0cea21ec502d0cc840e6c32f33924efe_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

0cea21ec502d0cc840e6c32f33924efe_JaffaCakes118
Size

182KB
MD5

0cea21ec502d0cc840e6c32f33924efe
SHA1

d5d304196ae033608915aae3eb91faab31679e1d
SHA256

599625d9dde0bb2ff6ac68bb086f044edc80eac272d291c56f8f0058b0bc55a1
SHA512

515ea73bfd8254f782cfe955296df5ace3bccda2026e7a59a4394fee24b32f17abfe25bf58756de6d5b46242322d56176a2e16655b89fbf42876ebe021551564
SSDEEP

3072:zKD46amJl7DbD8DiVv3LPWWSgl47RiAjTOHm8zffUlhUk:eDlauHTRTLRl47ncmrlh

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0cea21ec502d0cc840e6c32f33924efe_JaffaCakes118

Files

0cea21ec502d0cc840e6c32f33924efe_JaffaCakes118
.exe windows:5 windows x86 arch:x86

f6d51ad9d1bd06e56c19a248a7757235

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

G:\uvfShbN\hfvgLd\bbecIz\mklEv\iymEet.pdb

Imports

comdlg32

GetOpenFileNameA
PrintDlgW
ReplaceTextW

msvcrt

exit

kernel32

GetCurrentThread
GetLocaleInfoA
CreateMailslotW
IsBadWritePtr
SetTimerQueueTimer
EnumResourceLanguagesA
ExitProcess

user32

GrayStringW
LoadMenuA
GetMenuItemID
CallWindowProcW
SetUserObjectInformationW
SendMessageTimeoutW
GetIconInfo
PostThreadMessageW
RegisterClassA
FrameRect
IsWindowUnicode
RegisterClassW

shlwapi

PathMakePrettyA
PathCanonicalizeW
StrSpnA

gdi32

GetBkMode
GetPixel
EnumFontFamiliesExW
EndDoc
CreateRectRgnIndirect

Exports

Exports

?H_YPNEQ_LDZ@@YGPAIPAEG@Z
?xWML_VV@@YGME@Z
?OM_E_RZLIUAhrmyU@@YGM_NF@Z
?_ktt_d__gsqZa@@YGJPAEG@Z
?DT__OXTqSY@@YGFPAI@Z
?_QIERYlgwa@@YGPAEIJ@Z
?Euqq_QOJPIBQILY@@YGGPAM@Z

Sections

.text
Size: 53KB - Virtual size: 53KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.r_dat
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 376KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 35KB - Virtual size: 35KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.pdata
Size: 22KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 53KB - Virtual size: 52KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f6d51ad9d1bd06e56c19a248a7757235

Headers

File Characteristics

PDB Paths

Imports

comdlg32

msvcrt

kernel32

user32

shlwapi

gdi32

Exports

Exports

Sections

.text Size: 53KB - Virtual size: 53KB

.r_dat Size: 11KB - Virtual size: 10KB

.data Size: 4KB - Virtual size: 376KB

.rdata Size: 35KB - Virtual size: 35KB

.pdata Size: 22KB - Virtual size: 21KB

.rsrc Size: 53KB - Virtual size: 52KB

.reloc Size: 2KB - Virtual size: 1KB

.text
Size: 53KB - Virtual size: 53KB

.r_dat
Size: 11KB - Virtual size: 10KB

.data
Size: 4KB - Virtual size: 376KB

.rdata
Size: 35KB - Virtual size: 35KB

.pdata
Size: 22KB - Virtual size: 21KB

.rsrc
Size: 53KB - Virtual size: 52KB

.reloc
Size: 2KB - Virtual size: 1KB