f576f66311f63222392d3d6b383df09b_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

f576f66311f63222392d3d6b383df09b_JaffaCakes118
Size

220KB
MD5

f576f66311f63222392d3d6b383df09b
SHA1

c56c17f178dac1a16cbbae6bd15207d8fca127f0
SHA256

544d87b24ba3052f90939f8a02136871bd9b4d944faccb7fd4d0b006d1970199
SHA512

1beb8023bd40b6067da84cab5470c75340ec000a1f385f08a34609da793a33d76579f6af73d4a343e5274545a6203e795610d73f4798987dd29b318dd244e952
SSDEEP

3072:wXNCPd+ma7GrqhueJXkSnbRO4jim/aF+rSYgYI9t+dWQsBSTBXF49FPkZ4ZMc:Ng36u7JXhbIt5/9t/FSqF8

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f576f66311f63222392d3d6b383df09b_JaffaCakes118

Files

f576f66311f63222392d3d6b383df09b_JaffaCakes118
.dll windows:5 windows x86 arch:x86

ffcfd70ebe3eb0a031a1bc65c3005cef

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

E:\XesoTlYz\jkjr\VkntyE\rqhrx\qPlphe.pdb

Imports

user32

CloseDesktop
IsCharLowerW
InflateRect
SendMessageTimeoutW
GetMenuStringA
DrawCaption
DrawStateA
WindowFromPoint
GetCursorPos
IsWindowUnicode
CopyImage
LoadIconA
FindWindowA
DrawTextExW

gdi32

CreateBrushIndirect
CreateFontIndirectW
SetLayout
CreateDIBSection
StartDocW

comctl32

CreatePropertySheetPageW
ImageList_Remove
ImageList_Create
PropertySheetA

comdlg32

GetOpenFileNameA
GetSaveFileNameA
PrintDlgExW
PrintDlgW

kernel32

SetEvent
GetCurrentProcess
UnmapViewOfFile
GetCurrentProcessId
GetTempPathA
EnumResourceLanguagesA
CloseHandle
lstrcatA
GetCommConfig

shlwapi

PathFindExtensionA

Exports

Exports

?AYV__XM_TkimHESNLu_kqR@@YGDPAKE@Z
?yp_uyadfixrqu@@YGXJK@Z
?PGRaefsl__tnTAP@@YGIPAM@Z
?HIDYIULAG__@@YGPAJJPAE@Z
?RhuosPZQ_I_ihoth@@YGXHE@Z
?rkRMS_TMntcevEYOFgr@@YGGFK@Z
?_bxrdbyvsFRFCWAC_WJNGF@@YGXPA_ND@Z
?DRXGjql_s_e_@@YGDDPAG@Z
?JYGFNKSMW_mG@@YGFPAE@Z
?e_ajfPTX_E_@@YGHMPAN@Z
?YK_RDO_hbqfKBjZtk_qt@@YGPAJGPAJ@Z
?X_DxevFEGbF_A_FF_TOQ_z@@YGHKE@Z
?UZsfsD_NVP_V_WOy_xy__@@YG_N_N@Z
?iT___bmyf_i@@YGPAKDPAI@Z
?D__O_MY_E_ZLWtw_@@YGPAXN@Z
?zdn__jP_ZYZQH_D@@YGPAXH@Z

Sections

.text
Size: 103KB - Virtual size: 103KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 187B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

DATA1
Size: 33KB - Virtual size: 33KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

DATA2
Size: 77KB - Virtual size: 240KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ffcfd70ebe3eb0a031a1bc65c3005cef

Headers

File Characteristics

PDB Paths

Imports

user32

gdi32

comctl32

comdlg32

kernel32

shlwapi

Exports

Exports

Sections

.text Size: 103KB - Virtual size: 103KB

.rdata Size: 512B - Virtual size: 187B

.data Size: 3KB - Virtual size: 2KB

DATA1 Size: 33KB - Virtual size: 33KB

DATA2 Size: 77KB - Virtual size: 240KB

.rsrc Size: 512B - Virtual size: 16B

.reloc Size: 1KB - Virtual size: 1KB

.text
Size: 103KB - Virtual size: 103KB

.rdata
Size: 512B - Virtual size: 187B

.data
Size: 3KB - Virtual size: 2KB

DATA1
Size: 33KB - Virtual size: 33KB

DATA2
Size: 77KB - Virtual size: 240KB

.rsrc
Size: 512B - Virtual size: 16B

.reloc
Size: 1KB - Virtual size: 1KB