dd075ee0a7ff8bdec460e0b2f98e9502_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

dd075ee0a7ff8bdec460e0b2f98e9502_JaffaCakes118
Size

186KB
MD5

dd075ee0a7ff8bdec460e0b2f98e9502
SHA1

00b1720a9b0346a4045595235c85ff1e16015646
SHA256

861936bb9f8c027c21b29a16daad71e263901883e48657779460fbc3ed3d4872
SHA512

0b81d58aaacd87dff4ccbb03d007769a954df48d16e7406b93b8004085eb49fba78f12cbabeaefd9691d3202d718c583b960b0554e8a0a97308a830be7c906de
SSDEEP

3072:fmcOBgTv9b6F7vLV+DgvFrzCy8AL83CFPyx+cDrDa4Y71XOk8p0Zlh:fmDBgTlgpdLdBNyx+MMpyI

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
dd075ee0a7ff8bdec460e0b2f98e9502_JaffaCakes118

Files

dd075ee0a7ff8bdec460e0b2f98e9502_JaffaCakes118
.exe windows:5 windows x86 arch:x86

d8b45eb6779f2bc97cfebf9cab56e3d5

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

K:\gTzd\hlnZbO\oBVP\BUvE.pdb

Imports

ntdll

memset

comdlg32

GetOpenFileNameW
PrintDlgW

kernel32

QueryPerformanceCounter
GetStartupInfoW
lstrlenA
GetVersion
GetCurrentDirectoryW
GetConsoleWindow
FindResourceExA
lstrcmpA
WaitForDebugEvent
GetTickCount
FatalAppExitA
SetCurrentDirectoryW
GetCurrentProcessId

gdi32

CreateRectRgnIndirect
CreateDIBSection
SetLayout
CreateFontW
CreateDiscardableBitmap
GetObjectA

user32

PtInRect
GetTopWindow
CreateDialogParamA
TranslateAcceleratorW
RegisterWindowMessageW
DrawFocusRect
GetClassInfoExW
CreateIconFromResource
GetMessagePos
GetParent
TrackPopupMenuEx
IsDialogMessageA
TrackPopupMenu
IsCharAlphaA

shlwapi

StrTrimW
ChrCmpIA
StrToInt64ExA
PathGetDriveNumberW

Exports

Exports

?ivqd_kPapuj_n_@@YG_NM@Z
?fw_t_Hmpnhdy_fb@@YGXPAH@Z
?E_G_KZG_v_z___mreUURo@@YGXJG@Z
?odVEI_hSevhePija@@YGPAHJH@Z
?IBQjjeagpU_cx_VFYN_XW@@YGPAXI@Z
?GFEB_BWQPSJuMZ@@YGXE@Z
?JITWD_C_FHup_B@@YGPAMPAIM@Z
?HTJ_RIcz@@YGKPAN_N@Z
?WFYWGzj_@@YGDI@Z
?KWP_U_Q_ADQQ@@YGEPAH@Z
?_vICWY_@@YGXPAK@Z
?ia_o_r__@@YGKJH@Z
?__eioatvz_vsKDQH@@YGPAJE@Z
?rquc_dTzu___nn@@YG_NPAE@Z
?_oxceohfa_e@@YGFI@Z
?Cdzmdytvdgq@@YG_NJI@Z

Sections

.text
Size: 55KB - Virtual size: 427KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 41KB - Virtual size: 40KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 38KB - Virtual size: 38KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idat
Size: 21KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.pacdat
Size: 21KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d8b45eb6779f2bc97cfebf9cab56e3d5

Headers

File Characteristics

PDB Paths

Imports

ntdll

comdlg32

kernel32

gdi32

user32

shlwapi

Exports

Exports

Sections

.text Size: 55KB - Virtual size: 427KB

.data Size: 41KB - Virtual size: 40KB

.rdata Size: 38KB - Virtual size: 38KB

.idat Size: 21KB - Virtual size: 21KB

.pacdat Size: 21KB - Virtual size: 21KB

.rsrc Size: 5KB - Virtual size: 5KB

.reloc Size: 2KB - Virtual size: 1KB

.text
Size: 55KB - Virtual size: 427KB

.data
Size: 41KB - Virtual size: 40KB

.rdata
Size: 38KB - Virtual size: 38KB

.idat
Size: 21KB - Virtual size: 21KB

.pacdat
Size: 21KB - Virtual size: 21KB

.rsrc
Size: 5KB - Virtual size: 5KB

.reloc
Size: 2KB - Virtual size: 1KB