fd173f356927fe48bf833aaafc83feaf_JaffaCakes118

General

Target

fd173f356927fe48bf833aaafc83feaf_JaffaCakes118
Size

56KB
MD5

fd173f356927fe48bf833aaafc83feaf
SHA1

677d58197b502ae18db8ca1a9c9d765e352c5a29
SHA256

cde8858def15339fe227f0faacfe16058bc478083aee3ab1e1348c57352461b9
SHA512

badda3351e31ee4177c72dc68633fbe08dfe34504cc564674ae1c09ed87f4eebf2f894998b04c3f47b659c52f23ea622ea192b01a3a398915215001331b6d9d8
SSDEEP

768:wgRXOx3U6jmI0T5Q4PNHTlvQ2dviz8P5hUbYAM9KhbsGxT1n1r2CueIlY0FngAyY:wmak6jhkTAjbPBuewY0pg1mZWZZ27

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

Processes:

resource
fd173f356927fe48bf833aaafc83feaf_JaffaCakes118

Files

fd173f356927fe48bf833aaafc83feaf_JaffaCakes118
.exe windows:5 windows x86 arch:x86

43108c3546e8cf068ca55c90a03f2cab

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

L:\pUdj\wdPape\rczgdrbl.pdb

Imports

shlwapi

PathGetArgsA

user32

SetForegroundWindow
FrameRect
InSendMessageEx
ClipCursor
CheckRadioButton
wsprintfA
GetCaretPos
GetSystemMenu
GetWindowRect
GetWindowDC
CharPrevA
GetForegroundWindow

kernel32

LCMapStringW
CreateDirectoryA
GlobalUnlock
SetCurrentDirectoryW
lstrlenW
lstrcmpiA
WaitForDebugEvent
FindNextFileA
InterlockedExchange
CreateNamedPipeA
LocalReAlloc
LCMapStringA
GetDateFormatA
FindResourceExA

gdi32

SetViewportOrgEx
MoveToEx
AddFontResourceW
RealizePalette
CreateFontA
RectVisible
PatBlt
GetTextFaceW
Rectangle

Exports

Exports

?vcbgqtgq@@YGXH@Z
?WVgNzkgmwusysq@@YGNEE@Z
?uplfpnltycxxrszfzhjkF@@YGPAEPAEH@Z
?vtmqZhhOXtn@@YGHHPAJ@Z
?ofbjfZiJycMV@@YG_NF@Z
?pzauUljGha@@YGPAXPAN@Z

Sections

.text
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.itext
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 3KB - Virtual size: 195KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 34KB - Virtual size: 34KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

43108c3546e8cf068ca55c90a03f2cab

Headers

File Characteristics

PDB Paths

Imports

shlwapi

user32

kernel32

gdi32

Exports

Exports

Sections

.text Size: 11KB - Virtual size: 11KB

.itext Size: 1KB - Virtual size: 1KB

.rdata Size: 3KB - Virtual size: 3KB

.data Size: 3KB - Virtual size: 195KB

.rsrc Size: 34KB - Virtual size: 34KB

.reloc Size: 2KB - Virtual size: 1KB

.text
Size: 11KB - Virtual size: 11KB

.itext
Size: 1KB - Virtual size: 1KB

.rdata
Size: 3KB - Virtual size: 3KB

.data
Size: 3KB - Virtual size: 195KB

.rsrc
Size: 34KB - Virtual size: 34KB

.reloc
Size: 2KB - Virtual size: 1KB