d9b5a35ee070e6e1c59b3ee6487213bd_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

d9b5a35ee070e6e1c59b3ee6487213bd_JaffaCakes118
Size

150KB
MD5

d9b5a35ee070e6e1c59b3ee6487213bd
SHA1

d49c54ae4a42c93f49689952de93674773c34cb4
SHA256

2fd58f2ce3bd90c663d8491ebed221139b46aa027de4d7172f5bf2cb7134d5ee
SHA512

9568828cd6625e1397234121cff34c12cb492b2f330551fffc2ffb120898d11a83ef935dedc81eb2df09e255d6ded9506ea3232a83de5edc6c4a6ee5a8d34a35
SSDEEP

3072:fRWPc8RLCfyJCdTnwJpFpZdxXgmEmp6F6ji3vLrw+rodsVYBHhtL:fRAHywJpFbd9QmMF6NgYBHh

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d9b5a35ee070e6e1c59b3ee6487213bd_JaffaCakes118

Files

d9b5a35ee070e6e1c59b3ee6487213bd_JaffaCakes118
.exe windows:5 windows x86 arch:x86

bcf77db840ef251b217bd27df31bcd7e

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

H:\oaftAlz\dNbi\jaKyuXa.pdb

Imports

shlwapi

PathMakePrettyA
StrSpnA

gdi32

CreateFontIndirectA
GetRgnBox
AddFontResourceW
BitBlt
FillRgn
SetBkColor

comctl32

DestroyPropertySheetPage
ImageList_GetImageCount
ImageList_Remove

kernel32

CreateMailslotW
LockFile
SetThreadContext
GetCurrentProcessId
ExitProcess
GetFileAttributesW
GetFileAttributesExW
GetLocaleInfoA
LocalLock

user32

SetLastErrorEx
SetMenuDefaultItem
ScreenToClient
GetWindowLongW
SetCursor
SetWindowLongW
GetScrollPos
SetParent
CharUpperA
GetClassInfoW
GetWindowTextW
ShowOwnedPopups
InSendMessageEx

Exports

Exports

?qklzbaueljhSTTPRAODSE@@YGXG@Z
?l_eNyqekeQ_YJ_TT@@YGHH@Z
?_qhssqigpcfqh__sxvw_i@@YGXPA_NE@Z
?DC__AKBvvpiyRJZ@@YGPAEM@Z
?LOPB_K___dy_sci@@YGPAEPAJ@Z
?_DYRUKFCXR@@YGJPAFPAK@Z
?_y_UAk_hr_GYULFX_KA@@YG_NPAJ@Z
?SIg_ikwkGCH_VO__c@@YGDPAG@Z
?__WI_ZKxxh_ad@@YGPAFJPAI@Z
?MLUT_YEY_@@YGGPAKPAE@Z
?_JBVN_OMD@@YGPAEPAK@Z
?__veWKJZMt@@YGJPAII@Z
?W_PMoiFDKMSD_ERGE@@YGXPAIE@Z
?PS_QDllxst@@YGJPAI@Z
?_XHRF_aH_GHTGU_m_rlti@@YGPAXJ@Z

Sections

.text
Size: 51KB - Virtual size: 51KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 337KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 40KB - Virtual size: 39KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.pdata
Size: 48KB - Virtual size: 47KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

bcf77db840ef251b217bd27df31bcd7e

Headers

File Characteristics

PDB Paths

Imports

shlwapi

gdi32

comctl32

kernel32

user32

Exports

Exports

Sections

.text Size: 51KB - Virtual size: 51KB

.data Size: 5KB - Virtual size: 337KB

.rdata Size: 40KB - Virtual size: 39KB

.pdata Size: 48KB - Virtual size: 47KB

.rsrc Size: 2KB - Virtual size: 4KB

.reloc Size: 2KB - Virtual size: 1KB

.text
Size: 51KB - Virtual size: 51KB

.data
Size: 5KB - Virtual size: 337KB

.rdata
Size: 40KB - Virtual size: 39KB

.pdata
Size: 48KB - Virtual size: 47KB

.rsrc
Size: 2KB - Virtual size: 4KB

.reloc
Size: 2KB - Virtual size: 1KB