eae7833ea09ca31291f91d6551cb7cc4_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

eae7833ea09ca31291f91d6551cb7cc4_JaffaCakes118
Size

99KB
MD5

eae7833ea09ca31291f91d6551cb7cc4
SHA1

3ffaf82ee371c87d631cdc380ead2d384867aed3
SHA256

62ac2369f95a287ed721f74c2cbddd568f2153562c56b561a90e3af08272cdca
SHA512

3ce436f27275e43584bccf7aca94c6048ff625ea79d3edfb4fc98e87b75eb271565b28bd7dd5b5f69cbadfe8c8223e78a6210cf61ee7653f19fc0d4dfec4d66e
SSDEEP

1536:AZOh5kEvDL7gI/L4lfrtw3M1klduDgWiwj0JQQIqeLEUQDJo6sHjxaaX:bhv7nT49Jea1MR1JQpqvUGJ/oNaa

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
eae7833ea09ca31291f91d6551cb7cc4_JaffaCakes118

Files

eae7833ea09ca31291f91d6551cb7cc4_JaffaCakes118
.exe windows:5 windows x86 arch:x86

45e2b0321709890227cdcadc2d62ca20

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

L:\Ukfkrwq\tUvmHi\ezyc\AMlj.pdb

Imports

shlwapi

ChrCmpIW
StrIsIntlEqualW
StrToIntExA

user32

SetDlgItemTextW
IsWindow
OpenIcon
DispatchMessageA
AppendMenuA
FillRect
AdjustWindowRect
CharNextW
ScrollWindowEx
GetScrollInfo
GetWindowPlacement
CascadeWindows
GetKeyboardLayout
GetClassLongA
GetPropW
LoadMenuW
SetMenuItemInfoW
GetDoubleClickTime
ExitWindowsEx
TranslateMessage
keybd_event
BeginPaint
RemoveMenu
GetWindowTextW
GetUserObjectInformationW
SetMenuItemBitmaps
AttachThreadInput
LoadBitmapW
CharUpperBuffW
LoadCursorW
ShowWindow
wvsprintfW
GetMenuItemID

comctl32

ImageList_ReplaceIcon
DestroyPropertySheetPage
ImageList_Destroy
ImageList_Read

gdi32

CreateFontIndirectA
UnrealizeObject
StretchBlt
ScaleViewportExtEx
CreateDIBSection
GetClipBox
RoundRect
WidenPath
Polygon
CreateSolidBrush
IntersectClipRect
CreateDCW
SelectObject
FillRgn

kernel32

GetFileAttributesExA
LoadLibraryExA
GetTimeFormatA
GetHandleInformation
ReleaseSemaphore
GetCurrentProcessId
lstrlenA
SetThreadLocale
SetThreadAffinityMask
CreateMutexA
GetFileInformationByHandle
HeapReAlloc
LCMapStringW
LoadResource
SetCommState
SearchPathA
ExitProcess
lstrlenW
GetCurrentThread
GetSystemTimeAdjustment

Exports

Exports

?LoadKeyboardLayoutA@@YGXK_WH@Z

Sections

.text
Size: 45KB - Virtual size: 44KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 13KB - Virtual size: 100KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 38KB - Virtual size: 37KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

45e2b0321709890227cdcadc2d62ca20

Headers

File Characteristics

PDB Paths

Imports

shlwapi

user32

comctl32

gdi32

kernel32

Exports

Exports

Sections

.text Size: 45KB - Virtual size: 44KB

.data Size: 13KB - Virtual size: 100KB

.pdata Size: 38KB - Virtual size: 37KB

.rsrc Size: 512B - Virtual size: 16B

.reloc Size: 1KB - Virtual size: 1KB

.text
Size: 45KB - Virtual size: 44KB

.data
Size: 13KB - Virtual size: 100KB

.pdata
Size: 38KB - Virtual size: 37KB

.rsrc
Size: 512B - Virtual size: 16B

.reloc
Size: 1KB - Virtual size: 1KB