eb4158ea764430c4899ac6e16a139907_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

eb4158ea764430c4899ac6e16a139907_JaffaCakes118
Size

213KB
MD5

eb4158ea764430c4899ac6e16a139907
SHA1

68086d51748ccbecbf7ac39617f9dbb7d8a78fc1
SHA256

2594b4781120e5f718526aec528eb31a997931dbd91ebd2bd977176cd5b4dc13
SHA512

f92462529e4d2ae99fc452ee22aec9251a50aeeb94b7da52304d28c9a49ebe853acdeeca02cd5061ce778369bb284cc0aff788fe6e6ff834a63eb3131317f890
SSDEEP

3072:+qfPH1FD9BaBwPkBTqCeNoCnTT4zVfHsafB+G8R9GP7v0O75jmrn8k/SNMEki4gG:fX9BwxB+Qr9saA+D1Fm8yDDvnJDtL

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
eb4158ea764430c4899ac6e16a139907_JaffaCakes118

Files

eb4158ea764430c4899ac6e16a139907_JaffaCakes118
.exe windows:5 windows x86 arch:x86

d24cf10a3edbef5e35f9e33e1ddbdd0f

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

Y:\vyQsad\Xfcxdyr\yhbk\AZllbz\hlpixi.pdb

Imports

user32

GetDlgCtrlID
GetTopWindow
GetWindowPlacement
KillTimer
SetCursor
GetLastActivePopup
SetMenuItemInfoW
IsMenu
DeleteMenu
SetFocus
CharUpperBuffA
EqualRect
IsDlgButtonChecked
AllowSetForegroundWindow
SetClassLongW
GetKeyboardType
ShowWindow
FillRect
IsIconic
ChildWindowFromPoint
GetClassInfoW
GetClassNameW
ReplyMessage
DialogBoxParamW
GetIconInfo
HideCaret
DrawMenuBar
DispatchMessageW

ole32

CoInitializeEx
CoUninitialize

kernel32

GetVersion
SetCommTimeouts
GetComputerNameA
DeviceIoControl
GetUserDefaultLCID
ReleaseSemaphore
GetStartupInfoW
GetVersionExA
GetSystemTimeAdjustment
SetThreadAffinityMask
WaitForMultipleObjects
GetWindowsDirectoryA
LocalFree
CreateDirectoryA

gdi32

GetSystemPaletteUse
CreatePenIndirect
SetBkMode
FillRgn
Rectangle
ResizePalette
GetTextMetricsW
OffsetRgn
SetBitmapBits
CreateFontW
BitBlt
CreateFontA
RealizePalette

Exports

Exports

?C_PYOHg_g@@YGPAMGF@Z
?XKUX_J_T_Lp@@YGPAXPANPAK@Z
?QVLAYWWB@@YGPAMF@Z
?_CROEYDSrseVfh@@YGFJH@Z
?LE_ZCbeMHKTCBCWGK__O@@YGMPADJ@Z
?FGr__jqkc_vc@@YGHD@Z
?vvupyPOEVLpqybQ_ON@@YGFE@Z
?upu__O_sW@@YGPADG@Z

Sections

.text
Size: 132KB - Virtual size: 131KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 33KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.mdata
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 33KB - Virtual size: 193KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d24cf10a3edbef5e35f9e33e1ddbdd0f

Headers

File Characteristics

PDB Paths

Imports

user32

ole32

kernel32

gdi32

Exports

Exports

Sections

.text Size: 132KB - Virtual size: 131KB

.rdata Size: 33KB - Virtual size: 32KB

.mdata Size: 12KB - Virtual size: 11KB

.data Size: 33KB - Virtual size: 193KB

.rsrc Size: 512B - Virtual size: 16B

.reloc Size: 1KB - Virtual size: 1KB

.text
Size: 132KB - Virtual size: 131KB

.rdata
Size: 33KB - Virtual size: 32KB

.mdata
Size: 12KB - Virtual size: 11KB

.data
Size: 33KB - Virtual size: 193KB

.rsrc
Size: 512B - Virtual size: 16B

.reloc
Size: 1KB - Virtual size: 1KB