cffb929c2b2c942668ce74b7f62e8fab_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

cffb929c2b2c942668ce74b7f62e8fab_JaffaCakes118
Size

182KB
MD5

cffb929c2b2c942668ce74b7f62e8fab
SHA1

b2334aa936cca6ff0e3de8d960c61daa42fd422f
SHA256

d075ba1a254943b9797b763ecba56d06d69f3b0b6ce4b825ab422ab94a4e32ec
SHA512

81a9b614c07828827691ece264491680b412585a836e6664a0e25cb73d8a179576e826621641283492d9ad565f8dcd65a376f2fb24a3d499c3f5c11449f42e1f
SSDEEP

3072:HHybd1J2ke8vFVAF3rD1pTwgHTX5kCk9O2oPwsFsRWtNE7pM1Sdqz2TT5LQLZa1T:nybd1JpbOTwgHTG9cYmtNEYSKC0LZqkY

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
cffb929c2b2c942668ce74b7f62e8fab_JaffaCakes118

Files

cffb929c2b2c942668ce74b7f62e8fab_JaffaCakes118
.exe windows:5 windows x86 arch:x86

75c9534322a368b8f52f9bb9053f4d20

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

S:\HviwdezCQvfy\pOjtujd\aojktPa.pdb

Imports

gdi32

SelectPalette
GetLayout
CreateBitmapIndirect
Rectangle
EnumFontFamiliesExW
LineTo
EnumFontsW
CreateHalftonePalette
CreateDCW
ScaleViewportExtEx
EnumFontFamiliesW
GetTextExtentPointW

comdlg32

GetFileTitleW
ChooseFontW

shlwapi

UrlGetPartW
StrToIntA
PathSearchAndQualifyA
ChrCmpIA
StrFormatByteSizeA

user32

SetDlgItemInt
UnloadKeyboardLayout
DispatchMessageW
SetWindowPlacement
GetTopWindow
ScrollWindow
GetFocus
SetSysColors
CharNextA
GetDlgItemInt
EnableScrollBar
LoadIconW
CallWindowProcA
GetWindow
GetNextDlgTabItem
CreateMenu
InternalGetWindowText
RedrawWindow
HideCaret
MoveWindow
SetMenuItemBitmaps
GetDC
DrawMenuBar
FrameRect
CheckMenuItem
IsMenu
CreateDialogParamA
DestroyCursor
WindowFromPoint

comctl32

ImageList_Read
CreateStatusWindowW
CreatePropertySheetPageA

msvcrt

exit

ntdll

memset

kernel32

GetExitCodeThread
GetFullPathNameW
lstrcmpiW
SizeofResource
GetTimeZoneInformation
VirtualProtect
CompareStringW
GetFileAttributesA
WaitForSingleObjectEx
lstrlenW
GetTimeFormatA
GetCurrentThreadId
FindFirstFileW
GlobalFree
SetPriorityClass
DefineDosDeviceW

Exports

Exports

?_IWDBBYSX_MMJev_G@@YGED@Z
?GMJ__QGAGXBJL@@YGXFH@Z
?__eylvackqcLTRE@@YGPAJNF@Z
?djey_lvNAJR_OB@@YGPADH@Z
?REH_ZRLD_EGUn_pztpZ@@YGXKPAH@Z
?pfjFL_VH__mc_@@YGPAE_NPAF@Z
?xwxRYHNQ_WOGKQ@@YG_NH@Z
?K_WRwplbh__BF_FURc@@YGMGH@Z
?so_icu_bomxyYJHSD@@YGIEE@Z
?cWJVICECWODHV_usz@@YGXDM@Z
?_hnX_GEQBRQPIRA@@YGJJ@Z
?g_grt_W_ETEZtmta@@YGXGK@Z
?XNl__ssrbA@@YGFNI@Z
?gs_es__d@@YGMF@Z
?kb_rDa_SM@@YGDM@Z
?ipX_LCT_snw_@@YGII@Z
?ltAp_jbN@@YGPAIFJ@Z
?zTYXKGYKEXYBI_KBSOHY_@@YGJII@Z
?_QHZMs_lwv_o_jwcvnop@@YGJF@Z
?ta_vsb_po@@YGFG@Z
?gc_axh_zj_w_byurxvexos@@YGXG@Z
?lo_HVRT_F_VHJ_j_co@@YGHDM@Z
?fdukc_lf@@YGPAIF@Z
?Mfz_yr_@@YGHPAJK@Z
?msquNPmn_vqYNoUa@@YGXPAI@Z
?vwdmhYYJT_UjRDUkcK_Y_@@YGJDPAG@Z
?DjqS_V___gai_kla__l@@YGKPAM@Z
?Q_Sm__yeRUukndQW@@YGPAKPAJ@Z
?OCfuoxf_xev_V_QNBm@@YGXPAKH@Z
?BZFkjvca_pwj__oe_a_@@YGIPA_N@Z
?apxfkttyfuf_@@YGXE@Z
?_QYqbZBVMNMVCVEE_Q@@YGFEPAK@Z
?AADJWS__KSKBqd_xsf_@@YGPA_NMM@Z
?xvggo_ajdSHWu_mhvj__m_@@YGMD_N@Z
?ZAVNYSSaSPFKvnYRPYOFI@@YGPAHPAD@Z
?BV_Gb_s@@YGPAMPAJ@Z
?CUZHT_Y__OXNllwbfzj_f@@YGHG@Z
?_TFAEQA___Unsf__gyJXL@@YGPAFH@Z
?p_Q_GC_kt___ac_ph__o@@YGKN@Z
?Dsl_yFNzYCrsilq_tnt@@YGIJ@Z
?d_h__bqkEQ@@YGPAXD@Z
?lgpo_es@@YGDHG@Z
?DYbf_vg_v@@YGEMK@Z
?_mkKZU_M_D__NILOJV_M@@YGPAKDPAE@Z
?axw_lr___c_ktpk_u_qb@@YGMGPAD@Z
?d_pyxhyQZTCO_G@@YGPADPAGPAE@Z
?aly_gaDLIK_n@@YGPAHJ@Z
?__d_csty@@YGGKG@Z
?_TBUM_va_mh_lt_i@@YGJD@Z
?i_jikXA_R_S_@@YGEPAF@Z
?cmzgsrPS@@YGXD@Z
?bzwnbypzr_GW__W@@YGEHPAD@Z
?HQ_NNA_K_OIDVL@@YGXJ@Z
?_XAR__NyaqlppBMZKUiov@@YGDPAI@Z
?cknaE_BQ_TGsrl_@@YGHD@Z
?_wt_ajlxbihN_GNN@@YGJME@Z
?zgpkkffzvgelki@@YGFFE@Z
?_EFL_X_JPWq___sCCJTOm@@YGDE@Z

Sections

.text
Size: 114KB - Virtual size: 113KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 47KB - Virtual size: 291KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 497B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

75c9534322a368b8f52f9bb9053f4d20

Headers

File Characteristics

PDB Paths

Imports

gdi32

comdlg32

shlwapi

user32

comctl32

msvcrt

ntdll

kernel32

Exports

Exports

Sections

.text Size: 114KB - Virtual size: 113KB

.data Size: 47KB - Virtual size: 291KB

.rdata Size: 512B - Virtual size: 497B

.idata Size: 16KB - Virtual size: 15KB

.rsrc Size: 512B - Virtual size: 16B

.reloc Size: 2KB - Virtual size: 2KB

.text
Size: 114KB - Virtual size: 113KB

.data
Size: 47KB - Virtual size: 291KB

.rdata
Size: 512B - Virtual size: 497B

.idata
Size: 16KB - Virtual size: 15KB

.rsrc
Size: 512B - Virtual size: 16B

.reloc
Size: 2KB - Virtual size: 2KB