f5ca4bd629b4b42c49dbf92e0ee21f1a_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

f5ca4bd629b4b42c49dbf92e0ee21f1a_JaffaCakes118
Size

180KB
MD5

f5ca4bd629b4b42c49dbf92e0ee21f1a
SHA1

8602f9f2fdbe206d808f1798be7e342e0ada6330
SHA256

e567271315c68be07b68a98d14742c065600c57272c4e190e467fd16cb9be54e
SHA512

d76fb0b3b949693792306e0ad952fa6b90893fd44ef8e184a16a65fd3fe72170f0f76570662e7c199a6b78b6145ce9bc6a2de68096d33093e9296182d1cb5b66
SSDEEP

1536:2jMEcqCCMttokIOBMoOr5ZLnLkbZ5Saeynpc22ELIwpb2gq0:6TMDI4Mokn2Z5Cyn+xwlq

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f5ca4bd629b4b42c49dbf92e0ee21f1a_JaffaCakes118

Files

f5ca4bd629b4b42c49dbf92e0ee21f1a_JaffaCakes118
.exe windows:5 windows x86 arch:x86

4814502ca6e2160d367eb4ddab0b83c0

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

R:\syyyebI\lJre\eccyx.pdb

Imports

shlwapi

UrlUnescapeA
StrCmpNA
PathMakePrettyW

comdlg32

FindTextW
ChooseFontW
GetSaveFileNameW
PrintDlgW

kernel32

lstrcatA
GetUserDefaultLangID
GetSystemWindowsDirectoryA
GetFileAttributesExW
VirtualAlloc
FindFirstFileW
CreateEventW
GetSystemWindowsDirectoryW
CancelWaitableTimer
GetAtomNameW
DefineDosDeviceW
GetSystemTimeAdjustment
lstrcmpiW
SetNamedPipeHandleState
VerifyVersionInfoW
FindResourceExW

gdi32

CreateDCW
LPtoDP
SetMapMode
EndPath
RealizePalette
CreatePolygonRgn
ScaleViewportExtEx
ResizePalette
SaveDC
TextOutA
GetROP2
GetViewportOrgEx
ExcludeClipRect

user32

GetWindowRect
IsCharUpperA
PostQuitMessage
SetCursor
DefDlgProcW
GetMenuCheckMarkDimensions
DialogBoxParamA
CharPrevW
LoadCursorA
GetWindowLongA
GetMessageTime
GetMenuState
DeferWindowPos
GetSysColor
SetActiveWindow
DestroyIcon
DeleteMenu
SetWindowRgn
SetDlgItemTextA
CreatePopupMenu
CreateWindowExW
ShowCursor
RegisterClassExA
GetWindowTextW
DefFrameProcA
SetCursorPos
SetMenuItemBitmaps
LoadIconA

Exports

Exports

?qidy_R_KEGyu_@@YGHM@Z
?upfggebvXDPNA___VO@@YGPAXPAGPAG@Z
?_TSBIEEDZUK@@YGFGE@Z
?rzjlCEGXKl@@YGPADPAKE@Z
?unlCzfqZpaKQM_O_HI___@@YGPAJMD@Z
?N_X_E__Ca_mxrdK_@@YGPAHPAK@Z
?__HOFST@@YGPAEE@Z
?TDXMKGFNr_jH@@YGXE@Z
?kb_SHV_ZKeMZ@@YGPAXF@Z
?YBXLUJ_Q_AAcH_R@@YGPANFPA_N@Z
?__ZZASG_TAXW_SZSuedg@@YGIPAFK@Z
?fgojktoFAOE_WNfo__xSKA@@YGPAHI@Z
?_CAFIPA_LSYCA_JW_Hhow@@YGMF@Z
?_uzIHNDUIC_NV_B@@YGFPAH@Z
?v__lpuujtpZ_YpEN@@YGPANE@Z

Sections

.text
Size: 64KB - Virtual size: 304KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.xdata
Size: 57KB - Virtual size: 57KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rdata
Size: 47KB - Virtual size: 46KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 5KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

4814502ca6e2160d367eb4ddab0b83c0

Headers

File Characteristics

PDB Paths

Imports

shlwapi

comdlg32

kernel32

gdi32

user32

Exports

Exports

Sections

.text Size: 64KB - Virtual size: 304KB

.data Size: 2KB - Virtual size: 2KB

.xdata Size: 57KB - Virtual size: 57KB

.rdata Size: 47KB - Virtual size: 46KB

.rsrc Size: 5KB - Virtual size: 8KB

.reloc Size: 2KB - Virtual size: 1KB

.text
Size: 64KB - Virtual size: 304KB

.data
Size: 2KB - Virtual size: 2KB

.xdata
Size: 57KB - Virtual size: 57KB

.rdata
Size: 47KB - Virtual size: 46KB

.rsrc
Size: 5KB - Virtual size: 8KB

.reloc
Size: 2KB - Virtual size: 1KB