEEP

3072:GSsDaQQd7J0jpllI9kYuAnuSyKwohemcaJP4JHu6RL3ufpUvQ1Mi6:vsDm7JY1AuancF5u6lex1Mn

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
bf47fba33d17a478919747a8103b76fa_JaffaCakes118

Files

bf47fba33d17a478919747a8103b76fa_JaffaCakes118
.exe windows:5 windows x86 arch:x86

634be65d0ca056a8f84636d331d2278a

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

G:\wwAqzi\zgtvssgq\vedhFTu\moPwgmnv\ZQLzp.pdb

Imports

user32

DispatchMessageA
MapVirtualKeyExA
GetClassInfoExW
AdjustWindowRectEx
GetForegroundWindow
LoadImageA
AllowSetForegroundWindow
GetCursorPos
GetMenuState
VkKeyScanW
GetKeyState
CreateDialogParamA
GetFocus
GetCaretBlinkTime

shlwapi

ChrCmpIW
PathRemoveArgsW

kernel32

GetVersion
SetCommBreak
GetLastError
CreateEventW
SystemTimeToFileTime
lstrcmpW
LoadResource
OutputDebugStringA
WaitForSingleObject
GetThreadPriority
FindCloseChangeNotification
OpenMutexA

ntdll

_vsnprintf

gdi32

CreateDCW
GetViewportOrgEx
SetDIBits
Rectangle
DeleteDC
GetTextExtentPoint32A
UnrealizeObject

Exports

Exports

?amtOlIDCGQUMA@@YGPAEPAN_N@Z
?acaKUxebYhy@@YGHPAK@Z
?kcaaqUieUhAtBwcd@@YGPAKMJ@Z
?zuAcxtlsajmfNuMks@@YGXDG@Z

Sections

.itext
Size: 512B - Virtual size: 512B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.text
Size: 35KB - Virtual size: 35KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 37KB - Virtual size: 37KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 107KB - Virtual size: 175KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

634be65d0ca056a8f84636d331d2278a

Headers

File Characteristics

PDB Paths

Imports

user32

shlwapi

kernel32

ntdll

gdi32

Exports

Exports

Sections

.itext Size: 512B - Virtual size: 512B

.text Size: 35KB - Virtual size: 35KB

.rdata Size: 37KB - Virtual size: 37KB

.data Size: 107KB - Virtual size: 175KB

.rsrc Size: 4KB - Virtual size: 4KB

.reloc Size: 3KB - Virtual size: 3KB

.itext
Size: 512B - Virtual size: 512B

.text
Size: 35KB - Virtual size: 35KB

.rdata
Size: 37KB - Virtual size: 37KB

.data
Size: 107KB - Virtual size: 175KB

.rsrc
Size: 4KB - Virtual size: 4KB

.reloc
Size: 3KB - Virtual size: 3KB