db4c0e39dbd525786b21afb5157da606_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

db4c0e39dbd525786b21afb5157da606_JaffaCakes118
Size

140KB
MD5

db4c0e39dbd525786b21afb5157da606
SHA1

6e18a62c4c579435a61c573961e2e2587b5f0012
SHA256

dcc41da11886cc5a57002fc9b4f82f51b9d1bdda4cc0b4ea625791c2fb8b2785
SHA512

1fcb9a7f26e3e2e561d14be356c54172a3b976e0f1494f8327641093958b60f54ae938defe8873b663ec01b146f0f1f2cf54183cd09511319c7fc6b3c4f575b6
SSDEEP

3072:kyP+vUCmfCRWVzO6Pb8UvfxiFSfzpBzCe0J7P9iD+wqIfdEz3iU:hkiq4FO6jHhicNBzCe6PIDq

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
db4c0e39dbd525786b21afb5157da606_JaffaCakes118

Files

db4c0e39dbd525786b21afb5157da606_JaffaCakes118
.exe windows:5 windows x86 arch:x86

7f65912239e74285c8fd9b741edb29a6

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

A:\HouG\bObdry\DxqPO\lUWydv.pdb

Imports

shlwapi

StrToIntW
UrlGetPartA

gdi32

GetTextExtentPoint32A
GetCharWidth32W
CreateRectRgn
GetDeviceCaps
GetViewportOrgEx
RoundRect

kernel32

CreatePipe
GetFileType
VirtualProtect
FatalExit
lstrcmpA
VirtualFree
CreateThread
VerSetConditionMask

user32

GetMessageA
mouse_event
CharLowerBuffW
IsDialogMessageW
SetWindowLongA
SetDlgItemTextA
SetCaretPos
DefWindowProcW
DrawFrameControl
ArrangeIconicWindows
GetClassInfoA
IsRectEmpty
GetMenuStringA

Exports

Exports

?vjpyakXU_Y_RLa_z@@YGHPAG@Z
?_IVZ_K_gnby_vw__mYJ@@YGPAHPAIE@Z
?ml_y__o_b_xaoi_j@@YGPA_NPAHE@Z

Sections

.text
Size: 51KB - Virtual size: 206KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 14KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 33KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.xdata
Size: 35KB - Virtual size: 34KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ