282ca99ccf5fb5e8618976d478050923_JaffaCakes118

General

Target

282ca99ccf5fb5e8618976d478050923_JaffaCakes118
Size

190KB
MD5

282ca99ccf5fb5e8618976d478050923
SHA1

7bc7efa2eb48294363d9b5e36a99286570b296e6
SHA256

c28d8150bb75bd572f11be7cf01436f0bdb2c66c0d147b17a3d9e81802eb16e9
SHA512

af1598d79ca3657228952dcd759806ea2ceaa913f1d0a69f454e3e60ecc0331236a6a621e447bd56cdd77d322f615dcb3d7dde72fc9ccb918b7bbcb64db24706
SSDEEP

3072:/rV4VaHNBDUP0hf56aIrq3eI9kaUXoHNGaBfVzXQ+E74CeqTrDZxd:5iazBhQ1CNUXrcN0+EHeADZx

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
282ca99ccf5fb5e8618976d478050923_JaffaCakes118

Files

282ca99ccf5fb5e8618976d478050923_JaffaCakes118
.exe windows:5 windows x86 arch:x86

0f975919b85c17cc6ee4679291bba939

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

C:\uejlpadG\hparSIUu\HxWMhbno\HldyUc.pdb

Imports

user32

VkKeyScanW
GetClientRect
HideCaret
FrameRect
GetCaretBlinkTime
ClipCursor
MapVirtualKeyExA
GetForegroundWindow
DispatchMessageW
GetFocus
LockWindowUpdate
GetKeyState
GetCaretPos
SetScrollPos

ntdll

_vsnprintf

gdi32

CreateFontW
CreateRectRgnIndirect
WidenPath
Polygon
CreateHalftonePalette
RectVisible
SetROP2

shlwapi

PathRemoveArgsW
ChrCmpIW

kernel32

WaitCommEvent
CreateFileA
FindResourceW
GlobalSize
ClearCommBreak
ResetEvent
FindFirstFileW
OpenMutexA
OutputDebugStringA
lstrcmpW
SetThreadExecutionState
IsBadReadPtr
GetBinaryTypeA
FileTimeToSystemTime

Exports

Exports

?QnRdFrgvRmrNumQQz@@YGGKPAH@Z
?yApjexaeblquqmX@@YGHFN@Z

Sections

.itext
Size: 512B - Virtual size: 512B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.text
Size: 34KB - Virtual size: 34KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 59KB - Virtual size: 59KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 87KB - Virtual size: 159KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

0f975919b85c17cc6ee4679291bba939

Headers

File Characteristics

PDB Paths

Imports

user32

ntdll

gdi32

shlwapi

kernel32

Exports

Exports

Sections

.itext Size: 512B - Virtual size: 512B

.text Size: 34KB - Virtual size: 34KB

.rdata Size: 59KB - Virtual size: 59KB

.data Size: 87KB - Virtual size: 159KB

.rsrc Size: 4KB - Virtual size: 4KB

.reloc Size: 3KB - Virtual size: 3KB

.itext
Size: 512B - Virtual size: 512B

.text
Size: 34KB - Virtual size: 34KB

.rdata
Size: 59KB - Virtual size: 59KB

.data
Size: 87KB - Virtual size: 159KB

.rsrc
Size: 4KB - Virtual size: 4KB

.reloc
Size: 3KB - Virtual size: 3KB