d5388a5be389867143af678cf69f0231_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

d5388a5be389867143af678cf69f0231_JaffaCakes118
Size

213KB
MD5

d5388a5be389867143af678cf69f0231
SHA1

e887e9907ae3658fca10d2c8d3bac6580dcec091
SHA256

9924979549f212f1c573571b2fd912b13a8a65841773f5060cf7deb3f8a84419
SHA512

2378bdbd4241572a06e6d9e2f46a139b0a8fa82a0c027a562538b5c7a648a25c47856085abc96eb8ae8f3b95095f8dc424f975f33042ba61afc9760d873d7068
SSDEEP

3072:Te33mjZsjAxO+KPOlfd7tTmkT8gX9fNXy6MxMYRacXouZ7CD6xFm7H9d9vNeUVpM:TSkTdhlfYMYrPqz9vNnrwm3YDm9

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d5388a5be389867143af678cf69f0231_JaffaCakes118

Files

d5388a5be389867143af678cf69f0231_JaffaCakes118
.exe windows:5 windows x86 arch:x86

27f19af9d108f81129df2c8100bfb0d3

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

M:\vuodyDBc\tdrKFiwe\yPyBrfsqF\hzdtBgTVfpfeef.pdb

Imports

msvcrt

mktime
_controlfp
__set_app_type
__p__fmode
vsprintf
__p__commode
setvbuf
_amsg_exit
strtol
atol
_initterm
_acmdln
exit
strcoll
_ismbblead
wcsrchr
tolower
_XcptFilter
_exit
strncmp
_cexit
wcscmp
__setusermatherr
__getmainargs

user32

GetDCEx
CharUpperBuffA
CharLowerBuffW
GetKeyState
LockWindowUpdate
CopyRect
GetMenuItemID
DialogBoxIndirectParamA
ShowScrollBar
SetScrollInfo
SetWindowRgn
TranslateMessage
LoadBitmapW
CharNextExA
CheckDlgButton
LoadImageW
GetMenuItemRect
SetForegroundWindow
CharUpperA
IsCharAlphaNumericW
wsprintfW
GetSubMenu
IsCharAlphaW
GetSysColor
DestroyCaret
VkKeyScanA
GetNextDlgTabItem
GetClassInfoExW
IsRectEmpty
UnloadKeyboardLayout
GetMenu
MoveWindow
SetScrollPos
GetWindow
SetMenuDefaultItem
MapWindowPoints

kernel32

lstrcatW
GlobalGetAtomNameA
SetWaitableTimer
GetLocaleInfoW
VirtualFree
SetHandleInformation
GetComputerNameW
SetThreadAffinityMask
IsBadStringPtrA
GetCommState
GetFileAttributesA
GetThreadContext
FreeLibrary
HeapFree
GetSystemDirectoryA
SetCommTimeouts
GlobalGetAtomNameW
HeapWalk

gdi32

CreateDIBitmap
CreateCompatibleBitmap
SelectObject
BeginPath
ExtTextOutA
CreateBrushIndirect
GetDIBColorTable
GetTextExtentPointW
RemoveFontResourceW
GetCurrentObject
CreateFontW
GetTextFaceW
CloseFigure
GetObjectW
StretchDIBits
SaveDC

Exports

Exports

?InitializeCriticalSectionAndSpinCountHDhdhHGHdhds@@YGKEPA_WG@Z

Sections

.text
Size: 170KB - Virtual size: 169KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.diag_y
Size: 512B - Virtual size: 74B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.diag_x
Size: 512B - Virtual size: 28B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idat
Size: 512B - Virtual size: 392B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.div
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.plus
Size: 1024B - Virtual size: 681B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.minus
Size: 512B - Virtual size: 140B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 32KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

27f19af9d108f81129df2c8100bfb0d3

Headers

File Characteristics

PDB Paths

Imports

msvcrt

user32

kernel32

gdi32

Exports

Exports

Sections

.text Size: 170KB - Virtual size: 169KB

.data Size: 2KB - Virtual size: 1KB

.diag_y Size: 512B - Virtual size: 74B

.diag_x Size: 512B - Virtual size: 28B

.idat Size: 512B - Virtual size: 392B

.div Size: 2KB - Virtual size: 1KB

.plus Size: 1024B - Virtual size: 681B

.minus Size: 512B - Virtual size: 140B

.rsrc Size: 32KB - Virtual size: 32KB

.reloc Size: 2KB - Virtual size: 2KB

.text
Size: 170KB - Virtual size: 169KB

.data
Size: 2KB - Virtual size: 1KB

.diag_y
Size: 512B - Virtual size: 74B

.diag_x
Size: 512B - Virtual size: 28B

.idat
Size: 512B - Virtual size: 392B

.div
Size: 2KB - Virtual size: 1KB

.plus
Size: 1024B - Virtual size: 681B

.minus
Size: 512B - Virtual size: 140B

.rsrc
Size: 32KB - Virtual size: 32KB

.reloc
Size: 2KB - Virtual size: 2KB