3f5763261c358aa5ae5efd41fcb63107_JaffaCakes118

General

Target

3f5763261c358aa5ae5efd41fcb63107_JaffaCakes118
Size

182KB
MD5

3f5763261c358aa5ae5efd41fcb63107
SHA1

d135d6203f8a1d10d209420114a3a407e8106644
SHA256

20c3042a8d67c750f470545c7aaddc580d08448c8d0c2e903a86506e34f69e52
SHA512

b2314a2b6f22f764990645af404a3b39e2ca92d7f910b7c87e3c0d1b28920273dfa9a258a4e8802a783843fff6a16add51ee20ca23290e8778abd7d3951a9694
SSDEEP

3072:ziC+pfner0K+M0AxApDkr+VfBWI59UM++/PURpQyNUgqaRyO:Z+pfnI0TfoApDTVJD9X++/PUDNUu0O

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3f5763261c358aa5ae5efd41fcb63107_JaffaCakes118

Files

3f5763261c358aa5ae5efd41fcb63107_JaffaCakes118
.exe windows:5 windows x86 arch:x86

ec83cf8f4bc1edfc67ef185644fd8cf9

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

D:\kclG\QqpWPwMx\lhapgVuj.pdb

Imports

user32

GetWindowRect
GetDCEx
GetWindowPlacement
BeginPaint
ReplyMessage
ArrangeIconicWindows
GetParent
GetAsyncKeyState
SetWindowPos
GetDesktopWindow
IsWindowUnicode
SendInput
GetWindow

kernel32

GetFullPathNameA
GetStartupInfoW
lstrcmpiW
lstrlenW
DuplicateHandle
EnumResourceNamesA
Sleep
FreeResource
GetSystemDefaultLangID
SetCommBreak
GetLocaleInfoA
GetLongPathNameW
HeapFree

gdi32

GetSystemPaletteUse
MoveToEx
GetDeviceCaps
SetAbortProc
GetTextExtentExPointW
SetDIBitsToDevice
CreateRoundRectRgn
UnrealizeObject
ScaleWindowExtEx

ntdll

_aullrem

Exports

Exports

?oJauvSOczrnwgeaLmdwf@@YGPAIPAEE@Z
?nbgKCwXVnfnHrylphF@@YGJI@Z
?ygbhYCsdsVfati@@YGPAKK@Z

Sections

.text
Size: 17KB - Virtual size: 17KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 19KB - Virtual size: 99KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.new
Size: 132KB - Virtual size: 132KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ec83cf8f4bc1edfc67ef185644fd8cf9

Headers

File Characteristics

PDB Paths

Imports

user32

kernel32

gdi32

ntdll

Exports

Exports

Sections

.text Size: 17KB - Virtual size: 17KB

.data Size: 19KB - Virtual size: 99KB

.new Size: 132KB - Virtual size: 132KB

.idata Size: 1KB - Virtual size: 1KB

.rsrc Size: 8KB - Virtual size: 8KB

.reloc Size: 3KB - Virtual size: 2KB

.text
Size: 17KB - Virtual size: 17KB

.data
Size: 19KB - Virtual size: 99KB

.new
Size: 132KB - Virtual size: 132KB

.idata
Size: 1KB - Virtual size: 1KB

.rsrc
Size: 8KB - Virtual size: 8KB

.reloc
Size: 3KB - Virtual size: 2KB