56e7175fdb315b23eb2f83798a6b671e_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

56e7175fdb315b23eb2f83798a6b671e_JaffaCakes118
Size

167KB
MD5

56e7175fdb315b23eb2f83798a6b671e
SHA1

e27c385f2c1a7e28e3b412349c9916d90bb5a84a
SHA256

b5dcfb7d3cc9da1dd16eb433cbf0fe67c1593fd1c911b647f3dc6555e06bd0e9
SHA512

46afae0e50c207fd2e094011a0d5034e9a1bf8e0fa86c5f2ee88b3fdb087fb737ca908722958f4e16e9d1d52af8dc4106d8c1123f6d86c5ec3357a6a5b903f5e
SSDEEP

3072:5Zo8G4tsoOSFxW6Oh7zdq+PV+F+MKciWCPepKFeli/tsTrT1KOnV6QI7:7lJRFxMxRP+KciWU9YatygOVzi

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
56e7175fdb315b23eb2f83798a6b671e_JaffaCakes118

Files

56e7175fdb315b23eb2f83798a6b671e_JaffaCakes118
.exe windows:5 windows x86 arch:x86

26f3b6e5350fdc78156ea90fc53dec35

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

M:\batuwyaCmTtxjv\WtHnbTriuRTmTpb\CSBiRHfUqvEILGfJ\nTRagkBHsAkrbcLhLz\mchfwiMgyyzhkamr\XkeedNqPuyxaxDrM\wHmcxzMgfdqann\ABxuxElghUmMkpOyT.pdb

Imports

shlwapi

StrToIntA
ChrCmpIA
StrFormatByteSizeA
PathSearchAndQualifyA

user32

SendDlgItemMessageA
GetUserObjectInformationA
SetWindowTextW
GetClientRect
CharPrevW
SendMessageTimeoutA
SetMenuDefaultItem
PostMessageW
ScreenToClient
LoadMenuW
CopyRect
PostMessageA
GetMenuItemID
InvalidateRgn
GetSubMenu
CreateWindowExA
MonitorFromRect
CopyAcceleratorTableW
wsprintfA
DrawMenuBar
WaitForInputIdle
LoadBitmapW
RegisterWindowMessageA
EnableMenuItem
BeginPaint
CheckDlgButton
WaitMessage
CreateDialogParamW
GetSystemMenu

comctl32

ImageList_LoadImageW
CreatePropertySheetPageW
PropertySheetW
ImageList_GetIconSize
ImageList_GetImageCount

kernel32

GetProcessHeap
GetAtomNameA
lstrcmpW
GetSystemDefaultLangID
HeapAlloc
FormatMessageW
lstrcmpiW
MoveFileExW
GetExitCodeThread
SetEvent
IsDBCSLeadByteEx
GetFullPathNameW
lstrlenW
ConnectNamedPipe
SetThreadExecutionState
HeapSize
GetCommTimeouts
FreeLibrary

gdi32

GetObjectA
GetTextExtentPoint32W
SetViewportExtEx
SetRectRgn
CreatePalette
PtVisible
RemoveFontResourceW
GetBkMode
GetDeviceCaps
MoveToEx
CreatePolygonRgn
Ellipse
CreateRectRgnIndirect

Exports

Exports

?bop_acw___as_ibyLm@@YGPAHPAD@Z
?Kjo_bfy@@YGPAKMPA_N@Z
?ZB_OPVC_IXz@@YGGN@Z
?z__enzeogd__@@YGJD@Z
?GBYCH_L_BKDN_T@@YGGK@Z
?__b___h_a_IH_JHPVEJ@@YGHG@Z
?_kxx_ROnbN_@@YGPAHH@Z
?_V_JXH_RPBews_lrge@@YGXF@Z
?m__rvf_ndCB_D_IF_lldn@@YGFK@Z
?HtC_KKdn@@YGEJ@Z
?hfc_iobx_zvu_@@YGKD@Z
?S_W_B_APYAW_Um@@YGPAXPAM@Z
?fgcqq_wnd@@YGPAII@Z
?___iwhtsp@@YGJPAG@Z
?VESHGKM_RYG@@YGFPAH@Z
?xwu_v_x_PBK_Oya_etzux@@YGPAM_NPAI@Z
?_M_H_UKT@@YGDPAED@Z
?OKezydto__TXS@@YGXPAHD@Z
?NSu_hd_kCA_D@@YGPAFJ@Z
?kxn__oBG_G@@YGIPAEPAN@Z
?_xy_mnnKSQ@@YGPAJJM@Z
?cvXBTBJM__@@YGXMPAN@Z
?KuzM_QNGyuXN@@YGEG@Z
?dwbw___TKSFI@@YGPAXPAD@Z
?_WECUHCE_mqdi_ibx_@@YGHPAEG@Z
?uomzy_KED_@@YGHDK@Z
?v_wXQxcuh@@YGDEPAJ@Z
?JDyhckwSFArc@@YGHJ@Z
?_S_OMBNyvcqij_lg@@YGPAJK@Z
?P_UJIU_ufVCD_K__Ig_tT@@YGINPA_N@Z
?ig_WPJNSD_O_oohjF_X_Z@@YGHF@Z
?ZNWtjjHF@@YGEHPAF@Z
?pwhulTUJDE__E_ZE_G@@YGPAGKPAE@Z
?fekgM_WPbsdezhLNKan@@YGHPADPAE@Z
?URP_cl_law__IZR_MWWmq@@YGMI@Z
?hq_ddjyl_ho_Y_Dkxhx_i@@YGED@Z
?_NwyfU_RBxC@@YGKFM@Z
?XWGS__M@@YGHFPAD@Z
?mle_fjF_PSXG@@YGX_NPAI@Z
?vyvlaWHE_XPw_grV_U_Ew@@YGFMK@Z
?qifoxam_w_TB_FSDzg@@YGKK@Z
?c_wA_WjAEG@@YGPAXPAGG@Z
?csdrefkHOSl_@@YGPAXJPAM@Z
?a__indpSDZZu@@YGPAJD@Z
?HH_DG_KWM_IG@@YGIEN@Z
?hnflt_zlgIEB_@@YGDD@Z
?KO__Xktgzla@@YGPAGHN@Z
?AFZ_KY_yi@@YG_NKH@Z
?w_eTK_S__R_@@YGPAXG@Z
?tkdYX_c_gun_B__ZHNwuC@@YGGPAD@Z
?JQFSV_NSBVIHv_YY_PJLFL@@YGMIPAI@Z
?_YK_Wp_P_Hlgeoqa_mf_if@@YGKN@Z
?_mmwwocanhmtyrmgp@@YGPAGJH@Z
?_RFJOJ___ASptkgwuufRL@@YGJPAFG@Z
?__qjihvxUI@@YGPAXPAK@Z
?WZs_BMXDWSJEZV_v_s_d_@@YGJF@Z
?Lj_mon_o_dbhUC_HHMJ@@YGXGM@Z
?oe_eM_ZHDNlx_squ_ZYYN@@YGHPAEI@Z

Sections

.text
Size: 108KB - Virtual size: 108KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 41KB - Virtual size: 392KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

26f3b6e5350fdc78156ea90fc53dec35

Headers

File Characteristics

PDB Paths

Imports

shlwapi

user32

comctl32

kernel32

gdi32

Exports

Exports

Sections

.text Size: 108KB - Virtual size: 108KB

.idata Size: 10KB - Virtual size: 10KB

.data Size: 41KB - Virtual size: 392KB

.rdata Size: 3KB - Virtual size: 2KB

.rsrc Size: 512B - Virtual size: 16B

.reloc Size: 2KB - Virtual size: 2KB

.text
Size: 108KB - Virtual size: 108KB

.idata
Size: 10KB - Virtual size: 10KB

.data
Size: 41KB - Virtual size: 392KB

.rdata
Size: 3KB - Virtual size: 2KB

.rsrc
Size: 512B - Virtual size: 16B

.reloc
Size: 2KB - Virtual size: 2KB