11ad0a3c883ddfd01932b3f5862a4ecf_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

11ad0a3c883ddfd01932b3f5862a4ecf_JaffaCakes118
Size

208KB
MD5

11ad0a3c883ddfd01932b3f5862a4ecf
SHA1

0b544531b74d5ce35c5451e93676ca4f482d7bd9
SHA256

80ffa49093b27c40aba361242e37f603ff82347f402588b03f23862564463ae3
SHA512

34aa2d2f77cc746fe0feffadd7fe280f592132e5977639af2af34a0eb51e7f3219d36d04f03a854d80902f1a51da756425780f2851784d62ab538f2b8868ea39
SSDEEP

6144:kZ8v3gV4jTp8Sj9PZmxBLmVYJjUG23fIoAK:kq3gVeSu9PZIs3fIoAK

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
11ad0a3c883ddfd01932b3f5862a4ecf_JaffaCakes118

Files

11ad0a3c883ddfd01932b3f5862a4ecf_JaffaCakes118
.exe windows:5 windows x86 arch:x86

ddbbd4f5c17ad3370ba385e0ae3f6578

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

L:\vHvixWjvleuthu\XvZjXXfwwwGum\golqhdnbbvgtf\bMGKapKxrvvmR.pdb

Imports

comctl32

CreatePropertySheetPageA
ImageList_LoadImageW
DestroyPropertySheetPage
ImageList_AddMasked

user32

PostThreadMessageW
SendInput
CreateIconFromResource
MessageBoxA
DestroyAcceleratorTable
DefWindowProcA
CharToOemW
DestroyIcon
GetMessagePos
LockWindowUpdate
ScrollWindowEx
MessageBoxW
GetMenuItemCount
mouse_event
GetAltTabInfoW
IsMenu
keybd_event
HiliteMenuItem
AppendMenuA
SendMessageTimeoutW
GetWindowTextW
OpenIcon
CheckMenuItem
CreateCursor
UnionRect
LoadImageA
IsRectEmpty
DrawStateW
GetMessageW
TranslateAcceleratorA
MapVirtualKeyA
IsWindowVisible
InsertMenuW
CharToOemBuffA
KillTimer
TranslateMessage
ShowWindowAsync
GetDialogBaseUnits

version

VerQueryValueA

gdi32

GetObjectA
UnrealizeObject
ExcludeClipRect
DeleteObject
GetBitmapBits
PtInRegion
SetDIBits
CreateRoundRectRgn
DeleteDC
CreatePalette
GetDIBColorTable
GetLayout
SetRectRgn
IntersectClipRect
CreateFontIndirectA
CreateDCW

kernel32

SetSystemTimeAdjustment
SetLocalTime
TryEnterCriticalSection
WaitCommEvent
LoadLibraryA
GetTempPathW
GetCommProperties
GlobalFindAtomW
HeapCreate
GetUserDefaultLangID
FindNextFileW
ReleaseSemaphore
CopyFileA
MoveFileA
GetBinaryTypeA
GetCommandLineW
lstrlenW
SetFileApisToOEM

msvcrt

memcpy

Exports

Exports

AlphaBlend
GradientFill
TransparentBlt
?SjsjjshuyYShs@@YGKEPA_WG@Z

Sections

.text
Size: 56KB - Virtual size: 56KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.debug
Size: 512B - Virtual size: 116B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bld_1
Size: 512B - Virtual size: 320B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bld_2
Size: 512B - Virtual size: 320B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bld_3
Size: 512B - Virtual size: 368B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1KB - Virtual size: 84KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 13KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 132KB - Virtual size: 131KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ddbbd4f5c17ad3370ba385e0ae3f6578

Headers

File Characteristics

PDB Paths

Imports

comctl32

user32

version

gdi32

kernel32

msvcrt

Exports

Exports

Sections

.text Size: 56KB - Virtual size: 56KB

.debug Size: 512B - Virtual size: 116B

.bld_1 Size: 512B - Virtual size: 320B

.bld_2 Size: 512B - Virtual size: 320B

.bld_3 Size: 512B - Virtual size: 368B

.data Size: 1KB - Virtual size: 84KB

.rdata Size: 13KB - Virtual size: 12KB

.rsrc Size: 132KB - Virtual size: 131KB

.reloc Size: 2KB - Virtual size: 1KB

.text
Size: 56KB - Virtual size: 56KB

.debug
Size: 512B - Virtual size: 116B

.bld_1
Size: 512B - Virtual size: 320B

.bld_2
Size: 512B - Virtual size: 320B

.bld_3
Size: 512B - Virtual size: 368B

.data
Size: 1KB - Virtual size: 84KB

.rdata
Size: 13KB - Virtual size: 12KB

.rsrc
Size: 132KB - Virtual size: 131KB

.reloc
Size: 2KB - Virtual size: 1KB