d3c716c2d130c70cfb7016509abe9c9c_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

d3c716c2d130c70cfb7016509abe9c9c_JaffaCakes118
Size

284KB
MD5

d3c716c2d130c70cfb7016509abe9c9c
SHA1

f70f6625a4d52ed761b451b9e3cef9369cd8790c
SHA256

c74d2d6de32c5b364ebf2a4cd2ee21e1b60f08bac9757ae1f3334663e1f410e8
SHA512

26e9637e8152450e2bd295aebb626f55424d390f77c199cb724d6f50afd8322d8e0c50a55fed82189716339ddbcfa4b95bc18907bae3a07bda97484f3896940b
SSDEEP

6144:NIXcqt2MMTW/MPwlZ50uApHF3TRsUzUq4aMxm450+26UurF:KMbXTVwlZOuAhFTRtgzxxW+26Uux

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d3c716c2d130c70cfb7016509abe9c9c_JaffaCakes118

Files

d3c716c2d130c70cfb7016509abe9c9c_JaffaCakes118
.exe windows:5 windows x86 arch:x86

9420c8c4debdda0190307ad7447f9486

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

W:\wRkulfojwegRhr\ordxfgwi\hoddTTavKehNt.pdb

Imports

shlwapi

ChrCmpIW
UrlEscapeA

user32

CharUpperW
CheckMenuRadioItem
DefFrameProcW
GetWindowDC
wvsprintfW
wsprintfW
wsprintfA
GetDlgItem
IsCharUpperW

gdi32

UnrealizeObject
SelectObject
TextOutW
CreateCompatibleDC
SetDIBitsToDevice
SetTextAlign

msvcrt

_controlfp
ftell
__set_app_type
__p__fmode
__p__commode
wcspbrk
_amsg_exit
_wtoi64
_initterm
_ismbblead
_XcptFilter
_exit
_cexit
__setusermatherr
__getmainargs
strpbrk
memset

kernel32

lstrcpyA
GetFileAttributesW
TlsSetValue
LoadLibraryExW
LockFile
GetModuleHandleA
GetModuleFileNameA
GetSystemTimeAdjustment
GlobalAlloc
GlobalUnlock
LoadLibraryA
lstrlenA

Exports

Exports

?CreateDlgMessage@@YGHPAXPADK|U

Sections

.text
Size: 27KB - Virtual size: 27KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.return
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 256KB - Virtual size: 456KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE