0c59ffc34a7cf78cd83e53e35e4e0037_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

0c59ffc34a7cf78cd83e53e35e4e0037_JaffaCakes118
Size

41KB
MD5

0c59ffc34a7cf78cd83e53e35e4e0037
SHA1

7e2c3848744646718d27b4f1b30ad0863f173f0c
SHA256

bad56374acb2709aea08477e34f4cdaa6fa649ade7bf67cadd64f270230797a9
SHA512

480da01592c26abe28b9fdb67a8637d63428673578561d393941f92818626704a7a8fb5deac77f7beef888b0cfa42c942a69e49e0754949c6d324a80115291a8
SSDEEP

768:iHolD2GfNO52v25M/oxQdSFLKzeZXSXlfN47G4afcNP0fZ0qSRPf:iHodfNO5L569sFLKzU8G7G4abSdf

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0c59ffc34a7cf78cd83e53e35e4e0037_JaffaCakes118

Files

0c59ffc34a7cf78cd83e53e35e4e0037_JaffaCakes118
.exe windows:5 windows x86 arch:x86

190d0debf59c8e614de7fe641b2920ae

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

K:\YNzYj\uhhn\GdSray\ADExmcOc.pdb

Imports

user32

MapVirtualKeyExW
GetWindowContextHelpId
DrawTextA
RegisterWindowMessageA
GetActiveWindow
IsRectEmpty
GetWindow
GetDesktopWindow
DefWindowProcA
AdjustWindowRectEx
GetWindowLongA
GetParent
SystemParametersInfoW

gdi32

StretchBlt
CreateEllipticRgnIndirect
CreatePatternBrush
PolyBezier
CreatePenIndirect
GetTextExtentPoint32W

ntdll

memset

comctl32

ImageList_Read
ImageList_Destroy
ImageList_GetIcon

shlwapi

PathCommonPrefixW
PathCanonicalizeW
ord155
StrCSpnIA
PathRemoveFileSpecW

kernel32

GetLocaleInfoW
LocalReAlloc
CreateFileMappingA
GetThreadContext
ExitProcess
FileTimeToDosDateTime
GetUserDefaultLangID

Exports

Exports

?ryhfnkvyivtlydh@@YGKGPAF@Z
?omiWyAllmxjnlfg@@YGPAXH@Z

Sections

.text
Size: 512B - Virtual size: 164B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.code
Size: 24KB - Virtual size: 23KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 1024B - Virtual size: 1024B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 128B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

190d0debf59c8e614de7fe641b2920ae

Headers

File Characteristics

PDB Paths

Imports

user32

gdi32

ntdll

comctl32

shlwapi

kernel32

Exports

Exports

Sections

.text Size: 512B - Virtual size: 164B

.code Size: 24KB - Virtual size: 23KB

.data Size: 10KB - Virtual size: 10KB

.rdata Size: 1024B - Virtual size: 1024B

.edata Size: 512B - Virtual size: 128B

.rsrc Size: 2KB - Virtual size: 4KB

.reloc Size: 1KB - Virtual size: 1KB

.text
Size: 512B - Virtual size: 164B

.code
Size: 24KB - Virtual size: 23KB

.data
Size: 10KB - Virtual size: 10KB

.rdata
Size: 1024B - Virtual size: 1024B

.edata
Size: 512B - Virtual size: 128B

.rsrc
Size: 2KB - Virtual size: 4KB

.reloc
Size: 1KB - Virtual size: 1KB