d3348c43547124aa35b61a091756d676_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

d3348c43547124aa35b61a091756d676_JaffaCakes118
Size

35KB
MD5

d3348c43547124aa35b61a091756d676
SHA1

ae3e6d92a2ee5d4a47c7c0b7920bf548955f0f1a
SHA256

f6bb52e30df86808bac9f42e9b80c7cdf87bd4d58967a9a08be1927a20d139fa
SHA512

7387d2ddc96c1db397d94d38040bf2113cf8c89ce910b243d476d1dfa116051dcc977947ad91a2b68c2b5ee35cabc74c5583c0a892ef3625f43119dfe5ea4ce5
SSDEEP

768:4Hn7Y6R2w5SPsb494JDwe31KGrueFa2HJY+Tj:4b/R2eSkb46hw01DrueDJTTj

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/Info.Doc__________________________________________________________________.exe

Files

d3348c43547124aa35b61a091756d676_JaffaCakes118
.zip
Info.Doc__________________________________________________________________.exe
.exe windows:5 windows x86 arch:x86

486bd18d7c93179b6131c4d082a8f394

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

Y:\XFajllyx\JkeZgd\PyncCY\eqwhnqG.pdb

Imports

comctl32

ImageList_GetImageCount
DestroyPropertySheetPage
ImageList_Write
CreatePropertySheetPageA
ImageList_GetIconSize

gdi32

StretchDIBits
GetNearestPaletteIndex
TranslateCharsetInfo
PatBlt
PtVisible
GetBkMode
SelectPalette
EnumFontFamiliesExW
EnumFontFamiliesW
ScaleWindowExtEx
CreateHalftonePalette
SetMapMode

kernel32

SuspendThread
SetFilePointer
IsValidLanguageGroup
WaitForSingleObject
GlobalLock
GetComputerNameExA
lstrcatA
SetCommMask
GlobalHandle
lstrcpynW
GetFileType
SetSystemTimeAdjustment
SetWaitableTimer
lstrlenW
MapViewOfFile
CreateWaitableTimerW
lstrcmpiW
GetDateFormatA

shlwapi

StrSpnA
UrlUnescapeA
PathMakePrettyW

user32

GetWindowPlacement
TranslateMessage
RegisterClassA
GetAsyncKeyState
IsWindow
CharUpperW
SetSysColors
LoadBitmapA
IsDialogMessageW
EnumThreadWindows
RemoveMenu
DrawTextW
CharUpperA
GetClassLongA
ShowOwnedPopups
SetMenuItemInfoW
SetActiveWindow
GetDlgCtrlID
SetDlgItemTextA
DrawMenuBar
IsDialogMessageA
LoadAcceleratorsA
LoadAcceleratorsW
GetClassLongW
GetMenuStringA
DialogBoxParamA
GetMonitorInfoW
IsZoomed
MessageBoxExA

Exports

Exports

?sqg_bfskj@@YGXFG@Z
?dPY_CS_DT_gowcB_Q@@YGPADJJ@Z
?ddorWxycV@@YGPAJF@Z
?GC_C__Zqy_ir_EAMZ@@YGPAHPAJ@Z
?r__SFFNV@@YGPAHG@Z
?l_vk_aaBxnrTK_U@@YGPANHE@Z
?II_XNvjugx_pgctuY@@YGFGD@Z
?lRZ__NFMpkc_ndodw@@YGEI@Z

Sections

.text
Size: 28KB - Virtual size: 64KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.xdata
Size: 1024B - Virtual size: 855B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 9KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

486bd18d7c93179b6131c4d082a8f394

Headers

File Characteristics

PDB Paths

Imports

comctl32

gdi32

kernel32

shlwapi

user32

Exports

Exports

Sections

.text Size: 28KB - Virtual size: 64KB

.rdata Size: 2KB - Virtual size: 1KB

.data Size: 12KB - Virtual size: 12KB

.xdata Size: 1024B - Virtual size: 855B

.rsrc Size: 9KB - Virtual size: 12KB

.reloc Size: 2KB - Virtual size: 1KB

.text
Size: 28KB - Virtual size: 64KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 12KB - Virtual size: 12KB

.xdata
Size: 1024B - Virtual size: 855B

.rsrc
Size: 9KB - Virtual size: 12KB

.reloc
Size: 2KB - Virtual size: 1KB