0a028e907281c202241f06b9c56a566b_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

0a028e907281c202241f06b9c56a566b_JaffaCakes118
Size

204KB
MD5

0a028e907281c202241f06b9c56a566b
SHA1

b11edc645461459140cca9be0d94741484d0dea2
SHA256

8aa677fadfdd430419f399f83010910d980b9127d15839a1632fafbdf349bfba
SHA512

7eb43dafbe07a6bdfa1869fbd2575f45c5a30764b18481853c54e5d4f8d9c37d675b64c08c0d05f28b823fd2e4e605ca1034a84da29c49646dbf745a02c04ae1
SSDEEP

3072:dbl42dScxqxm7z8h5d+ZERYr1kaK7VHOKKKYVRsJrBRZZcNBID+njduHAjVggJNZ:LN/k0LS79T3JrrcNqojd3/Ns2RAN

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0a028e907281c202241f06b9c56a566b_JaffaCakes118

Files

0a028e907281c202241f06b9c56a566b_JaffaCakes118
.exe windows:5 windows x86 arch:x86

f06fa234677cd1cbfa612a9b7432d246

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

T:\niuxofZljrpdr\eRoWnsmNrgtpz\DqbCNehWRx\JtlfVyfkwdwe\yZUNigqCzmMvtq.pdb

Imports

advapi32

SetSecurityDescriptorOwner

version

VerInstallFileA

kernel32

RegisterWaitForSingleObject
GetAtomNameA
VirtualFree
GetCommTimeouts
CreateFileMappingA
DeleteFileA
HeapWalk
GetSystemTimeAdjustment
CopyFileW
GlobalFindAtomW
GetCommState
GlobalGetAtomNameA
GetExitCodeThread
FileTimeToSystemTime
SetCommState
GetLastError
GetShortPathNameW
GetSystemDefaultLangID

gdi32

SaveDC
GetTextExtentPointW
CreateCompatibleBitmap
SetTextColor
RemoveFontResourceW
LPtoDP
PolyBezier
ExtTextOutA
GetStockObject
CreateRectRgnIndirect
ScaleWindowExtEx
AddFontResourceW
SetViewportOrgEx
TextOutA
SetWindowOrgEx
GetBkMode

comdlg32

GetSaveFileNameA
PrintDlgExW
ReplaceTextW

user32

CharUpperBuffA
EndPaint
PostThreadMessageA
MonitorFromPoint
TranslateMessage
GetActiveWindow
DialogBoxParamW
GetMonitorInfoW
SetDlgItemTextA
LockWindowUpdate
InflateRect
DrawIcon
MapVirtualKeyA
GetDialogBaseUnits
RegisterWindowMessageA
ReplyMessage
TranslateAcceleratorA
GetNextDlgGroupItem
TabbedTextOutW
EnableMenuItem
OpenDesktopW
GetSysColorBrush
SendMessageTimeoutW
EndDialog
ChangeMenuW
SetForegroundWindow
AllowSetForegroundWindow
OpenClipboard
IsCharAlphaW
SetWindowPos
CharUpperA
ScreenToClient
SendDlgItemMessageW
GetMenuCheckMarkDimensions
TrackPopupMenu
GetAltTabInfoW
FrameRect
GetUpdateRgn

msvcrt

memcpy

Exports

Exports

?ValidateSDKldjhJLD@@YGKEPA_WG#Z

Sections

.text
Size: 66KB - Virtual size: 65KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.idat
Size: 512B - Virtual size: 340B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.dat_0
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.dat_1
Size: 512B - Virtual size: 99B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.dat_2
Size: 1024B - Virtual size: 994B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.xdiag
Size: 512B - Virtual size: 28B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.ydiag
Size: 512B - Virtual size: 98B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.mem
Size: - Virtual size: 82KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 132KB - Virtual size: 132KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f06fa234677cd1cbfa612a9b7432d246

Headers

File Characteristics

PDB Paths

Imports

advapi32

version

kernel32

gdi32

comdlg32

user32

msvcrt

Exports

Exports

Sections

.text Size: 66KB - Virtual size: 65KB

.idat Size: 512B - Virtual size: 340B

.dat_0 Size: 2KB - Virtual size: 1KB

.dat_1 Size: 512B - Virtual size: 99B

.dat_2 Size: 1024B - Virtual size: 994B

.xdiag Size: 512B - Virtual size: 28B

.ydiag Size: 512B - Virtual size: 98B

.data Size: 3KB - Virtual size: 2KB

.mem Size: - Virtual size: 82KB

.rsrc Size: 132KB - Virtual size: 132KB

.reloc Size: 2KB - Virtual size: 1KB

.text
Size: 66KB - Virtual size: 65KB

.idat
Size: 512B - Virtual size: 340B

.dat_0
Size: 2KB - Virtual size: 1KB

.dat_1
Size: 512B - Virtual size: 99B

.dat_2
Size: 1024B - Virtual size: 994B

.xdiag
Size: 512B - Virtual size: 28B

.ydiag
Size: 512B - Virtual size: 98B

.data
Size: 3KB - Virtual size: 2KB

.mem
Size: - Virtual size: 82KB

.rsrc
Size: 132KB - Virtual size: 132KB

.reloc
Size: 2KB - Virtual size: 1KB