dfa389aecef2e4b1cb0c6bd31083d749_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

dfa389aecef2e4b1cb0c6bd31083d749_JaffaCakes118
Size

121KB
MD5

dfa389aecef2e4b1cb0c6bd31083d749
SHA1

6e0c819ee3a067117022ff87cf52d84f9a6c11c2
SHA256

33e36e263e8cd969aefeb8d86774ad778290ad0a7861dfc305b01537cad4a41d
SHA512

f98a94380098785b65c5f7fe3c830a456290f10cc511a0cf2dce0d04415fb3245af8a8f41cd796ab1a8657a0bd3ac7b60c4d8167c3bc25b41e0a2835196670e4
SSDEEP

3072:IMxkNIcBPw+fo5BwhUqVR0Hc82YwAv6m4SXmn/R:IMx47VHfQBtqVi97vdw

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
dfa389aecef2e4b1cb0c6bd31083d749_JaffaCakes118

Files

dfa389aecef2e4b1cb0c6bd31083d749_JaffaCakes118
.exe windows:5 windows x86 arch:x86

fe5791ea6bdf96a55fbdeb0d8415f995

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

W:\awyvXntLz\nuitNxv\nmIPWYre.pdb

Imports

shell32

ord3
ord9
ord176

kernel32

SetThreadPriority
LocalLock
GetFullPathNameA
GetLastError
GetSystemTimeAdjustment
lstrcpynA
LoadLibraryExW
GlobalUnlock
SetWaitableTimer
SetUnhandledExceptionFilter
FindResourceW
CreateFileW
LCMapStringA
OpenSemaphoreW
FindFirstChangeNotificationW
HeapReAlloc
GetFileAttributesExW
WriteFile
EnumResourceNamesA
ResumeThread
ConvertDefaultLocale
GetAtomNameW
SetSystemTime
SetThreadAffinityMask
SetFileAttributesA
ClearCommError
SetHandleCount
RegisterWaitForSingleObject
SetFilePointer
PulseEvent
FileTimeToSystemTime
TlsSetValue
LocalFree
GlobalMemoryStatus
CreateRemoteThread
GetDateFormatW
GetSystemInfo
SetCommMask
GetModuleFileNameA
FormatMessageW
CompareStringA
GetVersion
lstrcpyA
RtlUnwind
GetAtomNameA
SetCurrentDirectoryA
GetCommandLineW
DisconnectNamedPipe
EnumSystemLocalesA
FreeLibrary
GetSystemTime
GetACP
IsValidLocale
GetFullPathNameW
AreFileApisANSI
GetLocalTime
GetSystemDefaultUILanguage
HeapUnlock
TransactNamedPipe
GetTimeFormatA
lstrcmpW
GetNumberFormatA
GetStdHandle
MoveFileW
GetCurrentThreadId
LocalUnlock
GlobalHandle
CopyFileW
CreateMailslotW
FormatMessageA
GetBinaryTypeA
WaitForSingleObjectEx
GetFileSize
HeapWalk
SizeofResource
HeapValidate
SetThreadLocale
HeapLock
MultiByteToWideChar
SetThreadContext
SetErrorMode
SetPriorityClass
SetThreadExecutionState
ReadFile
FindResourceExW
GetOverlappedResult
LocalSize
SetNamedPipeHandleState
GlobalSize
GetHandleInformation
GetThreadContext
CreateThread
GetLocaleInfoA
GetComputerNameExA
GlobalReAlloc
DuplicateHandle
FoldStringW
GetNumberFormatW
InitializeCriticalSection
SearchPathW
FindNextChangeNotification
DeviceIoControl
CallNamedPipeW
GetProcAddress
CreatePipe
GetSystemWindowsDirectoryA
GetWindowsDirectoryA
GetTempFileNameW
TerminateThread
GetCommState
GetSystemTimeAsFileTime
VirtualFree
OpenEventW
DeleteFileA
SearchPathA
IsBadCodePtr
FindClose
LoadLibraryW
OpenFile
lstrcpynW
LoadResource
DefineDosDeviceW
ConnectNamedPipe
lstrcmpiA
GetComputerNameW
UnlockFile
LocalReAlloc
lstrcmpA
LoadLibraryA
AddAtomW
GetSystemWindowsDirectoryW
SetHandleInformation
lstrcmpiW
EnumResourceNamesW
CreateNamedPipeA
GlobalGetAtomNameW
SetSystemTimeAdjustment
EnumResourceLanguagesA
CompareFileTime
RemoveDirectoryA
HeapCreate
IsBadReadPtr
SetCommBreak
GetCommConfig
GetModuleHandleA
UnmapViewOfFile
GetCommProperties
DeleteAtom
WaitCommEvent
IsDBCSLeadByte
HeapFree
GetFileAttributesA

Exports

Exports

?LoadBitmapAJUHdjhkddjkfguKHJ@@YGKPA_WK@Z

Sections

.text
Size: 44KB - Virtual size: 44KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.itext
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 588B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data_v
Size: - Virtual size: 89KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 68KB - Virtual size: 67KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

fe5791ea6bdf96a55fbdeb0d8415f995

Headers

File Characteristics

PDB Paths

Imports

shell32

kernel32

Exports

Exports

Sections

.text Size: 44KB - Virtual size: 44KB

.itext Size: 4KB - Virtual size: 4KB

.rdata Size: 1024B - Virtual size: 588B

.data Size: 2KB - Virtual size: 1KB

.data_v Size: - Virtual size: 89KB

.rsrc Size: 68KB - Virtual size: 67KB

.text
Size: 44KB - Virtual size: 44KB

.itext
Size: 4KB - Virtual size: 4KB

.rdata
Size: 1024B - Virtual size: 588B

.data
Size: 2KB - Virtual size: 1KB

.data_v
Size: - Virtual size: 89KB

.rsrc
Size: 68KB - Virtual size: 67KB