d3933fcfd495dca608fd5e04101c56e0_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

d3933fcfd495dca608fd5e04101c56e0_JaffaCakes118
Size

2.7MB
MD5

d3933fcfd495dca608fd5e04101c56e0
SHA1

71f4fe4b737d637bfb5b61a83d878a00d4305ec6
SHA256

eb467fd4afe4b71add47d97ac7675c641c99bbe56bc0c3417fea584e7164ac43
SHA512

94a26d1dd406d618d5e9a30afaf34ad634b2e6d3d9f5d535a5fc7a6b6bf7552694c1461b8517fe857c8376f5aacaec29923f2997c0ca4399608444354c9a22ce
SSDEEP

49152:U9AcvUqb2E6Gkabivvojbi4R2xjJrjcPuyL3fT6mO0Ah1x8KhFX5qWVRX2JSdVn/:Gpd6Gk+yvo92xRj8uyL3b6xd18Ex5qmR

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d3933fcfd495dca608fd5e04101c56e0_JaffaCakes118

Files

d3933fcfd495dca608fd5e04101c56e0_JaffaCakes118
.exe windows:5 windows x86 arch:x86

1902acb2b163b21e1ce2ad38936eb599

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

R:\leiGs\Gzfi\mbcsw\ojggoNu.pdb

Imports

comdlg32

FindTextW
PrintDlgExW
GetOpenFileNameW
ChooseFontW

gdi32

CreateDiscardableBitmap
RoundRect
SetDIBits
SetBkColor
MoveToEx
RectVisible
RemoveFontResourceW
SetBitmapDimensionEx

kernel32

GetTickCount
GetVersion
CloseHandle
WaitForMultipleObjects
ReleaseSemaphore
SetMailslotInfo
CreateRemoteThread
FindNextFileA
SetWaitableTimer
CreateSemaphoreW
WinExec
UnhandledExceptionFilter
LoadResource
SetStdHandle

user32

GetLastInputInfo
SetWindowTextA
PtInRect
LookupIconIdFromDirectory
SetUserObjectInformationW
SystemParametersInfoW
IsCharLowerW
CharUpperBuffA
GrayStringW
MapVirtualKeyW
IsCharAlphaNumericW
AllowSetForegroundWindow
InvalidateRect

shlwapi

PathFindExtensionA

comctl32

ImageList_Write
PropertySheetA

Exports

Exports

?rkqipTnJnZkzzQvRNsnrL@@YGMJF@Z
?wxLhJAIfhqU@@YGPAHJ@Z
?brYiDPsPyRigujEuEf@@YGEK@Z
?wgjdDorMSbIhrcFRQod@@YGMF_N@Z
?bJnsHhTwXSj@@YGPAMPAJE@Z
?KNTEhdc@@YGMPAG_N@Z
?ehfqctsycqrgrMgAtqyz@@YGPAIPAID@Z

Sections

.itext
Size: 512B - Virtual size: 192B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.text
Size: 17KB - Virtual size: 17KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 6KB - Virtual size: 6.9MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2.7MB - Virtual size: 2.7MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

1902acb2b163b21e1ce2ad38936eb599

Headers

File Characteristics

PDB Paths

Imports

comdlg32

gdi32

kernel32

user32

shlwapi

comctl32

Exports

Exports

Sections

.itext Size: 512B - Virtual size: 192B

.text Size: 17KB - Virtual size: 17KB

.data Size: 6KB - Virtual size: 6.9MB

.rsrc Size: 2.7MB - Virtual size: 2.7MB

.reloc Size: 2KB - Virtual size: 1KB

.itext
Size: 512B - Virtual size: 192B

.text
Size: 17KB - Virtual size: 17KB

.data
Size: 6KB - Virtual size: 6.9MB

.rsrc
Size: 2.7MB - Virtual size: 2.7MB

.reloc
Size: 2KB - Virtual size: 1KB