d9f28647a4e66683324ede3ab1478e26_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

d9f28647a4e66683324ede3ab1478e26_JaffaCakes118
Size

157KB
MD5

d9f28647a4e66683324ede3ab1478e26
SHA1

a4f4a20d194929828fc0a49fce0187f5e870ef86
SHA256

480808543c54ddc711adce3b0891a2f45dd30bf496ed301d4801c246d02492bc
SHA512

3560031a75d8798ccb9927b991d63afe7174c72e34abc126a31cc1a3dc5e57cf06b16df7341f4a811ef85656addacfdbd8bcb742efd20a4fe1158fa0704d0fd5
SSDEEP

3072:iKusnpkFepMn0WnbtObz16lATclHo8Xc11CecKRFP:geEeXbz16lAIs3Pz

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d9f28647a4e66683324ede3ab1478e26_JaffaCakes118

Files

d9f28647a4e66683324ede3ab1478e26_JaffaCakes118
.exe windows:5 windows x86 arch:x86

e1be66df5af155fc00ac302aaf06e24b

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

B:\dePgE\CqgZ\rqaqaqqz\tMobrWme\BYftBam.pdb

Imports

shlwapi

StrCatBuffW

comdlg32

GetOpenFileNameW
GetSaveFileNameW

user32

SetClassLongW
GetUserObjectInformationW
wsprintfW
SendMessageTimeoutW
GetClassInfoExA
GetMenuDefaultItem
DestroyCaret
VkKeyScanW
RemovePropA
OpenDesktopW
GetUserObjectInformationA
BringWindowToTop
DeleteMenu

kernel32

LeaveCriticalSection
lstrlenW
GlobalReAlloc
GlobalGetAtomNameA
FileTimeToDosDateTime
SetFileTime
TryEnterCriticalSection
GlobalLock
GetSystemDirectoryA
EnumResourceTypesA
SetThreadExecutionState
EnterCriticalSection
AddAtomA

gdi32

GetClipBox
DeleteObject
GetTextExtentPoint32W
PathToRegion
SetPaletteEntries
EnumFontFamiliesExW
SetTextAlign
RoundRect
CreateBitmap

comctl32

ImageList_Remove
ImageList_AddMasked

Exports

Exports

?uizhmtfJdpCUnx@@YGPADHK@Z
?DTjssbZbf@@YGII@Z
?kAqkmqw@@YGHPAD@Z

Sections

.text
Size: 29KB - Virtual size: 28KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.edata
Size: 1024B - Virtual size: 1024B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 273KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 116KB - Virtual size: 116KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e1be66df5af155fc00ac302aaf06e24b

Headers

File Characteristics

PDB Paths

Imports

shlwapi

comdlg32

user32

kernel32

gdi32

comctl32

Exports

Exports

Sections

.text Size: 29KB - Virtual size: 28KB

.edata Size: 1024B - Virtual size: 1024B

.idata Size: 1KB - Virtual size: 1KB

.data Size: 5KB - Virtual size: 273KB

.rsrc Size: 116KB - Virtual size: 116KB

.reloc Size: 4KB - Virtual size: 3KB

.text
Size: 29KB - Virtual size: 28KB

.edata
Size: 1024B - Virtual size: 1024B

.idata
Size: 1KB - Virtual size: 1KB

.data
Size: 5KB - Virtual size: 273KB

.rsrc
Size: 116KB - Virtual size: 116KB

.reloc
Size: 4KB - Virtual size: 3KB