dcbfc6df7de9baf7517cd8a8e398071f_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

dcbfc6df7de9baf7517cd8a8e398071f_JaffaCakes118
Size

163KB
MD5

dcbfc6df7de9baf7517cd8a8e398071f
SHA1

05c51d35cd30f1f0533b6bbc2351706cdd7ab118
SHA256

f3f7fbdc0a40264e5f0df702f3dbc3eb2be8d6efc935de0f57aad26874c187c6
SHA512

e8c8c6671deffae437fa115add666cbc215f94617781d36fadd2eaeb5e8b8361dc3717ff1bdcc1edfb7c6f7231a6744d7d605552a9f6498707390266806c56c5
SSDEEP

3072:Ci/XJBxVGo/VrZ2TgZzhXl3iTi58lSeUF59ELRK8K2GgJ9+nz:Ci/Xjx7ppfWq8lGXELRU2GgGnz

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
dcbfc6df7de9baf7517cd8a8e398071f_JaffaCakes118

Files

dcbfc6df7de9baf7517cd8a8e398071f_JaffaCakes118
.exe windows:5 windows x86 arch:x86

3218a9147fa2de1038ed83b1943eaef0

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

D:\uuoxS\fwdwg\qykJF\DSjCXn\phpSecwv.pdb

Imports

shlwapi

StrSpnA

user32

RemovePropW
GetDialogBaseUnits
AppendMenuA
CreateIconFromResource
PtInRect
InSendMessage
DefWindowProcW
GetCaretBlinkTime
GetActiveWindow
CharPrevW
FindWindowA
wsprintfW

gdi32

GetObjectA
CreateFontIndirectW
SetLayout
CreateBitmapIndirect
SetRectRgn
GetMapMode
OffsetRgn
CreatePalette

kernel32

GetStringTypeW
VirtualQuery
VirtualFree
lstrcmpA
GetCommProperties
SetCurrentDirectoryA
GetCurrentDirectoryW
SetHandleCount
QueryPerformanceCounter
SetThreadExecutionState
CreateEventW
OpenFile
GetTickCount
SetupComm

Exports

Exports

?clqkquxpcnqQzovf@@YGXJ@Z
?mRjnmaPewrPgfwMqojsr@@YGFK@Z
?rJstotzxtyPwtAC@@YGHPAGD@Z
?ibfHqCqdMyUMdJjdXt@@YGNPAIF@Z
?SyvbPooemwokj@@YGPADIK@Z

Sections

.text
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 96KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.crt
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 135KB - Virtual size: 135KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ