19e10d00e107f7be37ed14d1e7a788ad_JaffaCakes118

General

Target

19e10d00e107f7be37ed14d1e7a788ad_JaffaCakes118
Size

106KB
MD5

19e10d00e107f7be37ed14d1e7a788ad
SHA1

d4a6e2b632221d51e4771499db06d267d63de2c1
SHA256

b5eff1a31dc5380c352b07e054087ae526aa8f3b00cb8f5a91849036a63b8993
SHA512

1694321b53954eb192c23c013ef814ea0a7872c223993af1eba19c1ac1017075d08e9a70e195c1428ed07a7101457cbc6480595009ba471985a890a30e16717e
SSDEEP

1536:ZOz1VrxqlMqHWqmJModHXmPgX5SCxb2gLf2ToSQBjtAlvbQW9+s++Szc8vJNd1:ZwQ64gMohX92gLZSQ2ll9n++SAUNd1

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
19e10d00e107f7be37ed14d1e7a788ad_JaffaCakes118

Files

19e10d00e107f7be37ed14d1e7a788ad_JaffaCakes118
.dll windows:5 windows x86 arch:x86

2c8821c70097f5a1d0d1715fb06abb11

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

L:\bkwKzyG\qdseasm\LHtl\bmle.pdb

Imports

gdi32

CreatePenIndirect
CreateBrushIndirect
CreateRoundRectRgn
StretchBlt
GetDeviceCaps
SetTextAlign
ExtFloodFill
SetDIBitsToDevice

user32

ModifyMenuW
GetMenu
GetClassLongA
LoadStringA
TrackPopupMenuEx
CopyRect
OpenInputDesktop
LoadCursorW
ChangeMenuW
MenuItemFromPoint
GetClassLongW
ShowWindow
GetWindow
CheckMenuRadioItem

comdlg32

GetOpenFileNameA
GetSaveFileNameA
FindTextW

kernel32

GlobalFlags
CancelWaitableTimer
ReleaseSemaphore
GetThreadLocale
GetCurrentThreadId
GetProcAddress
CreateEventW
CloseHandle
WinExec
GetTickCount
GetModuleHandleW
GetModuleHandleA
SetThreadContext

Exports

Exports

?SvjvkWMJHCwhCSe@@YGMKI@Z
?ubxCaakaltYvTZldh@@YGKM@Z
?uHfJtokkkhlxslcJqo@@YGPADPAJ@Z
?bYaqivxuPwnxjBwXzxKf@@YGJFPAG@Z
?bisrtOjhwXvoxcz@@YGPAXPAIJ@Z

Sections

.text
Size: 17KB - Virtual size: 16KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 255B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.crt
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 80KB - Virtual size: 80KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

2c8821c70097f5a1d0d1715fb06abb11

Headers

File Characteristics

PDB Paths

Imports

gdi32

user32

comdlg32

kernel32

Exports

Exports

Sections

.text Size: 17KB - Virtual size: 16KB

.data Size: 2KB - Virtual size: 14KB

.edata Size: 512B - Virtual size: 255B

.crt Size: 4KB - Virtual size: 4KB

.rsrc Size: 80KB - Virtual size: 80KB

.reloc Size: 2KB - Virtual size: 1KB

.text
Size: 17KB - Virtual size: 16KB

.data
Size: 2KB - Virtual size: 14KB

.edata
Size: 512B - Virtual size: 255B

.crt
Size: 4KB - Virtual size: 4KB

.rsrc
Size: 80KB - Virtual size: 80KB

.reloc
Size: 2KB - Virtual size: 1KB