2fb6e6c856f2bb7eb38a0fabbb04fa4a_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

2fb6e6c856f2bb7eb38a0fabbb04fa4a_JaffaCakes118
Size

116KB
MD5

2fb6e6c856f2bb7eb38a0fabbb04fa4a
SHA1

09c9c00694565fb8a54be0e996a118410121d4df
SHA256

aefd4e2547956482be100fc18cbe97782c7754acbe8f3b5db2a1254f2fb64f9f
SHA512

4c6209cad64fdcb59751e2294582cab63817a5b68ab055976bb93b432783c39792081077393361b5c0b2579fb6820e5ce25f5eb2c4f5f8e79ececc18f315502f
SSDEEP

3072:68XF9SfJJhM80fiP9T1FdToIVInjQ4OSUhQkAZISiEMMl+QE:6mFAhkfeFdMeezOxEZPoM

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2fb6e6c856f2bb7eb38a0fabbb04fa4a_JaffaCakes118

Files

2fb6e6c856f2bb7eb38a0fabbb04fa4a_JaffaCakes118
.exe windows:5 windows x86 arch:x86

cab510d38ca67eab94dcfcdd9babae9d

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

S:\jhlpP\nKMpv\uKcl\xivXnhm.pdb

Imports

shlwapi

StrSpnW
StrToInt64ExW
PathCanonicalizeW

user32

GetKeyNameTextW
InvertRect
InternalGetWindowText
MapVirtualKeyExW
DeferWindowPos
InvalidateRgn
GetClassInfoA
GetMenuState
GetClipboardData
CopyImage
GetClipCursor
DrawIcon

gdi32

CreateFontIndirectW
RectInRegion
CreateRectRgnIndirect
GetTextCharsetInfo
CreateDIBitmap

msvcrt

exit

kernel32

ExitProcess
SetFileAttributesA
MoveFileExW
UnhandledExceptionFilter
MoveFileA
GetSystemWindowsDirectoryA
LocalLock

Exports

Exports

?_iwgcowqkDTJB_K@@YGXPAK@Z
?QHP_VWg__BAXu_weTINXJN@@YGXN@Z
?ruBhzbzk_w@@YGXF@Z
?Y_rjtz_r__@@YGPAIGI@Z
?ZTD___SRN_UV_Md@@YGPAIPAJI@Z
?IPL___BZduvkneoLLigq@@YGNGPAH@Z
?tcruqFGMZ_WztccECP_tq@@YGEE@Z
?pk__ax___wKGRNVYZP__TH@@YGNPANK@Z
?voh_qnGN___HI_D_@@YGMPA_NF@Z
?buufha_dtOH@@YGPADJ@Z
?ADVEWBhzjt_JSx__lqV@@YGPAMDI@Z
?wwz_x_jjhjhb_@@YGNPAGF@Z
?SSDB__V_ihYERE@@YGKDPAM@Z
?_yM_oqN_SLJWYOGR@@YGGHD@Z
?JBGCEDFBV_UFM@@YGPAEPAK@Z

Sections

.text
Size: 45KB - Virtual size: 45KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 33KB - Virtual size: 153KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 20KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.pdata
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 3KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

cab510d38ca67eab94dcfcdd9babae9d

Headers

File Characteristics

PDB Paths

Imports

shlwapi

user32

gdi32

msvcrt

kernel32

Exports

Exports

Sections

.text Size: 45KB - Virtual size: 45KB

.data Size: 33KB - Virtual size: 153KB

.rdata Size: 20KB - Virtual size: 20KB

.pdata Size: 10KB - Virtual size: 9KB

.rsrc Size: 3KB - Virtual size: 4KB

.reloc Size: 2KB - Virtual size: 1KB

.text
Size: 45KB - Virtual size: 45KB

.data
Size: 33KB - Virtual size: 153KB

.rdata
Size: 20KB - Virtual size: 20KB

.pdata
Size: 10KB - Virtual size: 9KB

.rsrc
Size: 3KB - Virtual size: 4KB

.reloc
Size: 2KB - Virtual size: 1KB