197a1c9b5edd44c54b7e6a48ebefd0f1_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

197a1c9b5edd44c54b7e6a48ebefd0f1_JaffaCakes118
Size

158KB
MD5

197a1c9b5edd44c54b7e6a48ebefd0f1
SHA1

2dec4fc894c04cc64fea168c59ec938d60fbada8
SHA256

3f056895d2eb3656e2c2c6f17546dcca0ead021f723f6824005459206c0aa833
SHA512

0e818268b33f82e8c6cb8440475d523c90474a4f50219667fd71dc92388a77ce69f51e3873779afb62fc1c0084df37d4cb62c0de0d45d0810f8ec3a5299703b8
SSDEEP

3072:pgTmvSxlkVo0Oubhk6MqlNStEFWbx8Z+wnSgPJAFYkU8k:qTmvslgo0YucEFWbKs2JPWb

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
197a1c9b5edd44c54b7e6a48ebefd0f1_JaffaCakes118

Files

197a1c9b5edd44c54b7e6a48ebefd0f1_JaffaCakes118
.exe windows:5 windows x86 arch:x86

df2568e6d132a594b0c8699940cd51c0

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

T:\mDooFtxbo\TomXGhOrntls\BiygqSspbigcl\SLxzLtsOOFhpFd.pdb

Imports

user32

GetForegroundWindow
GetActiveWindow
GetMenuState
GetTopWindow
FindWindowA

gdi32

GetTextFaceW
TextOutW
CreateEllipticRgnIndirect
EndDoc
SetTextColor
SetDIBits
CreateICW
SaveDC
GetMapMode
CreateDIBSection
GetObjectA

kernel32

MoveFileW
MoveFileA
AddAtomW
LoadLibraryA
MoveFileExW
CreateEventW
WaitForMultipleObjectsEx
RaiseException
VerSetConditionMask
CancelWaitableTimer
lstrcmpiW
GetOEMCP
CompareFileTime
TlsSetValue

Exports

Exports

?ToBindabl

Sections

.text
Size: 147KB - Virtual size: 146KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.ghgg
Size: 512B - Virtual size: 121B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ghg
Size: 512B - Virtual size: 32B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.jkuid
Size: 512B - Virtual size: 32B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.hghg
Size: 512B - Virtual size: 32B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.fvgvb
Size: 512B - Virtual size: 32B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

df2568e6d132a594b0c8699940cd51c0

Headers

File Characteristics

PDB Paths

Imports

user32

gdi32

kernel32

Exports

Exports

Sections

.text Size: 147KB - Virtual size: 146KB

.ghgg Size: 512B - Virtual size: 121B

.ghg Size: 512B - Virtual size: 32B

.jkuid Size: 512B - Virtual size: 32B

.hghg Size: 512B - Virtual size: 32B

.fvgvb Size: 512B - Virtual size: 32B

.rdata Size: 2KB - Virtual size: 1KB

.rsrc Size: 4KB - Virtual size: 3KB

.reloc Size: 2KB - Virtual size: 1KB

.text
Size: 147KB - Virtual size: 146KB

.ghgg
Size: 512B - Virtual size: 121B

.ghg
Size: 512B - Virtual size: 32B

.jkuid
Size: 512B - Virtual size: 32B

.hghg
Size: 512B - Virtual size: 32B

.fvgvb
Size: 512B - Virtual size: 32B

.rdata
Size: 2KB - Virtual size: 1KB

.rsrc
Size: 4KB - Virtual size: 3KB

.reloc
Size: 2KB - Virtual size: 1KB