ec4fe3323fff12698f1608ae2f7a65f3_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

ec4fe3323fff12698f1608ae2f7a65f3_JaffaCakes118
Size

145KB
MD5

ec4fe3323fff12698f1608ae2f7a65f3
SHA1

5cda1a6bf51327fe98b845e32e96b008694e1435
SHA256

9f6f9d307418522811f1bd9bd18dd942953ad4de43f4dd8542d9e9350435b50f
SHA512

492c9d1b2cc00d75cf765a40c51f3257e5d8c2ac0a2772c9d219439f48f5814511e1978fc9ec02b5c7a641565734d6db21927a62a8694a47bfdc4a1918b73689
SSDEEP

3072:OE6pAOCdSdVzaZI4Te6Qp9P5uFi5CVdjM/F:OE6vPBaBfQp9P5vYo

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ec4fe3323fff12698f1608ae2f7a65f3_JaffaCakes118

Files

ec4fe3323fff12698f1608ae2f7a65f3_JaffaCakes118
.exe windows:5 windows x86 arch:x86

8f9ffc9a96526e15fb04c7898c52511d

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

H:\Mevrr\dIaRdv\CGFzbx\ypjebfkx.pdb

Imports

kernel32

LCMapStringA
RemoveDirectoryW
VerifyVersionInfoW
CreateFileA
LocalSize
lstrcatA
FindClose
DuplicateHandle
lstrlenA
UnlockFile
GetStartupInfoW
WriteFile
IsValidLocale
GetModuleHandleA

gdi32

CreateBrushIndirect
EnumFontsW
ResizePalette
RoundRect
SetStretchBltMode
CreatePenIndirect
GetSystemPaletteEntries

user32

DrawEdge
DestroyMenu
GetActiveWindow
wsprintfA
InsertMenuA
GetDlgItemTextA
ReleaseDC
MapVirtualKeyExW
GetDCEx
GetMenuCheckMarkDimensions
GetCaretBlinkTime
GetUpdateRect
SetDlgItemInt
IsCharAlphaNumericW

Exports

Exports

?FLfaqnmfaUWtibmacuj@@YGKHF@Z
?TvyccIUg@@YGPA_NPAG@Z
?mAFiwoathHjvvtftMY@@YGMKM@Z
?txbVzeUQtncFqmBvdTK@@YGDEPAD@Z
?OgAkYkdzr@@YGXFPAH@Z
?ijkfglnoqqgURclpx@@YGXG@Z
?ltFkgkPpffip@@YGXPAK@Z

Sections

.text
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 13KB - Virtual size: 341KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 119KB - Virtual size: 119KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ