16224cd982b7dc873b8f99c99243846f_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

16224cd982b7dc873b8f99c99243846f_JaffaCakes118
Size

188KB
MD5

16224cd982b7dc873b8f99c99243846f
SHA1

bc29c044806b77521d9242bc1ed48292c9fa9ba9
SHA256

2f21c3d40b143bf9fe07f1da05298df498a5f409fffedbade9bda470ec64fef8
SHA512

41841fed5a0ef72c8a45258500e13dc6243b49ab186d21c120f6fb3094bd498868aa305d7faf779aaa8e9511d67a0d819f72327a24c622be1e747fd1446e28bc
SSDEEP

3072:7/nB5jczWWI1JZm9gEGP5zwEfK86GOV0hzXq46upQS4wA+Q1OAErl5URqrVnRY63:TB+2JZmubR286GOV0hnX4jqAErjUSVRn

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
16224cd982b7dc873b8f99c99243846f_JaffaCakes118

Files

16224cd982b7dc873b8f99c99243846f_JaffaCakes118
.exe windows:5 windows x86 arch:x86

c9cbf0ae47e520ae47c70291bddf77e3

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

T:\xUsbE\zzhs\Qmvo\eqbfYgtl.pdb

Imports

user32

GetUserObjectInformationW
ReleaseDC
ShowCursor
BringWindowToTop
DrawStateW
ScrollWindow
TranslateMessage
SetMenuItemBitmaps
AdjustWindowRectEx
SetForegroundWindow
DefWindowProcW
CharNextW
HiliteMenuItem
GetMonitorInfoW
PostQuitMessage
MessageBoxExA
IsZoomed
DefDlgProcW
DefWindowProcA
CharToOemW
GetSysColorBrush
SetScrollRange
GetWindowRect
UnloadKeyboardLayout
DialogBoxIndirectParamW
IsMenu
ChildWindowFromPointEx
GetSystemMenu

ole32

CoInitializeEx
CoUninitialize

gdi32

GetTextAlign
GetObjectA
PtVisible
ResizePalette
CreateFontW
GetTextCharsetInfo
AddFontResourceW
CreateDIBitmap
StartPage
GetTextExtentExPointW
EnumFontFamiliesExW
SetTextColor

comctl32

ImageList_Read
CreatePropertySheetPageA
ImageList_Write

kernel32

EnumResourceTypesA
SetMailslotInfo
IsValidLanguageGroup
GetThreadPriority
MoveFileA
DefineDosDeviceW
GetStartupInfoW
GetAtomNameA
TlsGetValue
GetUserDefaultLangID
GetTimeFormatA
GetFileType
WaitCommEvent
LoadLibraryA
GetCommModemStatus

Exports

Exports

?TsjojyB@@YGPAIK@Z
?S_YC_CD_XXUVWS_Snd@@YGXJPAJ@Z
?PWTVY_Vg__R@@YGMIPAE@Z
?qgwdckivpqvaC_@@YGPAJPAG@Z
?o_vt_snOVYQG_gjug_vb@@YGJJM@Z
?d__vfdfrzjix@@YGHFPAG@Z
?Lalv_yu_gcz_@@YGD_NH@Z

Sections

.text
Size: 132KB - Virtual size: 131KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 33KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.mdata
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 34KB - Virtual size: 193KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

c9cbf0ae47e520ae47c70291bddf77e3

Headers

File Characteristics

PDB Paths

Imports

user32

ole32

gdi32

comctl32

kernel32

Exports

Exports

Sections

.text Size: 132KB - Virtual size: 131KB

.rdata Size: 33KB - Virtual size: 32KB

.mdata Size: 12KB - Virtual size: 11KB

.data Size: 34KB - Virtual size: 193KB

.rsrc Size: 512B - Virtual size: 16B

.reloc Size: 1KB - Virtual size: 1KB

.text
Size: 132KB - Virtual size: 131KB

.rdata
Size: 33KB - Virtual size: 32KB

.mdata
Size: 12KB - Virtual size: 11KB

.data
Size: 34KB - Virtual size: 193KB

.rsrc
Size: 512B - Virtual size: 16B

.reloc
Size: 1KB - Virtual size: 1KB