4054719df69f476b060253be342a1743_JaffaCakes118

General

Target

4054719df69f476b060253be342a1743_JaffaCakes118
Size

158KB
MD5

4054719df69f476b060253be342a1743
SHA1

5de716dd95d4433902d8c8a66563772b3e1f8e12
SHA256

7ef4cd465578c622013beec52ee04f661499b309238080eedd20e82b2c98215a
SHA512

ac5315f267fb9ee20ca907daff9be3a4898e02280b70b98383fc24a02cbf83c4e94b5493e9bf11a5d0c99f28c4254848f5e6d26ba70da79618e355ab42fd1ac5
SSDEEP

3072:chbG0ts4cci7w9zCZX81EvJ2hw4jeyNY3wzNA9PdhO9b:Ilts4cB7w9CZXTvJ2a6PN58hO

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4054719df69f476b060253be342a1743_JaffaCakes118

Files

4054719df69f476b060253be342a1743_JaffaCakes118
.exe windows:5 windows x86 arch:x86

3c73bbf9014560f6ac31b8f3cc69e881

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

C:\yjkij\yewSywxk\Uepyeo\Cjme\IvLmmllp.pdb

Imports

user32

CharToOemA
SwitchToThisWindow
CreateIconFromResource
GetClassInfoExA
GetIconInfo
LoadMenuW
OffsetRect
WindowFromPoint
CharLowerBuffW
GetPropW
CreateMenu
IsWindowEnabled

shlwapi

UrlGetPartA
StrToIntW
StrCpyW

kernel32

lstrcpyW
LocalLock
VirtualAlloc
LocalReAlloc
SetCommTimeouts
GetCurrentDirectoryW
lstrcmpiA
GetComputerNameExA
GetFileTime
lstrcmpA

gdi32

MoveToEx
SetDIBits
CombineRgn
GetTextMetricsA
TextOutA
GetObjectW

Exports

Exports

?_l_tbxtPUtma@@YGGDG@Z
?_vgpe_cwnrD_@@YGPAIDF@Z
?wj_xunNJI_M_NOIvtfplqg@@YGHPAI@Z
?_ZDJESYWfa@@YGXPAIE@Z

Sections

.text
Size: 58KB - Virtual size: 389KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 36KB - Virtual size: 35KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pacdat
Size: 20KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idat
Size: 15KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rdata
Size: 19KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 6KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

3c73bbf9014560f6ac31b8f3cc69e881

Headers

File Characteristics

PDB Paths

Imports

user32

shlwapi

kernel32

gdi32

Exports

Exports

Sections

.text Size: 58KB - Virtual size: 389KB

.data Size: 36KB - Virtual size: 35KB

.pacdat Size: 20KB - Virtual size: 19KB

.idat Size: 15KB - Virtual size: 15KB

.rdata Size: 19KB - Virtual size: 19KB

.rsrc Size: 6KB - Virtual size: 8KB

.reloc Size: 2KB - Virtual size: 1KB

.text
Size: 58KB - Virtual size: 389KB

.data
Size: 36KB - Virtual size: 35KB

.pacdat
Size: 20KB - Virtual size: 19KB

.idat
Size: 15KB - Virtual size: 15KB

.rdata
Size: 19KB - Virtual size: 19KB

.rsrc
Size: 6KB - Virtual size: 8KB

.reloc
Size: 2KB - Virtual size: 1KB