276b7a74a2176ac41777c3ebbf3900cf_JaffaCakes118

General

Target

276b7a74a2176ac41777c3ebbf3900cf_JaffaCakes118
Size

69KB
MD5

276b7a74a2176ac41777c3ebbf3900cf
SHA1

5c7a3e08d3d8fe1249178fdc33c1c6541d8d0042
SHA256

748bd3c1f2fb86332f5337326dfc489c1a0b14a7f934aea225bf45a9f9ccf587
SHA512

04de372f9b7c92259939e09b964ee9b935bb99cf4b1dc17b910956ad4c50a4006b57f142b164ce4a94366e5bac5a7c3c1f62052099e174b10c320865d83ac244
SSDEEP

1536:4nCkq0L1HzWQuznecDjVxM5nOoGzsNGygGdTBU/CY69JaOTl2gca:4Ckq0LpzZsnXDjM5nOoGzsfd+C3ac

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
276b7a74a2176ac41777c3ebbf3900cf_JaffaCakes118

Files

276b7a74a2176ac41777c3ebbf3900cf_JaffaCakes118
.exe windows:5 windows x86 arch:x86

f45ce71113745d1090bbc35c7ceac797

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

keybd_event
GetSysColorBrush
FindWindowA
GetDlgCtrlID
GetWindowRect
SetFocus
DestroyMenu
GetMessageW
GetMenu
CreateIconIndirect
CreateIconFromResource
GetClassNameW
GetCursor
InternalGetWindowText

ntdll

memset

gdi32

TextOutW
GetClipBox
GetTextExtentPoint32A
RemoveFontResourceW
GetLayout
CreateSolidBrush
CreateRectRgn
CreateDiscardableBitmap
DeleteDC
DeleteObject
RealizePalette

kernel32

GetACP
GetStringTypeW
FindResourceA
OpenFileMappingW
FindClose
FindNextFileA
GetModuleHandleA
FileTimeToLocalFileTime
GetFileTime
GetDateFormatW
GetCommProperties
GetAtomNameW
LoadLibraryW
lstrcatA

shlwapi

PathBuildRootA
PathFindFileNameA

Exports

Exports

_WxpgIqqh_uoozdijxv_v@12
_YtlEfywmd_Anktursy@4
_KpvpzKlq_uvtplqa@16
_Qkrtftox_Nnscxwl_yfljm@16
_Dzrdyibw_cisxVwxr_mks@4

Sections

.text
Size: 14KB - Virtual size: 14KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 10KB - Virtual size: 82KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

DATA
Size: 37KB - Virtual size: 37KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f45ce71113745d1090bbc35c7ceac797

Headers

File Characteristics

Imports

user32

ntdll

gdi32

kernel32

shlwapi

Exports

Exports

Sections

.text Size: 14KB - Virtual size: 14KB

.rdata Size: 10KB - Virtual size: 82KB

.data Size: 1KB - Virtual size: 1KB

DATA Size: 37KB - Virtual size: 37KB

.rsrc Size: 3KB - Virtual size: 2KB

.reloc Size: 3KB - Virtual size: 3KB

.text
Size: 14KB - Virtual size: 14KB

.rdata
Size: 10KB - Virtual size: 82KB

.data
Size: 1KB - Virtual size: 1KB

DATA
Size: 37KB - Virtual size: 37KB

.rsrc
Size: 3KB - Virtual size: 2KB

.reloc
Size: 3KB - Virtual size: 3KB