dfb6db50ad658b0940eeeaecf388a0e1_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

dfb6db50ad658b0940eeeaecf388a0e1_JaffaCakes118
Size

134KB
MD5

dfb6db50ad658b0940eeeaecf388a0e1
SHA1

a492740ca93ce5f1391037395b6ca2dcbeb807d7
SHA256

8a671eb01aa51c1c287f5d91817841303ef59abe976a48d4d5a6b2009ce60d63
SHA512

b0d1cb3079cefab58388ac19a2f01ad917b9c70eb99f938df523c2e7c7947acf4193e54d6c8d37528fa2dbb57f9c352c3b9fcd1a3dc5d9772bd56cb29d78d393
SSDEEP

3072:OX2OUECT8BRjdqCg5CBn+hiQLSJRU3Vkry1LMeIUcd+q:SUECT81Z+hioSJ2arz

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
dfb6db50ad658b0940eeeaecf388a0e1_JaffaCakes118

Files

dfb6db50ad658b0940eeeaecf388a0e1_JaffaCakes118
.exe windows:5 windows x86 arch:x86

6769f9b0e4a7c25516115d6ac11046d8

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

R:\kbWtwuuHZkzqEe\WlrPciwCzReZ\nRwssUtu\surrOXlsosdJmk\yefQgfkyhyzuf.pdb

Imports

user32

IsCharUpperW
wsprintfW
KillTimer
GetForegroundWindow
IsCharUpperA
GetWindowDC
DefWindowProcA
InvertRect
PostMessageW
SetDlgItemTextA
FindWindowW

kernel32

CancelIo
LoadLibraryA
GetModuleHandleW
GetModuleFileNameA
lstrlenA
LoadLibraryExA
GetSystemDefaultUILanguage
GetBinaryTypeA
lstrcpyA
LoadLibraryW

gdi32

PolyBezier
BitBlt
LineTo
DPtoLP
CreateHatchBrush

msvcrt

_controlfp
__set_app_type
strlen
__p__fmode
wcstoul
islower
__p__commode
_amsg_exit
_initterm
_ismbblead
vsprintf
_XcptFilter
_exit
_cexit
__setusermatherr
__getmainargs

shlwapi

UrlEscapeA
ChrCmpIW

Exports

Exports

?CreateDlgMessage@@YGHPAXPADK|U

Sections

.text
Size: 26KB - Virtual size: 25KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.xyz
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 105KB - Virtual size: 230KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE