e8f0416b778d06891244c8f83396cd4a_JaffaCakes118

General

Target

e8f0416b778d06891244c8f83396cd4a_JaffaCakes118
Size

96KB
MD5

e8f0416b778d06891244c8f83396cd4a
SHA1

1bfec7dc407c53f8ecfcad0ac7d3bbd0beeb01af
SHA256

83e58610baa3d989bb840d65969357cc44a656ae018556232bf4b40c699b6d22
SHA512

9d42faeeb8effe609cae704301e12a8d92dc27717fdac11365b188390a4f60f67b0a85247b68de3035ee25033b158e98841fc95d87ceeb0f507c18b1f413f27a
SSDEEP

1536:tU/VB742AzOsIDR2wlZlv6j0HNDKtcD7va6T4LHhjncVH5O6KoB:wr1+OhDR2EZlvQWna6T4rRcLO6KoB

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
e8f0416b778d06891244c8f83396cd4a_JaffaCakes118

Files

e8f0416b778d06891244c8f83396cd4a_JaffaCakes118
.exe windows:5 windows x86 arch:x86

a4399a8aede178a8aa73325795795479

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

M:\Eoqv\zseIZf\rRpxlz.pdb

Imports

gdi32

GetNearestColor
CreateHatchBrush
PtVisible
PatBlt
FillRgn
StartPage
GetLayout
GetStockObject
GetClipBox

user32

ShowOwnedPopups
CharLowerW
GetUpdateRgn
CharNextW
CharLowerBuffW
DrawStateW
GetWindowTextA
LoadImageA
CreateCaret
CreateWindowExW
EnableMenuItem
FindWindowA
SetCaretPos

kernel32

GetFullPathNameW
GetProcAddress
GetFileAttributesA
lstrcmpiW
GetExitCodeThread
IsDBCSLeadByte
GetStringTypeA
GetModuleHandleW
CreateMutexA
CompareFileTime
SetPriorityClass
VirtualAlloc

Exports

Exports

?htCnReuwFDwr@@YGJDM@Z
?krwpXIjmfDqceqgqon@@YGME_N@Z
?kosaZoRwlEGmJhhUMH@@YGGMPAF@Z
?qfZJaqvFAaxx@@YGPADEG@Z
?NYuwhyzadzhndiegeri@@YGPAXPAMD@Z

Sections

.text
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 827B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.crt
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 65KB - Virtual size: 65KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a4399a8aede178a8aa73325795795479

Headers

File Characteristics

PDB Paths

Imports

gdi32

user32

kernel32

Exports

Exports

Sections

.text Size: 13KB - Virtual size: 13KB

.rdata Size: 1024B - Virtual size: 827B

.data Size: 3KB - Virtual size: 19KB

.crt Size: 10KB - Virtual size: 10KB

.rsrc Size: 65KB - Virtual size: 65KB

.reloc Size: 2KB - Virtual size: 1KB

.text
Size: 13KB - Virtual size: 13KB

.rdata
Size: 1024B - Virtual size: 827B

.data
Size: 3KB - Virtual size: 19KB

.crt
Size: 10KB - Virtual size: 10KB

.rsrc
Size: 65KB - Virtual size: 65KB

.reloc
Size: 2KB - Virtual size: 1KB