3408f0e6a3060f6683751814bf1349b6_JaffaCakes118

General

Target

3408f0e6a3060f6683751814bf1349b6_JaffaCakes118
Size

174KB
MD5

3408f0e6a3060f6683751814bf1349b6
SHA1

7402f52e637e6ae396cda1533bc54431931c39d8
SHA256

42dfcac28d410e3496c78f15c892ff14938479d7de0f94dc58483d3035a9fb06
SHA512

0e1dc1dc3c52cb918bb5a4cbd330437c8587dea6a53ac9d53008ebe9fe84bb621a410315df11d114c2ceff8334299902437036e5a0f63ee9f8f20ad7aafafa78
SSDEEP

3072:YpSfMMRWkcXCiZNRL2EGYFls8LVfCNNZAriX5z2EUHxLQhXXebz4:gllZuEhrLVfwNZTJz2DJye/

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3408f0e6a3060f6683751814bf1349b6_JaffaCakes118

Files

3408f0e6a3060f6683751814bf1349b6_JaffaCakes118
.exe windows:5 windows x86 arch:x86

a8918efcffad430fcd918c8529562c43

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

Z:\zlmucixH\padqaFjv\ecogp\Fkmj.pdb

Imports

user32

GrayStringW
OpenIcon
GetMenu
ShowWindowAsync
MenuItemFromPoint
LoadCursorW
DialogBoxIndirectParamW
GetWindow
MessageBoxExW
IsWindowEnabled
IntersectRect
ShowCursor
GetClassLongA

gdi32

EnumFontsW
GetTextExtentPointA
CreateRectRgn
GetROP2
CreateDIBitmap
CreatePatternBrush
SetROP2
CombineRgn

comctl32

ImageList_ReplaceIcon
ImageList_Create
DestroyPropertySheetPage
ImageList_Write

kernel32

CreateEventW
GetProcAddress
VirtualQuery
RegisterWaitForSingleObject
VirtualProtect
CloseHandle
AddAtomW
GetThreadLocale
GetTickCount
GetLastError
GetModuleHandleW
GetModuleHandleA
AddAtomA

Exports

Exports

?dLGbuVunkqPwf@@YGKHPA_N@Z
?yJbOsketyMM@@YGHPADG@Z
?lcKpxbmqoBItPryFv@@YGGJ@Z
?incerxczpJneK@@YGPA_NPADPAD@Z
?dkxzsEbqaxGoyr@@YGDM@Z
?nbitkoixTMsr@@YGXJH@Z

Sections

.text
Size: 18KB - Virtual size: 17KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 82KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 273B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.crt
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 146KB - Virtual size: 146KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a8918efcffad430fcd918c8529562c43

Headers

File Characteristics

PDB Paths

Imports

user32

gdi32

comctl32

kernel32

Exports

Exports

Sections

.text Size: 18KB - Virtual size: 17KB

.data Size: 2KB - Virtual size: 82KB

.edata Size: 512B - Virtual size: 273B

.crt Size: 4KB - Virtual size: 4KB

.rsrc Size: 146KB - Virtual size: 146KB

.reloc Size: 2KB - Virtual size: 2KB

.text
Size: 18KB - Virtual size: 17KB

.data
Size: 2KB - Virtual size: 82KB

.edata
Size: 512B - Virtual size: 273B

.crt
Size: 4KB - Virtual size: 4KB

.rsrc
Size: 146KB - Virtual size: 146KB

.reloc
Size: 2KB - Virtual size: 2KB