3b0c3e768e42b698e3d67503463ee642_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

3b0c3e768e42b698e3d67503463ee642_JaffaCakes118
Size

98KB
MD5

3b0c3e768e42b698e3d67503463ee642
SHA1

c61527cdc6bf546375fae79180eaeb83acc19fc0
SHA256

27b8ad8750d96d71c5272b1777260835b72acd4f5f1aa7cce60104a93429064c
SHA512

938dc30b77bb72b1b89eece32c9508bdd47c4489d02cf5d1106f4a7b71f70a7241b8fcb53892e34acd8b587181c5593ee8ff63ff74c2654ce29e2a22319021f5
SSDEEP

1536:ZH0ocUUtl2P9TTp2LDbHEbSE4bHvrVjli1yHveFx3vf+Nrmoc8:+ocNl2PxsLDbpE4bHzVMyHvefc

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3b0c3e768e42b698e3d67503463ee642_JaffaCakes118

Files

3b0c3e768e42b698e3d67503463ee642_JaffaCakes118
.exe windows:5 windows x86 arch:x86

dff06c7e06368b137bb4050bb2f14d7e

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

E:\pXBsoj\iucrmplw\WdeCa\xMoE.pdb

Imports

gdi32

GetPaletteEntries
SetViewportExtEx
Ellipse
GetBkMode
GetClipBox
CreatePolygonRgn
PolyBezier
SelectPalette

kernel32

EnterCriticalSection
GetOEMCP
FreeLibrary
GetComputerNameW
IsValidLocale
GetLocaleInfoW
GlobalAlloc
SetHandleInformation
lstrcpyA
GetModuleHandleA
LoadLibraryW
lstrlenW
EnumSystemLocalesA
GetSystemDefaultUILanguage

shlwapi

PathIsUNCW
StrCmpNIW

user32

IsCharAlphaA
GetWindowTextLengthA
SendMessageTimeoutW
wsprintfW
GetDCEx
GetWindowTextLengthW
GetMenuItemCount
SendMessageTimeoutA
ScreenToClient
EqualRect
CheckDlgButton
IsDialogMessageW

Exports

Exports

?eiBalGkhVj@@YGPAEPAM@Z
?iPieoOantpbKrJj@@YGJPAEM@Z
?rosrPsLicyaxlrybRS@@YGDM@Z

Sections

.text
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.edata
Size: 512B - Virtual size: 167B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.xdata
Size: 64KB - Virtual size: 64KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 7KB - Virtual size: 71KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

dff06c7e06368b137bb4050bb2f14d7e

Headers

File Characteristics

PDB Paths

Imports

gdi32

kernel32

shlwapi

user32

Exports

Exports

Sections

.text Size: 5KB - Virtual size: 4KB

.edata Size: 512B - Virtual size: 167B

.xdata Size: 64KB - Virtual size: 64KB

.data Size: 7KB - Virtual size: 71KB

.pdata Size: 11KB - Virtual size: 11KB

.rsrc Size: 8KB - Virtual size: 7KB

.reloc Size: 1KB - Virtual size: 1KB

.text
Size: 5KB - Virtual size: 4KB

.edata
Size: 512B - Virtual size: 167B

.xdata
Size: 64KB - Virtual size: 64KB

.data
Size: 7KB - Virtual size: 71KB

.pdata
Size: 11KB - Virtual size: 11KB

.rsrc
Size: 8KB - Virtual size: 7KB

.reloc
Size: 1KB - Virtual size: 1KB