175b41948e9391c3ba593dd9f20aebf4_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

175b41948e9391c3ba593dd9f20aebf4_JaffaCakes118
Size

166KB
MD5

175b41948e9391c3ba593dd9f20aebf4
SHA1

0e6dce9b2329a25a52805a99c99be6d34d4922f0
SHA256

8350132df64ada7e8afabbb0e759525e8b1d0846917bfc99a1e9c3a87a4210f8
SHA512

1789e46ffd2e2a3df5b8fb6e0bfe6e2f3b43857a47e32b63160dddf3f231078e4c252f44befde2c296bb5f33033914f27cad18ca12c231270da78eaad2e11de1
SSDEEP

3072:ooOwyGnViuSWe7dJi+Dm5txjVUPm8C0RNmTi5ru9Z88WFdLmw:1fyGn8uS9xJiHHYPqym25r+WFdLmw

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
175b41948e9391c3ba593dd9f20aebf4_JaffaCakes118

Files

175b41948e9391c3ba593dd9f20aebf4_JaffaCakes118
.exe windows:5 windows x86 arch:x86

f3940f11e02340e82021269db38ecd58

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

M:\dwxiKDdN\pyQknrlalrwwma\xsoveLpgixwbzv\mIrfEhNfqkvfjk\WRveEbXmyENFCw.pdb

Imports

shlwapi

ord29
StrToIntExA

user32

RegisterWindowMessageW
DestroyCaret
IsWindowVisible
GetUpdateRect
GetScrollRange
EndPaint
SetRectEmpty
EnumWindows
CharUpperBuffA
CreateDialogParamW
RemoveMenu
GetMessageA
GetKeyboardType
UnionRect
SendMessageTimeoutW
GetKeyState
SetWindowPos
MapWindowPoints
DrawAnimatedRects
GetWindowLongA
LoadBitmapA
ShowCursor
keybd_event
SetWindowRgn
GetTopWindow
BeginDeferWindowPos
SetScrollRange
OpenIcon
GetMenuState
GetClientRect
SetCursor
DrawMenuBar
LoadImageA
IsCharAlphaNumericW
GetClassInfoExW
DialogBoxIndirectParamA
OemToCharA
DrawIconEx
RegisterClassA
IsWindowUnicode
MonitorFromPoint
SetMenuItemBitmaps
DestroyWindow
GetSysColor

kernel32

GetTempFileNameA
CreateDirectoryA
SetCurrentDirectoryW
GlobalGetAtomNameA
LoadLibraryA
FreeLibrary
AddAtomW
GetTickCount
GetModuleHandleA
ConnectNamedPipe
InitializeCriticalSection
LoadLibraryW
FindFirstChangeNotificationW
SetFileTime
GetComputerNameExW
GetThreadLocale
GetSystemDirectoryA
CancelWaitableTimer
LocalFree
GlobalUnlock
VerifyVersionInfoW
FindResourceExA
lstrcmpiA

msvcrt

mktime
putc
_controlfp
wcscat
iswspace
__set_app_type
strtol
iswalpha
__p__fmode
fgets
strchr
__p__commode
strstr
_amsg_exit
strspn
_initterm
_acmdln
exit
_ismbblead
_XcptFilter
strncmp
swprintf
_exit
_cexit
__setusermatherr
__getmainargs
wcscspn

gdi32

CreateRoundRectRgn
CreateRectRgnIndirect
GetBkMode
CreateDIBSection
GetTextAlign
DPtoLP
GetPixel
RestoreDC
GetTextExtentPoint32A
LineDDA
Polyline
GetCharWidth32W
ExtTextOutA
StartDocW
SetROP2
CreatePenIndirect
StretchDIBits
GetTextMetricsW

Exports

Exports

?GetTimeEx@@YGIGDPA_NPAG~U
?DumpDigitalDataCBhJEB@@YGKGHE@Z
?CloseExpressionNew@@YGNE~U
?SetListExA@@YGHPAFM~U
?IncrementMemoryW@@YGNNJPAE~U

Sections

.text
Size: 21KB - Virtual size: 20KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.init
Size: 512B - Virtual size: 508B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tedat
Size: 512B - Virtual size: 454B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tidat
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 724B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.alloc
Size: - Virtual size: 128KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 135KB - Virtual size: 135KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f3940f11e02340e82021269db38ecd58

Headers

File Characteristics

PDB Paths

Imports

shlwapi

user32

kernel32

msvcrt

gdi32

Exports

Exports

Sections

.text Size: 21KB - Virtual size: 20KB

.init Size: 512B - Virtual size: 508B

.tedat Size: 512B - Virtual size: 454B

.tidat Size: 2KB - Virtual size: 2KB

.rdata Size: 1024B - Virtual size: 724B

.data Size: 2KB - Virtual size: 2KB

.alloc Size: - Virtual size: 128KB

.rsrc Size: 135KB - Virtual size: 135KB

.reloc Size: 2KB - Virtual size: 1KB

.text
Size: 21KB - Virtual size: 20KB

.init
Size: 512B - Virtual size: 508B

.tedat
Size: 512B - Virtual size: 454B

.tidat
Size: 2KB - Virtual size: 2KB

.rdata
Size: 1024B - Virtual size: 724B

.data
Size: 2KB - Virtual size: 2KB

.alloc
Size: - Virtual size: 128KB

.rsrc
Size: 135KB - Virtual size: 135KB

.reloc
Size: 2KB - Virtual size: 1KB