fef77503274980e3a7bd528b26cc979e_JaffaCakes118

General

Target

fef77503274980e3a7bd528b26cc979e_JaffaCakes118
Size

52KB
MD5

fef77503274980e3a7bd528b26cc979e
SHA1

42d70da3bbe9d3106ce136de7e10363d89034f67
SHA256

144506e71c3ce59ad2792778776a49d8baf9694b95ac85a534ebf7c1f73c181b
SHA512

775e72d6d655c2591feeb6612dfaf8b7c59584d9e9648f01c92ca3f4725ed750356528167ca8e4057318edf0989e7330892b894b1d39c46c0740927a0c4c8632
SSDEEP

768:YtNK7prj0rh6UVOFMCw8m+XwzXs5D6B6z/ivNgPhIjY11nquIOSAohutdWK5ObH9:b7p/0rLVnCFm+Ec5U6GSfnHzSXYz15s

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
fef77503274980e3a7bd528b26cc979e_JaffaCakes118

Files

fef77503274980e3a7bd528b26cc979e_JaffaCakes118
.exe windows:5 windows x86 arch:x86

a26a1412ce9bc5b92710946f7c97ea9f

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

A:\wgpwiP\aJfl\noreUhhj\ghhlJplA.pdb

Imports

comctl32

PropertySheetA
ImageList_GetIcon

user32

ShowCaret
DrawIcon
GetDlgCtrlID
CascadeChildWindows
GetKeyboardLayout
IsDialogMessageW
LoadCursorW
OemKeyScan
ScrollWindowEx
IsCharAlphaNumericW
MapVirtualKeyA
SetDlgItemTextW

comdlg32

GetSaveFileNameA
ReplaceTextW
CommDlgExtendedError
GetOpenFileNameA

gdi32

GetPixel
Rectangle
SetWindowOrgEx
UnrealizeObject
IntersectClipRect
GetClipBox
CreateCompatibleDC
FillRgn

kernel32

FindFirstFileW
FindNextFileW
GetOEMCP
FindResourceA
lstrcpynA
GlobalGetAtomNameW
SearchPathA
GetModuleFileNameA
lstrcmpiA
GetSystemDefaultUILanguage
CreateRemoteThread
GetStringTypeW

Exports

Exports

?OnbozUdnLovTwg@@YGKH@Z
?DktCfOqfJsoiqzcmhmjm@@YGHPAI@Z
?EkrVgukpwggaf@@YGPAMMI@Z
?UporbmvwopgifdmdHqOmgy@@YGPAJKPAF@Z
?Lxrlpsrttvbswn@@YGIEF@Z
?_IpWjftkqmivJbGwtdsgpo@@YGGPAKI@Z

Sections

.itext
Size: 20KB - Virtual size: 20KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.text
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 18KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a26a1412ce9bc5b92710946f7c97ea9f

Headers

File Characteristics

PDB Paths

Imports

comctl32

user32

comdlg32

gdi32

kernel32

Exports

Exports

Sections

.itext Size: 20KB - Virtual size: 20KB

.text Size: 6KB - Virtual size: 6KB

.data Size: 4KB - Virtual size: 4KB

.rsrc Size: 18KB - Virtual size: 18KB

.reloc Size: 2KB - Virtual size: 1KB

.itext
Size: 20KB - Virtual size: 20KB

.text
Size: 6KB - Virtual size: 6KB

.data
Size: 4KB - Virtual size: 4KB

.rsrc
Size: 18KB - Virtual size: 18KB

.reloc
Size: 2KB - Virtual size: 1KB