c236ca835a6a83fde9c98a887574857f_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

c236ca835a6a83fde9c98a887574857f_JaffaCakes118
Size

2.9MB
MD5

c236ca835a6a83fde9c98a887574857f
SHA1

08f92be55cb53335f8ca15c432484602228d251e
SHA256

2d026feb2e2f013a44987c63fb94803bf66ffa7d1e6bcfec483f84d005e414a0
SHA512

59ce7194a274f3302f05e5d90fb6d3cfc902b06d5bac354ae62cd956e9291aefd63af4d1153b1fae6c6b0ec8dde88644102d8669f3b04793ad0c480855981c4a
SSDEEP

49152:7pIR/XZ6cTD60l6esN1QEn+4feSOVZPz1qh0jfdjdiWvocx6E9fIdGk6o7yd7N:7pIRvpTD6O6DQEn/ferNz1Nt5B9fEpPE

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c236ca835a6a83fde9c98a887574857f_JaffaCakes118

Files

c236ca835a6a83fde9c98a887574857f_JaffaCakes118
.exe windows:5 windows x86 arch:x86

da87961e627b1586bbed671ef33b3ce3

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

B:\lzmgvpFq\xxomkJnyb\wogAXBo\ljPmXUcgbv.QcT

Imports

comctl32

CreatePropertySheetPageA
ImageList_Remove
CreateToolbarEx
ImageList_GetIconSize

gdi32

BitBlt
CreateFontIndirectA
CreatePolygonRgn
TranslateCharsetInfo
TextOutA
OffsetViewportOrgEx
Ellipse
IntersectClipRect

ole32

CoTaskMemAlloc
CoTaskMemFree

shlwapi

StrCatBuffW

user32

SetRect
SetMenuDefaultItem
DialogBoxIndirectParamA
MonitorFromRect
wsprintfW
RemovePropW
GetCaretPos
CreatePopupMenu
GetClassLongA
GetWindowTextW
DefFrameProcW
RegisterClassExA
ShowCursor

comdlg32

GetOpenFileNameW
PrintDlgW

kernel32

GetFileAttributesExA
GetAtomNameA
VerifyVersionInfoW
VirtualProtect
DeleteFileW
GlobalMemoryStatus
CreateMailslotW
FileTimeToDosDateTime
UnhandledExceptionFilter
CompareStringA
GetComputerNameExW
ClearCommBreak

Exports

Exports

?GnPRDgbbAl@@YGIDPAK@Z
LoviatqjluptseOnfbuxP
ItyXmlhknwfdrQsa
Qxjgqtc
_PwFnvpsnkzqw
BeIyysnIcgbehamjmw

Sections

.itext
Size: 18KB - Virtual size: 17KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.text
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 7KB - Virtual size: 7.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2.9MB - Virtual size: 2.9MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

da87961e627b1586bbed671ef33b3ce3

Headers

File Characteristics

PDB Paths

Imports

comctl32

gdi32

ole32

shlwapi

user32

comdlg32

kernel32

Exports

Exports

Sections

.itext Size: 18KB - Virtual size: 17KB

.text Size: 5KB - Virtual size: 4KB

.data Size: 7KB - Virtual size: 7.2MB

.rsrc Size: 2.9MB - Virtual size: 2.9MB

.reloc Size: 3KB - Virtual size: 2KB

.itext
Size: 18KB - Virtual size: 17KB

.text
Size: 5KB - Virtual size: 4KB

.data
Size: 7KB - Virtual size: 7.2MB

.rsrc
Size: 2.9MB - Virtual size: 2.9MB

.reloc
Size: 3KB - Virtual size: 2KB