0ae7e245441563c81fcc034f0ad5d84f_JaffaCakes118

General

Target

0ae7e245441563c81fcc034f0ad5d84f_JaffaCakes118
Size

101KB
MD5

0ae7e245441563c81fcc034f0ad5d84f
SHA1

06dc90a880dfd44afe305bcc131d378c13a194e2
SHA256

b1c7afb3c07b082d26b52147c299b124333ded76e549ac47a77079a272ed0855
SHA512

51904eca5dec7bc32e88fde1d3faf938088aaa74a3b2a141f85948fb1f93314873fd4587c51bb5c0909a4c86e61b3c5059113cd12036925d729158ff5a64395c
SSDEEP

1536:T0ZQwgQ6Qh+q8QTbptn+KoAdyyjB1rmE6e0jatQ71BK+9lx9zb+AwJvlX:45/6IZptr9UylZh6e0j+Q71Pzxhb+Pt

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0ae7e245441563c81fcc034f0ad5d84f_JaffaCakes118

Files

0ae7e245441563c81fcc034f0ad5d84f_JaffaCakes118
.exe windows:5 windows x86 arch:x86

55ef1b485e6005c6a24302f6b6293c81

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

X:\eeMe\pnssM\eIXpuvsx\Urhiko\xlwkn.pdb

Imports

kernel32

GlobalAddAtomA
GetTempFileNameA
GetTickCount
SetSystemTimeAdjustment
CreateEventW
GetModuleHandleW
GlobalSize
GetProcAddress
EnumResourceNamesA
GetThreadLocale
CloseHandle
GetModuleHandleA
VirtualFree
GetUserDefaultLangID

gdi32

DeleteObject
SetPaletteEntries
DeleteDC
ExtFloodFill
SetDIBits
SelectClipRgn
TextOutA

user32

ValidateRect
OffsetRect
GetClassWord
GetMenuItemID
GetMenu
GetWindow
OpenIcon
CreateMenu
TranslateMessage
ReplyMessage
GetScrollInfo
IsCharAlphaNumericW
LoadCursorA
DestroyAcceleratorTable
GetClassInfoExW

comctl32

ImageList_Create
ImageList_Write
ImageList_ReplaceIcon
PropertySheetA

Exports

Exports

?kjJhzjhaSrDJLoskBQEVyp@@YGDPAMPAN@Z
?oOchFtBtnU@@YGEEH@Z
?KosmamIfhgadpuvfMFVQd@@YGIK@Z
?raDZSijVWtlMtfFGn@@YGPAFPAM@Z
?TuHAPSi@@YGKPAI@Z

Sections

.text
Size: 15KB - Virtual size: 15KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.edata
Size: 512B - Virtual size: 246B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.crt
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 75KB - Virtual size: 75KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

55ef1b485e6005c6a24302f6b6293c81

Headers

File Characteristics

PDB Paths

Imports

kernel32

gdi32

user32

comctl32

Exports

Exports

Sections

.text Size: 15KB - Virtual size: 15KB

.edata Size: 512B - Virtual size: 246B

.data Size: 2KB - Virtual size: 14KB

.crt Size: 4KB - Virtual size: 4KB

.rsrc Size: 75KB - Virtual size: 75KB

.reloc Size: 2KB - Virtual size: 2KB

.text
Size: 15KB - Virtual size: 15KB

.edata
Size: 512B - Virtual size: 246B

.data
Size: 2KB - Virtual size: 14KB

.crt
Size: 4KB - Virtual size: 4KB

.rsrc
Size: 75KB - Virtual size: 75KB

.reloc
Size: 2KB - Virtual size: 2KB