ec39d6726409d8e31b4f84fa2742a6bf_JaffaCakes118

General

Target

ec39d6726409d8e31b4f84fa2742a6bf_JaffaCakes118
Size

168KB
MD5

ec39d6726409d8e31b4f84fa2742a6bf
SHA1

cafc62a5e20783541f953b2a5c003ce5e15b230d
SHA256

0790916a7bb62a22f1a9ae516c13c9b2af749d747c58367e0d40a6387051fe6a
SHA512

8e21551cd1707f6e62491cc411bfbbb9b2dbd1bb225d0efc65538b823520656fdb1901c0d26b95537d70c2e7c36952015a34439495e1d54bd754c44176f4b428
SSDEEP

3072:nhr9hDytxvIdqiCG+xHkoRXjypu8Yv9fVTNxEtPvcx1pukfxqE:nx9hDyDvIddZ+xHRRz2uj1xjEtPvs18

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ec39d6726409d8e31b4f84fa2742a6bf_JaffaCakes118

Files

ec39d6726409d8e31b4f84fa2742a6bf_JaffaCakes118
.dll windows:5 windows x86 arch:x86

708aa074b537e5e8cc5c5935b6b87459

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

I:\jcuj\oIleew\qfut\knwYm.pdb

Imports

gdi32

GetStockObject
GetTextExtentPoint32W
CreatePolygonRgn
GetBitmapBits
SetWindowOrgEx
CreatePenIndirect
GetCurrentObject
DeleteDC
RealizePalette

user32

GetMessageW
FindWindowA
CharNextW
OffsetRect
GetScrollPos
GetUserObjectInformationA
OemToCharA
IsChild
LoadMenuA
DrawFrameControl
GetDlgCtrlID
HiliteMenuItem

kernel32

GetShortPathNameA
IsBadReadPtr
GetModuleHandleW
RaiseException
CreateSemaphoreW
TransactNamedPipe
lstrcmpiW
GetProcAddress
GlobalFindAtomW
SetHandleInformation
GetFileAttributesExA
SearchPathA
GetTempPathW
DeviceIoControl

Exports

Exports

?HpOoXvd@@YGPAMPAG@Z
?dMbOuwZyLxQCqne@@YGKPA_N@Z
?lnrdbtmghBIhUGg@@YGIE@Z
?rpcXgpRsTGmKDJsyiV@@YGPAD_N@Z
?uPfvYthvAxLfdtdYWu@@YGPAMPAI@Z
?ilqPbZeDstvdwl@@YGXEN@Z
?BMuMyxuadsQnjXXCFPgdG@@YGPAGPAF@Z

Sections

.text
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 827B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 91KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.crt
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 136KB - Virtual size: 136KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

708aa074b537e5e8cc5c5935b6b87459

Headers

File Characteristics

PDB Paths

Imports

gdi32

user32

kernel32

Exports

Exports

Sections

.text Size: 13KB - Virtual size: 13KB

.rdata Size: 1024B - Virtual size: 827B

.data Size: 3KB - Virtual size: 91KB

.crt Size: 10KB - Virtual size: 10KB

.rsrc Size: 136KB - Virtual size: 136KB

.reloc Size: 2KB - Virtual size: 2KB

.text
Size: 13KB - Virtual size: 13KB

.rdata
Size: 1024B - Virtual size: 827B

.data
Size: 3KB - Virtual size: 91KB

.crt
Size: 10KB - Virtual size: 10KB

.rsrc
Size: 136KB - Virtual size: 136KB

.reloc
Size: 2KB - Virtual size: 2KB