048e508c9976128f39dc10abe0409624_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

048e508c9976128f39dc10abe0409624_JaffaCakes118
Size

203KB
MD5

048e508c9976128f39dc10abe0409624
SHA1

1767cbd62b93dce696eb7cc3ad24f07ac42a7fa5
SHA256

a2cd128797c9c3230c0a1efab8baf290f225086949e309662144586b44f5bd1a
SHA512

f843c641b5bc7a427ccc5e79d085faa489509feee2299b31413b8d5d4857a78e7df3fb9f770ee09114829b49816e86b4904a3352a1adadedd1b9a084193255f5
SSDEEP

3072:E+pVZX5/u6gZMPFwFvvQMsVkxpv5w08zLbNPgYdkxVPeYkXFidfZ7RX7THTfrA:V9u6VaFvvoVep8fbNP9Ol8YZ7RXHg

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
048e508c9976128f39dc10abe0409624_JaffaCakes118

Files

048e508c9976128f39dc10abe0409624_JaffaCakes118
.exe windows:5 windows x86 arch:x86

b674d92bbbc0f43658e577eb4a911692

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

T:\pAvRdknl\yqavntsEucni\Icswxmahldko\zAXxinyBkOtzlL\ocSwunAngoY.pdb

Imports

user32

GetDC
MapDialogRect
ScrollWindowEx
mouse_event
GetDlgItemTextW
VkKeyScanW
SetPropW
GetWindowTextW
RegisterHotKey
GetTopWindow
SetWindowPos
ShowWindowAsync
LoadMenuA
PostMessageW
CharUpperW
IsCharAlphaA
wsprintfW

shlwapi

UrlGetLocationA
UrlIsOpaqueW

kernel32

lstrcpyW
SetThreadAffinityMask
GetTempPathW
lstrcpynA
SetCommBreak
VirtualProtect
SuspendThread
lstrcmpiW
GetModuleFileNameA

msvcrt

_controlfp
iswctype
__set_app_type
__p__fmode
__p__commode
_amsg_exit
memset
gets
_initterm
_ismbblead
_XcptFilter
_exit
_cexit
__setusermatherr
localtime
__getmainargs

gdi32

SetBitmapBits
GetTextExtentPoint32A
BitBlt
SetDIBitsToDevice
AddFontResourceW
GetTextFaceW

Exports

Exports

?TravelCheck@@YGK:O

Sections

.text
Size: 25KB - Virtual size: 24KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdbg
Size: 512B - Virtual size: 121B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.iplan
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.eplan
Size: 512B - Virtual size: 84B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.run
Size: 512B - Virtual size: 299B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.0dat
Size: 171KB - Virtual size: 171KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ram
Size: - Virtual size: 187KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b674d92bbbc0f43658e577eb4a911692

Headers

File Characteristics

PDB Paths

Imports

user32

shlwapi

kernel32

msvcrt

gdi32

Exports

Exports

Sections

.text Size: 25KB - Virtual size: 24KB

.rdbg Size: 512B - Virtual size: 121B

.iplan Size: 1KB - Virtual size: 1KB

.eplan Size: 512B - Virtual size: 84B

.run Size: 512B - Virtual size: 299B

.0dat Size: 171KB - Virtual size: 171KB

.data Size: 2KB - Virtual size: 1KB

.ram Size: - Virtual size: 187KB

.rsrc Size: 512B - Virtual size: 16B

.text
Size: 25KB - Virtual size: 24KB

.rdbg
Size: 512B - Virtual size: 121B

.iplan
Size: 1KB - Virtual size: 1KB

.eplan
Size: 512B - Virtual size: 84B

.run
Size: 512B - Virtual size: 299B

.0dat
Size: 171KB - Virtual size: 171KB

.data
Size: 2KB - Virtual size: 1KB

.ram
Size: - Virtual size: 187KB

.rsrc
Size: 512B - Virtual size: 16B