bfed3a3363040122bc12ce88f3f823c0_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

bfed3a3363040122bc12ce88f3f823c0_JaffaCakes118
Size

170KB
MD5

bfed3a3363040122bc12ce88f3f823c0
SHA1

3167f6927e64940f661e0774634b4701b7ba23be
SHA256

7a3d48fce40e4e33f62d6a7d98c798652bbcfb028388da1f57d1edb8aaf00d40
SHA512

c0af82e1667a914184c7423357dd286a45ac06c9edbd3d41e0993be132cf2bdbfc1494212ad769410957840ad0398d930e20f6079df601e60681c0e32b991f0f
SSDEEP

3072:Bm2gr52LvahZOjkZkUUK3UzMhP/675ykyFrs/mUMtVONqkvfhYW8:Bm94vEZwkZOKAMhQ5sFrs/Usq

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
bfed3a3363040122bc12ce88f3f823c0_JaffaCakes118

Files

bfed3a3363040122bc12ce88f3f823c0_JaffaCakes118
.exe windows:5 windows x86 arch:x86

a8bdd99769d1c7c532cb6f6c05d938b3

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

F:\mYZnDSv\oZquc\RudXjjk.pdb

Imports

gdi32

ExtTextOutA
GetClipBox
WidenPath
GetStockObject
GetSystemPaletteEntries
SetStretchBltMode
PolyBezier
CreateHatchBrush

user32

GetScrollRange
MapVirtualKeyExW
SetLastErrorEx
CharUpperBuffW
GetWindowLongA
WindowFromDC
InSendMessage
LoadIconA
GetMenuItemRect
wvsprintfA
LoadMenuA
CreateIconIndirect

comdlg32

GetSaveFileNameA
ChooseFontW
CommDlgExtendedError
ChooseColorW

comctl32

PropertySheetA
ImageList_Write
ImageList_GetIcon
DestroyPropertySheetPage

ntdll

_aullrem

kernel32

lstrcmpW
FindResourceExW
GetProcAddress
OpenSemaphoreW
CopyFileA
HeapUnlock
lstrlenW
GetModuleHandleW
GlobalFlags
DefineDosDeviceW
SetCurrentDirectoryA
GetPriorityClass
CreateRemoteThread

Exports

Exports

?rlrzepoLwyzxwXlXw@@YGIGF@Z
?kclbvfpbMfWbkkrnwfnc@@YGFG@Z
?dwhzdLerQXzsdMrafgVga@@YGKPAIG@Z
?qyqbhxz@@YGPAD_N@Z
?nZqFmlwfdvOgRFWDa@@YGPAHH@Z
?xwmisjY@@YGIEPAE@Z
?SkFTorljvF@@YGPA_NPAM@Z

Sections

.text
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 141KB - Virtual size: 217KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.crt
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a8bdd99769d1c7c532cb6f6c05d938b3

Headers

File Characteristics

PDB Paths

Imports

gdi32

user32

comdlg32

comctl32

ntdll

kernel32

Exports

Exports

Sections

.text Size: 16KB - Virtual size: 15KB

.data Size: 141KB - Virtual size: 217KB

.crt Size: 3KB - Virtual size: 3KB

.edata Size: 2KB - Virtual size: 1KB

.rsrc Size: 4KB - Virtual size: 4KB

.reloc Size: 2KB - Virtual size: 2KB

.text
Size: 16KB - Virtual size: 15KB

.data
Size: 141KB - Virtual size: 217KB

.crt
Size: 3KB - Virtual size: 3KB

.edata
Size: 2KB - Virtual size: 1KB

.rsrc
Size: 4KB - Virtual size: 4KB

.reloc
Size: 2KB - Virtual size: 2KB