218fd32784bb1e9676703aa652489623_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

218fd32784bb1e9676703aa652489623_JaffaCakes118
Size

112KB
MD5

218fd32784bb1e9676703aa652489623
SHA1

ecfc30799941b4166452f2d3376546966d08c1b8
SHA256

eaa19d2fe292e4e8ac82a7f76dbb68cd77ad7d85a43b707480edc1484be65a3c
SHA512

7cb9a1b0b3c9703f464538e5dae4df2056feb51b5ae915838742b4f4b874f9fb5e5b7549e8ebca676b81b93cce014dabf33b4989b7713be2564393976e910ceb
SSDEEP

3072:NVrl2P3AV1LVvu1n0eS//Tj4wQFL4tls:3Z2vA1Jvw0v//f4F

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
218fd32784bb1e9676703aa652489623_JaffaCakes118

Files

218fd32784bb1e9676703aa652489623_JaffaCakes118
.exe windows:5 windows x86 arch:x86

9996b8bcd8d7dc5c4565e41957be7c7e

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

Q:\RoqRoehj\txvOI\fyyJo.pdb

Imports

kernel32

FlushViewOfFile
LoadLibraryW
GetCommModemStatus
GetTimeFormatA
GetCommProperties
LocalReAlloc
LocalSize
CompareStringW
FindFirstChangeNotificationW
SetHandleCount
lstrlenW
GlobalMemoryStatusEx
TryEnterCriticalSection

shlwapi

PathIsUNCW
StrIsIntlEqualW
StrCmpNIW

gdi32

CreateBrushIndirect
CreatePalette
PolyBezier
SetLayout
GetObjectA
CreateBitmapIndirect
CreateFontW
GetDIBColorTable
GetPaletteEntries

user32

IsCharAlphaA
DrawAnimatedRects
GetWindowTextLengthA
PostMessageA
CheckRadioButton
RegisterWindowMessageA
GetWindowTextLengthW
DestroyIcon
wsprintfW
ChangeMenuW
CallWindowProcW
SendMessageTimeoutA
GetMenuItemRect

comctl32

DestroyPropertySheetPage
PropertySheetA

comdlg32

GetOpenFileNameW
GetOpenFileNameA
CommDlgExtendedError

Exports

Exports

?VQrHlcxJ@@YGXJD@Z
?pbMyrzwmahjwRSmPai@@YGPAGPAJD@Z
?ovzmVogRSunpEoVnupIv@@YGPAXGF@Z

Sections

.text
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.edata
Size: 512B - Virtual size: 172B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.xdata
Size: 64KB - Virtual size: 64KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 7KB - Virtual size: 71KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 20KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

9996b8bcd8d7dc5c4565e41957be7c7e

Headers

File Characteristics

PDB Paths

Imports

kernel32

shlwapi

gdi32

user32

comctl32

comdlg32

Exports

Exports

Sections

.text Size: 6KB - Virtual size: 5KB

.edata Size: 512B - Virtual size: 172B

.xdata Size: 64KB - Virtual size: 64KB

.data Size: 7KB - Virtual size: 71KB

.pdata Size: 11KB - Virtual size: 11KB

.rsrc Size: 20KB - Virtual size: 19KB

.reloc Size: 1KB - Virtual size: 1KB

.text
Size: 6KB - Virtual size: 5KB

.edata
Size: 512B - Virtual size: 172B

.xdata
Size: 64KB - Virtual size: 64KB

.data
Size: 7KB - Virtual size: 71KB

.pdata
Size: 11KB - Virtual size: 11KB

.rsrc
Size: 20KB - Virtual size: 19KB

.reloc
Size: 1KB - Virtual size: 1KB