3ff8d3bea3a7dcbecf2fca415844bebd_JaffaCakes118

General

Target

3ff8d3bea3a7dcbecf2fca415844bebd_JaffaCakes118
Size

171KB
MD5

3ff8d3bea3a7dcbecf2fca415844bebd
SHA1

a72f8deb8fc74f0dba4beac5853e24a9e3cf1642
SHA256

44b19366ca1943eec1ad27cb593b11fc97cb7d2a62995e53d122a727c85f5875
SHA512

aa5f6625da6676f140f431a67b2365faca4066b0d870323549783578e2e2053ee5e82981284ff32c1ba47cabfa11dd02335c202103ce637d9c9bf3fec6965cee
SSDEEP

3072:VQhPlsfGyfVMh5wk+uUxMJR8Z8kIQLFB8dgI/ic07pjJ5:VQhelfV6+uUxMsZp31Im

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3ff8d3bea3a7dcbecf2fca415844bebd_JaffaCakes118

Files

3ff8d3bea3a7dcbecf2fca415844bebd_JaffaCakes118
.exe windows:5 windows x86 arch:x86

043b2d75bf376663477d0101f9fa5da2

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

Y:\nrmh\xriyUpvs\hpGn\wsOfy\vHAog.pdb

Imports

shlwapi

StrCatW

comctl32

InitCommonControlsEx
PropertySheetW
CreatePropertySheetPageW
CreateToolbarEx
DestroyPropertySheetPage

user32

GetDlgCtrlID
DestroyMenu
CopyAcceleratorTableW
ValidateRect
GetWindowLongA
GetDlgItemTextA
RemoveMenu
GetClipCursor
GetTopWindow
GetCursorPos
keybd_event
CharLowerW
LoadAcceleratorsA
LoadMenuW
DefFrameProcA
ShowWindowAsync
PostThreadMessageA
UnloadKeyboardLayout
TabbedTextOutW
InsertMenuW
EnumChildWindows
ArrangeIconicWindows
EnableMenuItem
SendMessageA
SetRect
DispatchMessageA
GetKeyNameTextW
SetMenu
LoadBitmapW
BringWindowToTop
SendNotifyMessageW
LoadImageW
SwitchToThisWindow

gdi32

CreateFontIndirectW
LineDDA
PathToRegion
ExcludeClipRect
ResizePalette
StartDocW
CreateSolidBrush
GetTextMetricsW
CreatePalette
CreatePatternBrush
CreateCompatibleBitmap
CreateHalftonePalette
SetViewportOrgEx
OffsetViewportOrgEx

kernel32

GetCommandLineW
SetThreadLocale
GetCompressedFileSizeW
LoadLibraryA
UnmapViewOfFile
CreateEventW
GetCurrentThread
FreeLibrary
ResumeThread
HeapLock
GetCommModemStatus
MoveFileExW
DeviceIoControl
GetLastError
GlobalReAlloc
TerminateThread

Exports

Exports

?_EnumDesktopsA@@YGXEH@Z

Sections

.text
Size: 120KB - Virtual size: 120KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: - Virtual size: 128KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 48KB - Virtual size: 47KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

043b2d75bf376663477d0101f9fa5da2

Headers

File Characteristics

PDB Paths

Imports

shlwapi

comctl32

user32

gdi32

kernel32

Exports

Exports

Sections

.text Size: 120KB - Virtual size: 120KB

.rdata Size: - Virtual size: 128KB

.rsrc Size: 48KB - Virtual size: 47KB

.reloc Size: 1KB - Virtual size: 1KB

.text
Size: 120KB - Virtual size: 120KB

.rdata
Size: - Virtual size: 128KB

.rsrc
Size: 48KB - Virtual size: 47KB

.reloc
Size: 1KB - Virtual size: 1KB