2ce6168e29b1b368c9b4a55b235143ed_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

2ce6168e29b1b368c9b4a55b235143ed_JaffaCakes118
Size

2.9MB
MD5

2ce6168e29b1b368c9b4a55b235143ed
SHA1

79bacd2c18ea611c85e922f18766b92ece85738a
SHA256

8b40c590dd8f86d12ccbb5d4fef8e0f886cfd623241895799990c86cc2d44124
SHA512

ff2ebace3298c8113c9d35cee280c6f80c1b418a394689d7fc1e16b3da1895b4fb0bfa2b86d80a76ac9a5192a6f8a6b5cc11466ca611aadec66a2ecf1348596f
SSDEEP

49152:7pIR/XZ6cTD60l6esN1QEn+4feSOVZPz1qh0jfdjdiWvocx6E9fIdGk6o7yd7NW:7pIRvpTD6O6DQEn/ferNz1Nt5B9fEpPn

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2ce6168e29b1b368c9b4a55b235143ed_JaffaCakes118

Files

2ce6168e29b1b368c9b4a55b235143ed_JaffaCakes118
.exe windows:5 windows x86 arch:x86

da87961e627b1586bbed671ef33b3ce3

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

B:\lzmgvpFq\xxomkJnyb\wogAXBo\ljPmXUcgbv.QcT

Imports

comctl32

CreatePropertySheetPageA
ImageList_Remove
CreateToolbarEx
ImageList_GetIconSize

gdi32

BitBlt
CreateFontIndirectA
CreatePolygonRgn
TranslateCharsetInfo
TextOutA
OffsetViewportOrgEx
Ellipse
IntersectClipRect

ole32

CoTaskMemAlloc
CoTaskMemFree

shlwapi

StrCatBuffW

user32

SetRect
SetMenuDefaultItem
DialogBoxIndirectParamA
MonitorFromRect
wsprintfW
RemovePropW
GetCaretPos
CreatePopupMenu
GetClassLongA
GetWindowTextW
DefFrameProcW
RegisterClassExA
ShowCursor

comdlg32

GetOpenFileNameW
PrintDlgW

kernel32

GetFileAttributesExA
GetAtomNameA
VerifyVersionInfoW
VirtualProtect
DeleteFileW
GlobalMemoryStatus
CreateMailslotW
FileTimeToDosDateTime
UnhandledExceptionFilter
CompareStringA
GetComputerNameExW
ClearCommBreak

Exports

Exports

?GnPRDgbbAl@@YGIDPAK@Z
LoviatqjluptseOnfbuxP
ItyXmlhknwfdrQsa
Qxjgqtc
_PwFnvpsnkzqw
BeIyysnIcgbehamjmw

Sections

.itext
Size: 18KB - Virtual size: 17KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.text
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 7KB - Virtual size: 7.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2.9MB - Virtual size: 2.9MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

da87961e627b1586bbed671ef33b3ce3

Headers

File Characteristics

PDB Paths

Imports

comctl32

gdi32

ole32

shlwapi

user32

comdlg32

kernel32

Exports

Exports

Sections

.itext Size: 18KB - Virtual size: 17KB

.text Size: 5KB - Virtual size: 4KB

.data Size: 7KB - Virtual size: 7.2MB

.rsrc Size: 2.9MB - Virtual size: 2.9MB

.reloc Size: 3KB - Virtual size: 2KB

.itext
Size: 18KB - Virtual size: 17KB

.text
Size: 5KB - Virtual size: 4KB

.data
Size: 7KB - Virtual size: 7.2MB

.rsrc
Size: 2.9MB - Virtual size: 2.9MB

.reloc
Size: 3KB - Virtual size: 2KB