2c8ae0a0991b8d42e35a314e2c0ad5dd_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

2c8ae0a0991b8d42e35a314e2c0ad5dd_JaffaCakes118
Size

227KB
MD5

2c8ae0a0991b8d42e35a314e2c0ad5dd
SHA1

16a409b64675d916c68b5fd8cd18b5683a7a439c
SHA256

7ac16ee934a5c8172acde82802e698775310252061312bd7f25852e3d06138e0
SHA512

c58235723d4b41ee07982acfe3fef482e002b83d542e05e2d3c9b95b9575dafee6d3bf63c846bf68e1018b514c866cd30d0532c189d1d6ec7396afd26bbf79fb
SSDEEP

6144:ZXlvZSreoBbimdJaE81q1MMfGZBGnYgY:vh1mK1oMMfGZkYgY

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2c8ae0a0991b8d42e35a314e2c0ad5dd_JaffaCakes118

Files

2c8ae0a0991b8d42e35a314e2c0ad5dd_JaffaCakes118
.exe windows:5 windows x86 arch:x86

7cbdfb4b3a74a4907995e684fa203194

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

F:\Pfnzuwf\hVlnau\gqqr\jXhk\twDYJSKr.pdb

Imports

shlwapi

PathIsPrefixA
PathFindFileNameA

user32

TabbedTextOutW
GetKeyboardLayoutNameW
CheckRadioButton
RegisterWindowMessageA
IsCharAlphaNumericA
CharUpperBuffW
GetNextDlgGroupItem
FillRect
IsWindowUnicode
EnumThreadWindows
SendMessageTimeoutA
EnableWindow
CharUpperA
SendDlgItemMessageW

gdi32

Polygon
GetObjectA
EnumFontFamiliesW
SetWindowOrgEx
GetFontData
CreateICW

comctl32

ImageList_Remove
ImageList_Draw
ImageList_GetImageCount

kernel32

lstrlenW
GetLocalTime
GetTickCount
GetCurrentProcess
GlobalDeleteAtom
lstrcatW
GetStartupInfoW
ExitProcess
OpenEventA
VirtualFree

Exports

Exports

?tzzXZTL@@YGF_N@Z
?eovv_mllgjHKMACR_HU@@YGI_NPAG@Z
?GFW_GEzKBd@@YGDI@Z
?crn_gNUBLWNSF_@@YGJM@Z
?sg_dpoeu_e_wAExbss@@YGPAHMJ@Z
?_bq_z_zg_wsXZ@@YGPAIJ@Z
?efuvsVbNNKIHX@@YGEEG@Z
?HKDUC_Zaa__CLF_QgB_OB@@YGPAXFI@Z
?MA_OLUgf_uydmGKzl___j@@YGIGF@Z
?ESPT_S_J_Wh__e_e_iIN@@YGXPAK@Z
?Q__ZQEkqw@@YGKPAGH@Z
?gw_ceu_WpywR_YZMPU@@YGKPA_NF@Z
?XlsGAKL__js_@@YGXIN@Z
?Gpyxiypr_klno_xyjf@@YGXPAN@Z
?nvlA_yjplkWGJbLuy_FPH@@YGJH@Z
?vuTO_DW_pZZ@@YGJE@Z
?UGQUD_M_f@@YGGDPAJ@Z

Sections

.text
Size: 87KB - Virtual size: 86KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.dinfo
Size: 66KB - Virtual size: 229KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 67KB - Virtual size: 66KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

7cbdfb4b3a74a4907995e684fa203194

Headers

File Characteristics

PDB Paths

Imports

shlwapi

user32

gdi32

comctl32

kernel32

Exports

Exports

Sections

.text Size: 87KB - Virtual size: 86KB

.dinfo Size: 66KB - Virtual size: 229KB

.data Size: 67KB - Virtual size: 66KB

.rsrc Size: 4KB - Virtual size: 4KB

.reloc Size: 2KB - Virtual size: 1KB

.text
Size: 87KB - Virtual size: 86KB

.dinfo
Size: 66KB - Virtual size: 229KB

.data
Size: 67KB - Virtual size: 66KB

.rsrc
Size: 4KB - Virtual size: 4KB

.reloc
Size: 2KB - Virtual size: 1KB