e035ce023b6d199b8b39cdc7f79b6a2f_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

e035ce023b6d199b8b39cdc7f79b6a2f_JaffaCakes118
Size

210KB
MD5

e035ce023b6d199b8b39cdc7f79b6a2f
SHA1

2c9c3b4f81e1c2bf30b6aa1eb0cbbdc209e58e3d
SHA256

a8db260f3f2649faddc7fffd71aedcdfbec8b85cf9bd8fe3846ec2c2c88727b4
SHA512

6b5df5508132fc40d921d43c5c7ca163ab700b0f2cf1dcf8621a5b58609e077533b63b5da3045f3f24ed287df59bd25d6acef970c2c1721479e9c53b6726148f
SSDEEP

6144:o/JdJ4swlsVQjH5vkGYjCmsQ/dxFat5CV3yJEm6:6wlPjZvkem3oYl

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
e035ce023b6d199b8b39cdc7f79b6a2f_JaffaCakes118

Files

e035ce023b6d199b8b39cdc7f79b6a2f_JaffaCakes118
.exe windows:5 windows x86 arch:x86

d95ed28cc24323939246c0f63f89feef

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

X:\dicKovwxqUS\nwvgBsxUNd\MNjcnntuKiNvcm.pdb

Imports

advapi32

IsWellKnownSid
CreateWellKnownSid

user32

SetWindowPos
GetDCEx
CheckRadioButton
CloseDesktop
FindWindowExW
PeekMessageA
SetRect
DrawTextW
CreateWindowExA
DestroyCaret
RemoveMenu
SetMenu
LoadCursorW
ScreenToClient
DrawIconEx
MapVirtualKeyW
SetSysColors
MapWindowPoints
SetDlgItemInt
GetDlgCtrlID
TranslateAcceleratorW
ChildWindowFromPoint
SetUserObjectInformationW
GetScrollPos
SetMenuItemBitmaps
InternalGetWindowText
GetDlgItemTextA
GetClassInfoW
GetCaretPos
EnableMenuItem
RemovePropW
TranslateMessage
PostThreadMessageA
IsDlgButtonChecked
AdjustWindowRectEx
SetCursor

kernel32

ConvertDefaultLocale
lstrcmpW
CompareStringA
lstrcatW
VirtualQuery
GlobalLock
QueryDosDeviceW
GetSystemDirectoryA
LocalAlloc
CreateRemoteThread
OpenSemaphoreW
CallNamedPipeW
IsBadStringPtrW
GetFileAttributesExA
LocalFree
GetUserDefaultUILanguage
ExitProcess
SizeofResource
GlobalAddAtomW
FindNextFileA

msvcrt

_controlfp
vswprintf
iswspace
__set_app_type
__p__fmode
__p__commode
strcspn
_amsg_exit
localtime
_initterm
_acmdln
strtoul
islower
putc
exit
_ismbblead
rand
_XcptFilter
wcsncmp
_exit
_cexit
iswprint
__setusermatherr
__getmainargs

gdi32

RestoreDC
CreateDIBSection
IntersectClipRect
GetTextExtentPointW
ResizePalette
DeleteObject
ScaleViewportExtEx
CreateFontIndirectA
SetDIBitsToDevice
GetBkMode
UnrealizeObject
EnumFontFamiliesExW
LineTo
GetSystemPaletteUse
SetTextAlign

Exports

Exports

?TryEnterCriticalSectionJKDJHLJHKDljfjhl@@YGKEPA_WG@Z

Sections

.text
Size: 176KB - Virtual size: 176KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.geo
Size: 512B - Virtual size: 28B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.iod
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.dbg
Size: 512B - Virtual size: 69B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.top
Size: 512B - Virtual size: 463B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bott
Size: 512B - Virtual size: 140B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 24KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d95ed28cc24323939246c0f63f89feef

Headers

File Characteristics

PDB Paths

Imports

advapi32

user32

kernel32

msvcrt

gdi32

Exports

Exports

Sections

.text Size: 176KB - Virtual size: 176KB

.geo Size: 512B - Virtual size: 28B

.iod Size: 2KB - Virtual size: 2KB

.dbg Size: 512B - Virtual size: 69B

.top Size: 512B - Virtual size: 463B

.bott Size: 512B - Virtual size: 140B

.data Size: 2KB - Virtual size: 1KB

.rsrc Size: 24KB - Virtual size: 24KB

.reloc Size: 2KB - Virtual size: 1KB

.text
Size: 176KB - Virtual size: 176KB

.geo
Size: 512B - Virtual size: 28B

.iod
Size: 2KB - Virtual size: 2KB

.dbg
Size: 512B - Virtual size: 69B

.top
Size: 512B - Virtual size: 463B

.bott
Size: 512B - Virtual size: 140B

.data
Size: 2KB - Virtual size: 1KB

.rsrc
Size: 24KB - Virtual size: 24KB

.reloc
Size: 2KB - Virtual size: 1KB