dbf07497a5e7bda70812e1761d610576_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

dbf07497a5e7bda70812e1761d610576_JaffaCakes118
Size

192KB
MD5

dbf07497a5e7bda70812e1761d610576
SHA1

754bb1f00a9a50ac9d135021d8ac5d20b21eecce
SHA256

ff2e2f74697db76e359e666642b5194e1afe161eaaec9fa78bbbba567c6d40a3
SHA512

30fe4f257c81a45f8476d60a91ae9f7d3e9e80de6690591ae03768410991a7a4a23db9b617f20aa584bb12e5dee5895b06bffa97e84de6984de51bf2f1fcd0e5
SSDEEP

3072:g0Y5vTVR0bCMs3AHRX008VJ48cozsWpE/zWoLFrmAC83RGe3tJB0Qx6wZuxcrBR9:g00qJ8kC7S/SoLFjjbVrBZ8yBH7

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
dbf07497a5e7bda70812e1761d610576_JaffaCakes118

Files

dbf07497a5e7bda70812e1761d610576_JaffaCakes118
.exe windows:4 windows x86 arch:x86

33ef8831be42475c848e79627b7f8d6c

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

unpack.pdb

Imports

kernel32

ReadFile
WriteFile
CloseHandle
FlushFileBuffers
SetFilePointer
lstrlenA
lstrlenW
lstrcmpW
WideCharToMultiByte
GetLastError
CreateDirectoryW
FindClose
FindNextFileW
MultiByteToWideChar
GetFileAttributesW
GetTempPathW
GetModuleFileNameW
GetModuleHandleA
GetSystemTimeAsFileTime
GetCurrentProcessId
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
FindFirstFileW
CreateFileW
GetStartupInfoA

user32

SendMessageW
GetDesktopWindow
LoadAcceleratorsW
GetMessageW
TranslateAcceleratorW
TranslateMessage
DispatchMessageW
CharNextA
DialogBoxParamW
GetDlgItem
EndDialog
GetWindowRect
GetDC
ReleaseDC
SetWindowPos
LoadStringW
LoadCursorW
SetCursor
wsprintfW
MessageBeep
MessageBoxW
PostQuitMessage

gdi32

GetDeviceCaps

shell32

SHGetMalloc
SHBrowseForFolderW
SHGetPathFromIDListW

msvcrt

_controlfp
_onexit
__dllonexit
_except_handler3
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_initterm
__getmainargs
_amsg_exit
_acmdln
exit
_cexit
malloc
free
wcsncat
wcslen
wcsncpy
_errno
wcsrchr
_c_exit
_exit
_XcptFilter
_ismbblead

Sections

.text
Size: 28KB - Virtual size: 24KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

PACK
Size: 144KB - Virtual size: 380KB

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

33ef8831be42475c848e79627b7f8d6c

Headers

File Characteristics

PDB Paths

Imports

kernel32

user32

gdi32

shell32

msvcrt

Sections

.text Size: 28KB - Virtual size: 24KB

.rdata Size: 4KB - Virtual size: 2KB

.data Size: 4KB - Virtual size: 13KB

.rsrc Size: 8KB - Virtual size: 8KB

PACK Size: 144KB - Virtual size: 380KB

.text
Size: 28KB - Virtual size: 24KB

.rdata
Size: 4KB - Virtual size: 2KB

.data
Size: 4KB - Virtual size: 13KB

.rsrc
Size: 8KB - Virtual size: 8KB

PACK
Size: 144KB - Virtual size: 380KB