d3d979bc40fd3ff59dc652b13fee9b74_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

d3d979bc40fd3ff59dc652b13fee9b74_JaffaCakes118
Size

152KB
MD5

d3d979bc40fd3ff59dc652b13fee9b74
SHA1

ca782acf566c1bc662ff43913470f788242966f2
SHA256

492ee4ac536a7ee6e387c0c07ba6a08c5e108b845a00fd47f7a7f51ac4f9676d
SHA512

f042a6248b81511238150f929b0848a8eb86606472a2a6d6f4db5dd9434e3fd37fff59e57d4e929267e742898eba4e8a77fd0c4f52f20f82e040f40d17de0287
SSDEEP

3072:yWIF2r37jez93F9uJSfgKhRf4TSOr27hl7c7R5/udW:j68Lje93nT1RgTx27n47Xud

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d3d979bc40fd3ff59dc652b13fee9b74_JaffaCakes118

Files

d3d979bc40fd3ff59dc652b13fee9b74_JaffaCakes118
.exe windows:5 windows x86 arch:x86

38b4adaed086755ff12ca1d9776d4fcb

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

M:\ovIrnpwsa\OGnzhqXTty\knqfgyayglw\NqctmWmoqlw\fmDqmnsrQRed.pdb

Imports

user32

LoadImageW
IsCharAlphaA
CharPrevA
GetMessageTime
keybd_event
GetTopWindow
wsprintfW
GetDC
VkKeyScanW

kernel32

lstrcmpiW
FindResourceA
GetModuleHandleA
OpenFileMappingW
SetCommTimeouts
IsBadReadPtr
GetModuleFileNameA
GetUserDefaultUILanguage
lstrlenA
LoadResource

shlwapi

UrlIsOpaqueW
UrlGetLocationA

msvcrt

_controlfp
__set_app_type
__p__fmode
__p__commode
_amsg_exit
_initterm
_ismbblead
tolower
_XcptFilter
_exit
_cexit
__setusermatherr
memset
__getmainargs

Exports

Exports

?TravelCheck@@YGK:O

Sections

.text
Size: 145KB - Virtual size: 144KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.$dsdir
Size: 512B - Virtual size: 117B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.icar
Size: 1024B - Virtual size: 990B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.ecar
Size: 512B - Virtual size: 84B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.ally
Size: 1024B - Virtual size: 565B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.carry
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ram
Size: - Virtual size: 126KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

38b4adaed086755ff12ca1d9776d4fcb

Headers

File Characteristics

PDB Paths

Imports

user32

kernel32

shlwapi

msvcrt

Exports

Exports

Sections

.text Size: 145KB - Virtual size: 144KB

.$dsdir Size: 512B - Virtual size: 117B

.icar Size: 1024B - Virtual size: 990B

.ecar Size: 512B - Virtual size: 84B

.ally Size: 1024B - Virtual size: 565B

.carry Size: 1KB - Virtual size: 1KB

.data Size: 2KB - Virtual size: 1KB

.ram Size: - Virtual size: 126KB

.text
Size: 145KB - Virtual size: 144KB

.$dsdir
Size: 512B - Virtual size: 117B

.icar
Size: 1024B - Virtual size: 990B

.ecar
Size: 512B - Virtual size: 84B

.ally
Size: 1024B - Virtual size: 565B

.carry
Size: 1KB - Virtual size: 1KB

.data
Size: 2KB - Virtual size: 1KB

.ram
Size: - Virtual size: 126KB