1c3405cbc7ae0bcd42fa4a0e50dd2edc_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

1c3405cbc7ae0bcd42fa4a0e50dd2edc_JaffaCakes118
Size

74KB
MD5

1c3405cbc7ae0bcd42fa4a0e50dd2edc
SHA1

00f5e2aee586e0994f775eecfab23eb0a85b2b24
SHA256

11e0c633d01682c979a9ad540b9e1fb6d999384570dfc759b11e6777b8775a25
SHA512

f3705ef58e9d465561c3199130b26e468f145f3886cd55a8ba49e7ba5eee382be4d34f5e9aabbfea7a9c7a2fdbead177f44fcd4d38bbe7f584e32835910838f8
SSDEEP

768:qNjG4lDDe0ObeXAkRBNlNAaQHdQG1MujG/cYgug/+j1mmiR78B3VTlQS3jpeXGxx:4Je0ObAR7SxmcYPg0Qd0hlEpt8U47

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1c3405cbc7ae0bcd42fa4a0e50dd2edc_JaffaCakes118

Files

1c3405cbc7ae0bcd42fa4a0e50dd2edc_JaffaCakes118
.exe windows:5 windows x86 arch:x86

8781f2bafa0a5bf0ee908d31a5da8832

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

N:\AtweD\malvRkll\cezmSu.pdb

Imports

user32

SetParent
UnloadKeyboardLayout
CharUpperW
InSendMessageEx
GetScrollPos
GetWindowRect
MapVirtualKeyA
GetClassNameW
PostThreadMessageW
DrawFrameControl
CharToOemBuffA
EnableMenuItem
IsWindowUnicode
LoadIconA

ntdll

_stricmp
memset

shlwapi

PathMakePrettyW
StrSpnA

kernel32

FileTimeToSystemTime
GetCurrentThreadId
ExitProcess
OpenFileMappingW
GetLocalTime
SetSystemTime
InterlockedExchangeAdd
InterlockedExchange
lstrlenA
OpenFileMappingA
GetCurrentProcessId

gdi32

EnumFontsW
GetCurrentObject
ScaleViewportExtEx
SelectPalette
CreateFontIndirectW
SaveDC

Exports

Exports

?_tp_q_cu_I_tmj_v_v@@YGIJ@Z
?KKY__VFI@@YGXK@Z
?P_JytmucRnihfr__@@YGEJF@Z
?CSERPi_XMVWQJUYN@@YGKJPAN@Z
?HI_VswOZ@@YGPAFPAF@Z
?H___LWOOBBX_SZGX_d@@YGKPAGPAI@Z

Sections

.code
Size: 23KB - Virtual size: 22KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 28KB - Virtual size: 96KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 346B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.import
Size: 1024B - Virtual size: 948B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 9KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

8781f2bafa0a5bf0ee908d31a5da8832

Headers

File Characteristics

PDB Paths

Imports

user32

ntdll

shlwapi

kernel32

gdi32

Exports

Exports

Sections

.code Size: 23KB - Virtual size: 22KB

.data Size: 28KB - Virtual size: 96KB

.rdata Size: 10KB - Virtual size: 10KB

.edata Size: 512B - Virtual size: 346B

.import Size: 1024B - Virtual size: 948B

.rsrc Size: 9KB - Virtual size: 12KB

.reloc Size: 1KB - Virtual size: 1KB

.code
Size: 23KB - Virtual size: 22KB

.data
Size: 28KB - Virtual size: 96KB

.rdata
Size: 10KB - Virtual size: 10KB

.edata
Size: 512B - Virtual size: 346B

.import
Size: 1024B - Virtual size: 948B

.rsrc
Size: 9KB - Virtual size: 12KB

.reloc
Size: 1KB - Virtual size: 1KB