4cf5d254024ad78a464298421f758ab8_JaffaCakes118

General

Target

4cf5d254024ad78a464298421f758ab8_JaffaCakes118
Size

152KB
MD5

4cf5d254024ad78a464298421f758ab8
SHA1

0a99ecaa94440fdb03e1c327915ae86231e23f3d
SHA256

30db862a14d53a5d98ad6a12367f66b8d2c98c8fb541e00ba32ae68fd27e76e3
SHA512

ab0ad9123d7e987b3c98358b69fa8bf13319a9b23241c005cc2a58e4e93cb072b86c5d3f145b9ce3ecd1c60f658629c306b7faa88941a6506801c84b90e8435b
SSDEEP

3072:HuNDaroDpt11wzvlfPSSLyFV/btUF+acWD3+mG0SyM:OhNuju5+FVcmGXyM

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4cf5d254024ad78a464298421f758ab8_JaffaCakes118

Files

4cf5d254024ad78a464298421f758ab8_JaffaCakes118
.exe windows:5 windows x86 arch:x86

5002171fd89652f9d63967112d70cd30

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

T:\Ucec\Ejbttlm\HtfgPz.pdb

Imports

comdlg32

PrintDlgExW
FindTextW

gdi32

CreateICW
Rectangle
CombineRgn
IntersectClipRect
SetBitmapBits
GetNearestColor
CreateCompatibleBitmap

shlwapi

StrCatBuffW

kernel32

lstrlenW
EnumResourceTypesA
GetBinaryTypeA
FlushFileBuffers
CreateThread
SetPriorityClass
GetModuleFileNameW
LoadLibraryExW
CreateRemoteThread
GetOEMCP
CreateNamedPipeW
LCMapStringA

user32

GetTopWindow
DefFrameProcW
OffsetRect
CharLowerW
CopyRect
DefDlgProcW
DeferWindowPos
DeleteMenu
wsprintfW
RemovePropW
LoadStringA
HideCaret
UnloadKeyboardLayout
GetMenuDefaultItem

Exports

Exports

?rabldkmteje@@YGPAKD@Z
?pAopEwqsakmwfn@@YGPAED@Z
?DCAecwqbQksNermUusNe@@YGM_NF@Z

Sections

.text
Size: 30KB - Virtual size: 30KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.idata
Size: 1024B - Virtual size: 966B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.edata
Size: 1024B - Virtual size: 1024B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 249KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 109KB - Virtual size: 109KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

5002171fd89652f9d63967112d70cd30

Headers

File Characteristics

PDB Paths

Imports

comdlg32

gdi32

shlwapi

kernel32

user32

Exports

Exports

Sections

.text Size: 30KB - Virtual size: 30KB

.idata Size: 1024B - Virtual size: 966B

.edata Size: 1024B - Virtual size: 1024B

.data Size: 5KB - Virtual size: 249KB

.rsrc Size: 109KB - Virtual size: 109KB

.reloc Size: 4KB - Virtual size: 4KB

.text
Size: 30KB - Virtual size: 30KB

.idata
Size: 1024B - Virtual size: 966B

.edata
Size: 1024B - Virtual size: 1024B

.data
Size: 5KB - Virtual size: 249KB

.rsrc
Size: 109KB - Virtual size: 109KB

.reloc
Size: 4KB - Virtual size: 4KB