3e7290f0cb41491fc3d5905074d85c9a_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

3e7290f0cb41491fc3d5905074d85c9a_JaffaCakes118
Size

148KB
MD5

3e7290f0cb41491fc3d5905074d85c9a
SHA1

93174e5d086456aa48b85c1cca845f86846014c1
SHA256

ec58c7a9e3b224aa370443c2a5af8ef07900637144ebbfdf902e21ae439b4da8
SHA512

69ce996bdea2be1f1579f0a449e44895eefc003699578bd82a129401fda25e6561b62e334946bc2a3645ffe4f34253cb54ae1cb2906b8e02b6851a9f7a3bfdcf
SSDEEP

3072:F2KHgUovB2ifG18BYahhlmwdrfbIGADmWrCdDzxaOIOtmygftv:oKHgUoB7fG1Jad3drfMry53sOIOgv

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3e7290f0cb41491fc3d5905074d85c9a_JaffaCakes118

Files

3e7290f0cb41491fc3d5905074d85c9a_JaffaCakes118
.exe windows:5 windows x86 arch:x86

45e525899b61884c118d7b7f99dbc306

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

S:\XhxrJp\pYkjIt\SZizWuXB\apmYHf\YjrWi.pdb

Imports

kernel32

UnhandledExceptionFilter
lstrlenW
GetAtomNameA
GetLocaleInfoA
GetConsoleWindow
GetThreadPriority
CallNamedPipeW
Sleep
GetThreadContext
DisconnectNamedPipe
ReadFile
ConnectNamedPipe
WaitCommEvent

comctl32

ImageList_Read
CreateToolbarEx
ImageList_GetIconSize

gdi32

SetTextAlign
SetBkColor
EnumFontFamiliesW
SetTextColor
CreateDIBitmap
GetPaletteEntries
CreateRectRgnIndirect

ntdll

_aullrem

shlwapi

StrCatChainW
StrIsIntlEqualW
UrlIsNoHistoryW

user32

IsCharAlphaNumericA
CloseDesktop
GetDoubleClickTime
DestroyAcceleratorTable
LookupIconIdFromDirectory
wsprintfW
OffsetRect
DrawAnimatedRects
InsertMenuW
MessageBoxExA
GetClientRect
DestroyWindow
GetActiveWindow

Exports

Exports

?ZHevIqQl@@YGHKD@Z
?vllCydwMMpwiX@@YGPAXN@Z

Sections

.text
Size: 512B - Virtual size: 512B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.code
Size: 31KB - Virtual size: 30KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.edata
Size: 512B - Virtual size: 121B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 23KB - Virtual size: 279KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 76KB - Virtual size: 76KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

45e525899b61884c118d7b7f99dbc306

Headers

File Characteristics

PDB Paths

Imports

kernel32

comctl32

gdi32

ntdll

shlwapi

user32

Exports

Exports

Sections

.text Size: 512B - Virtual size: 512B

.code Size: 31KB - Virtual size: 30KB

.edata Size: 512B - Virtual size: 121B

.data Size: 23KB - Virtual size: 279KB

.rdata Size: 76KB - Virtual size: 76KB

.rsrc Size: 13KB - Virtual size: 13KB

.reloc Size: 3KB - Virtual size: 2KB

.text
Size: 512B - Virtual size: 512B

.code
Size: 31KB - Virtual size: 30KB

.edata
Size: 512B - Virtual size: 121B

.data
Size: 23KB - Virtual size: 279KB

.rdata
Size: 76KB - Virtual size: 76KB

.rsrc
Size: 13KB - Virtual size: 13KB

.reloc
Size: 3KB - Virtual size: 2KB