1bcad17db49e1d0606092e24f2fa6263_JaffaCakes118

General

Target

1bcad17db49e1d0606092e24f2fa6263_JaffaCakes118
Size

186KB
MD5

1bcad17db49e1d0606092e24f2fa6263
SHA1

09779045e5cda6b6330f2f533316178c5a9e6c46
SHA256

4f96f615f454aeaa9cb734c01d86ed6d8712fb297284aedf3d6206f0eaef62f4
SHA512

32b3e0a94fd91e17c53bde88a1eab983d4ce77683603d067bb85957f8e1d8a093b655420f4db307c0b8f3bca7584b6b6d91540266badcd4048600bec6a1bdb54
SSDEEP

3072:QxJ7EuKpdBVbmx4VcQd+KXKZJibSzC2vBrVayI7IJMgnAez:0RE/dsxyl1XKZwbKayIaMBez

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1bcad17db49e1d0606092e24f2fa6263_JaffaCakes118

Files

1bcad17db49e1d0606092e24f2fa6263_JaffaCakes118
.exe windows:5 windows x86 arch:x86

64ae0b117951b94905da6803fdf5e402

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

K:\yuJkjJL\nidzre\pexsXvv\dsGKo\xphge.pdb

Imports

comctl32

ImageList_Remove
ImageList_Write
ImageList_Draw
ImageList_Read

user32

DefWindowProcW
AdjustWindowRect
CharToOemW
GetMenu
EndMenu
CheckMenuRadioItem
GetKeyboardLayoutList
GetScrollRange
SetScrollPos
DeleteMenu
LookupIconIdFromDirectory
GetUserObjectInformationA
wsprintfW
FindWindowW

gdi32

StretchDIBits
GetWindowOrgEx
RemoveFontResourceW
WidenPath
SetRectRgn
Ellipse
CombineRgn
GetObjectW
PolyBezier

shlwapi

StrCatBuffW
PathGetArgsW

kernel32

CreateNamedPipeA
OpenFileMappingA
SearchPathA
LoadLibraryA
lstrlenW
CreateFileMappingA
GetCompressedFileSizeW
LocalFree
GetSystemWindowsDirectoryA
SetPriorityClass
WinExec
SetHandleInformation
WaitForSingleObject
FindCloseChangeNotification

Exports

Exports

?ewrzzhpNavGbyLgbe@@YGXPAJD@Z
?qeacqqXyeGeLLOlccyl@@YGGI@Z
?hvymoQQWeoZQqdsbibkyug@@YGXPANPAN@Z
?jwkPbiVuy@@YG_NI@Z
?AjsfeUagdsJn@@YGFNPAM@Z
?tmbfTiiFIz@@YGPAXPAH@Z
?eRrWeuafjNEmnqeBcu@@YGPAK_NPAK@Z

Sections

.text
Size: 41KB - Virtual size: 40KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.edata
Size: 1024B - Virtual size: 1024B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 6KB - Virtual size: 290KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 133KB - Virtual size: 133KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

64ae0b117951b94905da6803fdf5e402

Headers

File Characteristics

PDB Paths

Imports

comctl32

user32

gdi32

shlwapi

kernel32

Exports

Exports

Sections

.text Size: 41KB - Virtual size: 40KB

.edata Size: 1024B - Virtual size: 1024B

.data Size: 6KB - Virtual size: 290KB

.rsrc Size: 133KB - Virtual size: 133KB

.reloc Size: 5KB - Virtual size: 4KB

.text
Size: 41KB - Virtual size: 40KB

.edata
Size: 1024B - Virtual size: 1024B

.data
Size: 6KB - Virtual size: 290KB

.rsrc
Size: 133KB - Virtual size: 133KB

.reloc
Size: 5KB - Virtual size: 4KB