fbde84ebd1065223ef99499ef40b68a8_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

fbde84ebd1065223ef99499ef40b68a8_JaffaCakes118
Size

110KB
MD5

fbde84ebd1065223ef99499ef40b68a8
SHA1

ec54cc46503d2a7558bbbb780c1e9dec86a9db2c
SHA256

1119859cb4fa4296ba6e0fabf6c05656f5bc6a57631edc955497379485a94e58
SHA512

0e2087e7dd82cc76eb415e6fd8534722e0f364f74c9ac169b76078de8ff5d3ffcbefe85500b4748e90e8f7c1eebe1abd9f8bb70b6e231dd3a4440f4c57821c1c
SSDEEP

3072:SSxKjuCLZUDG39U45W1q8uJBDwC4j41Dp9Fq:zK1dUG391s1z6Dwjopj

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
fbde84ebd1065223ef99499ef40b68a8_JaffaCakes118

Files

fbde84ebd1065223ef99499ef40b68a8_JaffaCakes118
.exe windows:5 windows x86 arch:x86

1a2e57ada96bc1d04ad0ea111f6eb452

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

E:\dlavmv\udhPwpk\rajfh.pdb

Imports

shlwapi

StrCmpNW

gdi32

SetTextAlign
ExtFloodFill
SetBkColor
LineTo
ScaleViewportExtEx
SetViewportOrgEx
SetMapMode

kernel32

GetStartupInfoW
GlobalFlags
LoadLibraryW
lstrlenW
Sleep
GetStdHandle
GetProcAddress
lstrcmpiW
GetComputerNameA
GetSystemDefaultLangID
IsBadCodePtr
IsDBCSLeadByte

comdlg32

CommDlgExtendedError
ReplaceTextW
FindTextW

comctl32

CreateStatusWindowW
CreatePropertySheetPageA
DestroyPropertySheetPage
ImageList_Create

user32

DispatchMessageW
ShowScrollBar
GetWindowLongW
CreateIconFromResource
DrawFocusRect
CopyRect
SetLastErrorEx
GetDlgItem
PostQuitMessage
GetWindowRect
UnionRect
IsCharUpperA
GetPropW
IsWindowVisible

Exports

Exports

?yhJsfwbLqeaXlnhfeMzQk@@YGPAGH@Z
?reYnbqfuXlgnmhldtkY@@YGEN@Z
?QhsjQxuv@@YGGD@Z

Sections

.text
Size: 17KB - Virtual size: 17KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.idata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.edata
Size: 512B - Virtual size: 167B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.temp
Size: 75KB - Virtual size: 75KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.crt
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

1a2e57ada96bc1d04ad0ea111f6eb452

Headers

File Characteristics

PDB Paths

Imports

shlwapi

gdi32

kernel32

comdlg32

comctl32

user32

Exports

Exports

Sections

.text Size: 17KB - Virtual size: 17KB

.idata Size: 1KB - Virtual size: 1KB

.edata Size: 512B - Virtual size: 167B

.temp Size: 75KB - Virtual size: 75KB

.data Size: 5KB - Virtual size: 17KB

.crt Size: 4KB - Virtual size: 4KB

.rsrc Size: 3KB - Virtual size: 3KB

.reloc Size: 2KB - Virtual size: 2KB

.text
Size: 17KB - Virtual size: 17KB

.idata
Size: 1KB - Virtual size: 1KB

.edata
Size: 512B - Virtual size: 167B

.temp
Size: 75KB - Virtual size: 75KB

.data
Size: 5KB - Virtual size: 17KB

.crt
Size: 4KB - Virtual size: 4KB

.rsrc
Size: 3KB - Virtual size: 3KB

.reloc
Size: 2KB - Virtual size: 2KB