4294d20b6d91809083ce0d0078fbf64e_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

4294d20b6d91809083ce0d0078fbf64e_JaffaCakes118
Size

178KB
MD5

4294d20b6d91809083ce0d0078fbf64e
SHA1

b301c886e8694a5ae89effb647d55eb97e82195a
SHA256

26fbec50e48e03236d8c245ec79a45294f66be8f5dc9df260e62c971b4dcda2c
SHA512

f6418310d1d298958e21a915bef119abb2ec6fc060763ea97c23c1ee4d2c11fd3a61238bb8f52be8e40b9cff5ebc0bbb0b265bb7b1e338f4463cbe1224d570e1
SSDEEP

3072:YtdGR1ZslTYu0U6NjKEL5sYdD1fKN27NqWrxvvLWq7ISfhO4cqLj+9HU96PDL:YtYtNjKmndK2Bq6vTjRhdLidD

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4294d20b6d91809083ce0d0078fbf64e_JaffaCakes118

Files

4294d20b6d91809083ce0d0078fbf64e_JaffaCakes118
.exe windows:5 windows x86 arch:x86

3b56a228e49010432efca090bf1a92c2

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

G:\jwix\lfppyods\powmenXh\zxylI.pdb

Imports

gdi32

SetViewportExtEx
EnumFontFamiliesW
SelectPalette
GetTextExtentPoint32A
GetStockObject
LPtoDP

kernel32

CreateFileW
GetConsoleWindow
GetThreadPriority
FindResourceExA
ExitProcess
FindFirstChangeNotificationW
CloseHandle
lstrcmpiW
GlobalReAlloc

user32

DestroyMenu
GetTopWindow
RegisterWindowMessageA
BeginPaint
PostThreadMessageA
MonitorFromPoint
EnumChildWindows
InsertMenuItemW
CharUpperA
OemToCharA
PtInRect
WaitMessage
DefWindowProcW
DispatchMessageW

shlwapi

ChrCmpIA
StrChrIA

msvcrt

exit

Exports

Exports

?__rskvu_GZ_PHC@@YGFPAKPAF@Z
?u_sysyllAWFfz_@@YGPAMEPAF@Z
?LHHFMMDC@@YGDPAKPAI@Z
?Wofca___@@YGD_NJ@Z
?jglv_X_M_@@YGGPAJF@Z
?PAWL_WFAQN@@YGGPAN@Z
?PW_LNNmuT@@YGXPAKPAN@Z
?_fhnXDV_@@YGPAXF@Z
?P_KUDd_wr_cfYQJ_H@@YGDPAGPA_N@Z
?bE_klebtnwepk_GPWM@@YGPADPAND@Z
?ns_r_g__b@@YGXM@Z
?nofvj_TMFCoc_aq@@YGMPAMJ@Z
?MTSZK_YMKt@@YGPAFPAGM@Z
?jPTSLXOQZ_@@YGJK@Z
?xotr_dfg_wlpgeT@@YGIPAFPAK@Z
?_IWS_S_ZSAMSNC_XM@@YGIN@Z
?XCNPTYEHNKIz___zk_lm_@@YGJPAI@Z

Sections

.text
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.idata
Size: 1024B - Virtual size: 870B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 151KB - Virtual size: 310KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 29KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

3b56a228e49010432efca090bf1a92c2

Headers

File Characteristics

PDB Paths

Imports

gdi32

kernel32

user32

shlwapi

msvcrt

Exports

Exports

Sections

.text Size: 11KB - Virtual size: 11KB

.idata Size: 1024B - Virtual size: 870B

.data Size: 151KB - Virtual size: 310KB

.rsrc Size: 12KB - Virtual size: 12KB

.reloc Size: 1KB - Virtual size: 29KB

.text
Size: 11KB - Virtual size: 11KB

.idata
Size: 1024B - Virtual size: 870B

.data
Size: 151KB - Virtual size: 310KB

.rsrc
Size: 12KB - Virtual size: 12KB

.reloc
Size: 1KB - Virtual size: 29KB