44d11b7fb3d166bc28ed34d29f101752_JaffaCakes118

General

Target

44d11b7fb3d166bc28ed34d29f101752_JaffaCakes118
Size

71KB
MD5

44d11b7fb3d166bc28ed34d29f101752
SHA1

a260b9cade4dda7a197e83d2e192de6e0dd1f4b0
SHA256

d41630f590f3c38a5a59ba2f5f384c80ec5d4c696c6f9410658e6fb2f6c77068
SHA512

5c94335f6e0460c71e454b2add26d3aa6e05620eb924f753d84b35a0dccd02da8b277861161d3ef0e2eb01c839b1302108d3d7dc1fd7f81c479c31857d2f2c19
SSDEEP

1536:EjJqmv5E7Sv5zNgoOvOg5xuq//AmJQF49+7wYjpSH:6qmv5E7S5Jih5oq//pSppY

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
44d11b7fb3d166bc28ed34d29f101752_JaffaCakes118

Files

44d11b7fb3d166bc28ed34d29f101752_JaffaCakes118
.exe windows:5 windows x86 arch:x86

b0f9890b60dc57c9094fd41271c330e7

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

TileWindows
GetWindowRect
SetRectEmpty
GetMenu
DestroyMenu
SetTimer
FindWindowW
mouse_event
MonitorFromRect
EnableMenuItem
GetCaretBlinkTime
GetMessageTime
AdjustWindowRect

shlwapi

PathFindFileNameW
PathBuildRootW
StrCatW

comdlg32

ReplaceTextW
GetSaveFileNameW
ChooseColorW

gdi32

CreateRectRgn
GetMapMode
CreateBrushIndirect
DeleteObject
TextOutW
PolyBezier
CreateBitmap
PatBlt
EndPath

kernel32

GetModuleHandleW
GetOEMCP
ReleaseSemaphore
GetSystemTimeAsFileTime
OpenSemaphoreW
SetMailslotInfo
GetSystemWindowsDirectoryW
SetConsoleCP
ResetEvent
GetCommTimeouts
GetDateFormatA
GetExitCodeProcess
SetErrorMode
OpenFileMappingA
GetModuleHandleA
LoadLibraryA

Exports

Exports

_Xjxwhvcu_fzjmdiO_r@8
_SfxnJdge_nlqzpmtu_Pobz@12
_CueFGzeu_iqFgkwbi_sfP@4
_Kwqspsjef_lclhuzja@12
_Kehbyxnz_dyjxdfv@4
_Vndltdwod_nfjPvxqo@8
_Fkmufvvu_Cboxkuofb_dc@4

Sections

.text
Size: 19KB - Virtual size: 18KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 17KB - Virtual size: 89KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

DATA
Size: 24KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b0f9890b60dc57c9094fd41271c330e7

Headers

File Characteristics

Imports

user32

shlwapi

comdlg32

gdi32

kernel32

Exports

Exports

Sections

.text Size: 19KB - Virtual size: 18KB

.rdata Size: 17KB - Virtual size: 89KB

.data Size: 6KB - Virtual size: 5KB

DATA Size: 24KB - Virtual size: 24KB

.rsrc Size: 512B - Virtual size: 16B

.reloc Size: 4KB - Virtual size: 3KB

.text
Size: 19KB - Virtual size: 18KB

.rdata
Size: 17KB - Virtual size: 89KB

.data
Size: 6KB - Virtual size: 5KB

DATA
Size: 24KB - Virtual size: 24KB

.rsrc
Size: 512B - Virtual size: 16B

.reloc
Size: 4KB - Virtual size: 3KB