c22dd0b4f47b94fa8be0890b34c1655f_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

c22dd0b4f47b94fa8be0890b34c1655f_JaffaCakes118
Size

157KB
MD5

c22dd0b4f47b94fa8be0890b34c1655f
SHA1

7bd24a808b79cb0f80c70a6f0ed9c12a712bb548
SHA256

21df146615146eb36a94ff3345c5111f3df0cf23306d0ac15bbf555a0c13d262
SHA512

c0fd50d337857d1b907ad761ec7d9d63033efb8812689b9fed026c70d5bc91601674afc4598fa03fa3a786c1e8e0cdb6dee607251501377c22056cb973791aa2
SSDEEP

3072:rjNwHd65z8GOtURDDGD9FoqTjWoER9PEzS0yxPSVfNt2Dzf/Q:rBlzNO2Rm5TPuMQUfsr

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c22dd0b4f47b94fa8be0890b34c1655f_JaffaCakes118

Files

c22dd0b4f47b94fa8be0890b34c1655f_JaffaCakes118
.exe windows:5 windows x86 arch:x86

c4758c21a1e7e8737ac6d0bdcfd53d33

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

R:\mXnbducw\yolgjpJm\bvDczkqr.pdb

Imports

user32

DestroyWindow
CharLowerBuffW
LoadIconW
GetDlgItem
GetKeyNameTextW
LoadIconA
IsWindow
WaitMessage
DestroyMenu
SetClassLongW
CharUpperA
GetSystemMetrics
FillRect

shlwapi

StrToIntW
UrlGetPartA

comdlg32

PrintDlgExW
FindTextW

kernel32

GetSystemTimeAsFileTime
GetWindowsDirectoryA
CreateFileMappingA
GetComputerNameW
SetWaitableTimer
lstrcmpA
IsDBCSLeadByteEx

gdi32

GetDeviceCaps
RestoreDC
RectInRegion
CreatePalette
ResizePalette
SetLayout

Exports

Exports

?g_rhetqcsfrf_nnboui@@YGEH@Z
?fhjpvOGZjm@@YGEPAMF@Z
?ke_esqjhip_bYDETCNZ@@YGFI@Z

Sections

.text
Size: 56KB - Virtual size: 56KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 50KB - Virtual size: 382KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 39KB - Virtual size: 38KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ