172503e786c314ff3b8e05b48498010b_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

172503e786c314ff3b8e05b48498010b_JaffaCakes118
Size

104KB
MD5

172503e786c314ff3b8e05b48498010b
SHA1

3c1d79d0238f8d5baccfa9dc891a3998c3d33569
SHA256

226881d90d6aec76168ddeb19f2bbbb4b3e9c6993a11be1b15935a93ece7e67b
SHA512

705e5ff9db916f8f0879b44cf6034f7c8d3c645801757f94352a90f760cd94b3d4ff85d4f7616bc301519521bb1be9c2bd5de58194492037881e4152270f30f5
SSDEEP

1536:pnK6OqJMRmPgX5SSwuXOzQXgk+XYc51Cb2UcFQRfIckmGB7O:pJOGMVXCCOUXyN54sGRgBmG

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
172503e786c314ff3b8e05b48498010b_JaffaCakes118

Files

172503e786c314ff3b8e05b48498010b_JaffaCakes118
.exe windows:5 windows x86 arch:x86

cc92158c3ea56ecec2da2c6063d4e982

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

J:\ffyvj\OPeP\cccD\iPilk.pdb

Imports

kernel32

GetThreadLocale
VerifyVersionInfoW
ConvertDefaultLocale
GetCommandLineA
GetProcAddress
GetModuleHandleW
FlushViewOfFile
CreateEventW
CloseHandle
GetSystemDirectoryW
LockFile
SuspendThread
GetModuleHandleA
TerminateThread
GetTickCount

gdi32

RealizePalette
CreateBrushIndirect
PathToRegion
SetStretchBltMode
SetBitmapDimensionEx
GetTextExtentPointA
CreateRectRgnIndirect
SaveDC

comctl32

ImageList_Draw
ImageList_Create
ImageList_Write
ImageList_ReplaceIcon

user32

GetUserObjectInformationW
MenuItemFromPoint
GetWindow
GetClassLongA
GetDlgItemTextA
wvsprintfA
ValidateRect
LoadCursorW
MessageBoxW
ReplyMessage
IsCharAlphaW
PostThreadMessageW
GetMenu

Exports

Exports

?mayGgbvlJ@@YGXM@Z
?vxxnnXqvluqQksmsdNuxw@@YGIID@Z
?aggJtfF@@YG_NPAE@Z
?wsyxYmkpfctAm@@YGPAIPAM@Z
?bacMnLSctBxh@@YGXPAG@Z
?LrDuSGFxrLCwuxrhQr@@YGEN@Z

Sections

.text
Size: 17KB - Virtual size: 17KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 267B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.crt
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 76KB - Virtual size: 76KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

cc92158c3ea56ecec2da2c6063d4e982

Headers

File Characteristics

PDB Paths

Imports

kernel32

gdi32

comctl32

user32

Exports

Exports

Sections

.text Size: 17KB - Virtual size: 17KB

.data Size: 2KB - Virtual size: 14KB

.edata Size: 512B - Virtual size: 267B

.crt Size: 4KB - Virtual size: 4KB

.rsrc Size: 76KB - Virtual size: 76KB

.reloc Size: 2KB - Virtual size: 2KB

.text
Size: 17KB - Virtual size: 17KB

.data
Size: 2KB - Virtual size: 14KB

.edata
Size: 512B - Virtual size: 267B

.crt
Size: 4KB - Virtual size: 4KB

.rsrc
Size: 76KB - Virtual size: 76KB

.reloc
Size: 2KB - Virtual size: 2KB