477024efe7ab320ac7a653a39a512763_JaffaCakes118 | Triage

Sharing

General

Target

477024efe7ab320ac7a653a39a512763_JaffaCakes118
Size

182KB
MD5

477024efe7ab320ac7a653a39a512763
SHA1

1409accbd623a48b2f7dac18baab510f7b68c7be
SHA256

5aaa323586ef69124a76cf419a45ae7b1683b2e6cdb4272568bcd62c42d5127b
SHA512

af1e6d43861a0594045e41da3c4437168cb76b7b9f725ca92775b9d7b4e2c7c2554c7a9666b8f9879db1b2ff6b59b7ea8083aa5b578ea211ece25b234d23673b
SSDEEP

3072:x09QZGOG5J92AWlwQIIIowb62jKexusUWQxXNd6KEjrY42AoiY:x09QZGOG5L2AW2IIHF9Qx6jrYPi

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
477024efe7ab320ac7a653a39a512763_JaffaCakes118

Files

477024efe7ab320ac7a653a39a512763_JaffaCakes118
.exe windows:5 windows x86 arch:x86

e49e9e964564b123007dd249793a8e64

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

Q:\PfocinWG\ykJlKW\RrysVz\fjjC.pdb

Imports

comdlg32

FindTextW
GetOpenFileNameW
PrintDlgExW

gdi32

CreateBitmap
DeleteDC
CreateBrushIndirect
SetTextColor
CreateRectRgn
RectVisible
GetTextFaceW
CreatePolygonRgn

ntdll

_aullrem

user32

SetWindowRgn
GetScrollPos
LoadIconW
WaitForInputIdle
CascadeWindows
GetClientRect
LoadCursorA
GetKeyboardType
DrawIcon
GetCaretPos
GetWindow
CheckMenuItem
GetMenuItemCount

kernel32

GetModuleHandleW
InitializeCriticalSection
GetProcAddress
HeapValidate
GetTempPathW
ClearCommBreak
GetComputerNameW
lstrcmpiA
lstrlenW
ExitThread
GetBinaryTypeA
SetEvent

Exports

Exports

?yfDFEqgfim@@YGKE@Z
?msPvhsbvei@@YGDD@Z

Sections

.text
Size: 28KB - Virtual size: 27KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 140KB - Virtual size: 208KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 117B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.crt
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ