ff7610c6bd197836fe627c73868f1d3c_JaffaCakes118

General

Target

ff7610c6bd197836fe627c73868f1d3c_JaffaCakes118
Size

173KB
MD5

ff7610c6bd197836fe627c73868f1d3c
SHA1

37c2d09aeb4ab1ebbcf783e66b8a0d63e51a8873
SHA256

7860c0a2ee26fe52950b261176fe6268444f36d634aefb432cb4f97a3685dcb6
SHA512

c650ec4498bc190a80a25c7d86947526335acb62b2ef1babc27f3c0ee3144e98e3274e0fc0d82f6d7c83abb66bab38cd27d661e42bfb3585b1ad7c80ac1f52c6
SSDEEP

3072:SqZLBRcAWHQjvN6gvrYaYhty4DjC7enN8AAFabdRZXROTuoHcZVT:7RBRFWw6gvMRhdDjC70ambjZYTuWi

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ff7610c6bd197836fe627c73868f1d3c_JaffaCakes118

Files

ff7610c6bd197836fe627c73868f1d3c_JaffaCakes118
.exe windows:5 windows x86 arch:x86

bde08e718a40235eaafdde683d531c1d

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

M:\oijm\RipMum\fjekCdHw.pdb

Imports

comdlg32

FindTextW
GetOpenFileNameA
GetSaveFileNameW

kernel32

IsValidLanguageGroup
GetModuleHandleW
IsBadReadPtr
lstrlenA
EnumResourceNamesA
SetFilePointer
lstrcmpA
GetTickCount
GetSystemDefaultLCID
GetProcAddress
SetLocalTime
GetLocaleInfoA
CompareFileTime

user32

IntersectRect
SetScrollPos
CheckMenuItem
ClientToScreen
GetSubMenu
MonitorFromPoint
DialogBoxParamA
DestroyCaret
GetForegroundWindow
GetClassLongW
GetWindow
GetSysColor
LoadCursorW

gdi32

MoveToEx
PtVisible
GetDIBits
DeleteDC
LPtoDP
IntersectClipRect
GetTextMetricsA

Exports

Exports

?jxjNLehsFVQciy@@YGXPADG@Z
?ueKmYorrf@@YGPAJPAJ@Z
?lpNviagrtzOcVjdVjREfFG@@YGN_NE@Z
?avjBhCLITfeelxQQkly@@YGFPAE@Z
?jtfwOwzahFntO@@YGPAHHI@Z
?cFtlzRuBvhuiyK@@YGGPAHI@Z
?gBvbmbqheUrtIgoFyup@@YGPANKE@Z

Sections

.text
Size: 19KB - Virtual size: 18KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 82KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.crt
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 327B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 145KB - Virtual size: 145KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

bde08e718a40235eaafdde683d531c1d

Headers

File Characteristics

PDB Paths

Imports

comdlg32

kernel32

user32

gdi32

Exports

Exports

Sections

.text Size: 19KB - Virtual size: 18KB

.data Size: 2KB - Virtual size: 82KB

.crt Size: 4KB - Virtual size: 4KB

.edata Size: 512B - Virtual size: 327B

.rsrc Size: 145KB - Virtual size: 145KB

.reloc Size: 2KB - Virtual size: 1KB

.text
Size: 19KB - Virtual size: 18KB

.data
Size: 2KB - Virtual size: 82KB

.crt
Size: 4KB - Virtual size: 4KB

.edata
Size: 512B - Virtual size: 327B

.rsrc
Size: 145KB - Virtual size: 145KB

.reloc
Size: 2KB - Virtual size: 1KB