d608cea2d276c7eb12a3a6ba70797c3a_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

d608cea2d276c7eb12a3a6ba70797c3a_JaffaCakes118
Size

174KB
MD5

d608cea2d276c7eb12a3a6ba70797c3a
SHA1

bf73eae2f641c2941acaca340bba5783883d7097
SHA256

303f395a08c0361b2057a206d843e565136c64dbdb3268f8fb643f72dd994f5a
SHA512

399c2d59590f87e044d8ebc54c3c0a0bb882de431a4be5ce8104482553e6c6958e78285eed68e85cf4c7798835feca29145c403e71ed3688323f3e257e25eaf5
SSDEEP

3072:W0s00T8hBb3NIGbVcnk4TGIS1nvxONJdvdxUHe8kroN7TbLFh6Pqg1EDvoDU:jszT8X7bcZ1SRxOhMeJO7XLbwqKEDvoY

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d608cea2d276c7eb12a3a6ba70797c3a_JaffaCakes118

Files

d608cea2d276c7eb12a3a6ba70797c3a_JaffaCakes118
.exe windows:5 windows x86 arch:x86

036c22ff8ed717f15da250823215d3dc

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

S:\vkwTMxv\EeufpftpCnDtZ\YifFWbusYlY\Duhapdi.pdb

Imports

shlwapi

UrlEscapeA
ChrCmpIW

user32

SetDlgItemTextW
GetMenuItemRect
ShowScrollBar
PostMessageA
RemoveMenu
GetPropW
LoadImageA
GetForegroundWindow
KillTimer
LoadIconW
TranslateMessage
SendMessageW
wsprintfW
MapDialogRect
DestroyMenu
IsCharAlphaW
IsCharUpperW
GetWindowDC
IsMenu

gdi32

CreateBitmapIndirect
RealizePalette
RestoreDC
RectInRegion
CreateSolidBrush
SetBitmapDimensionEx

kernel32

GetModuleFileNameA
LoadLibraryA
lstrlenA
LoadLibraryExA
QueryPerformanceCounter
lstrcpyA
LoadLibraryW
GetDateFormatW
LockResource
IsDBCSLeadByte
GetModuleHandleW
GetFileAttributesExW

msvcrt

_controlfp
__set_app_type
__p__fmode
__p__commode
_amsg_exit
bsearch
_initterm
_ismbblead
_XcptFilter
_exit
strlen
_cexit
realloc
isdigit
__setusermatherr
__getmainargs

Exports

Exports

?CreateDlgMessage@@YGHPAXPADK|U

Sections

.text
Size: 26KB - Virtual size: 25KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.xyz
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 143KB - Virtual size: 332KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE