606eabd9325130563761cf76e6899b82_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

606eabd9325130563761cf76e6899b82_JaffaCakes118
Size

138KB
MD5

606eabd9325130563761cf76e6899b82
SHA1

9d536d9b8d3abab365bcc3727f0d67670d3a71ee
SHA256

428f82af07b64002d77ea1cd66327c09e8797b795e91bf7998023503e1ab4d38
SHA512

08accc809cad458e059e99822ea07e4ffebdfda50253490e0df9ced67906175ab04102909dd227d3e81084328e80af5159aa26a74be438047e8d400e2c000f13
SSDEEP

3072:z+Sid24gSgt+FUdrfbw+DzxaO77KguxgYEZAOtmyRahhlmgGADmWrl:5hbdrfk+3sO7ugONwAOgkadXry

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
606eabd9325130563761cf76e6899b82_JaffaCakes118

Files

606eabd9325130563761cf76e6899b82_JaffaCakes118
.exe windows:5 windows x86 arch:x86

2c42d4c1806eeb598e71770e1ec7b13f

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

J:\unfQmqX\lkGxcs\mAESxxk.pdb

Imports

kernel32

IsBadStringPtrW
DuplicateHandle
FileTimeToDosDateTime
CreateFileA
GetSystemTimeAsFileTime
GetConsoleWindow
GetLastError
GetCommModemStatus
lstrlenW
OutputDebugStringA
VirtualAlloc
GetFullPathNameA
CompareFileTime
SetFileAttributesW

gdi32

PolyBezier
GetFontData
Polyline
RealizePalette
GetSystemPaletteUse
UnrealizeObject
ExtTextOutA
SaveDC

comctl32

ImageList_Draw
CreatePropertySheetPageA

ntdll

_aullrem
_vsnprintf

comdlg32

GetOpenFileNameW
GetOpenFileNameA
GetSaveFileNameW

shlwapi

UrlIsNoHistoryW
StrCatChainW
StrIsIntlEqualW

user32

GetActiveWindow
GetMessagePos
SystemParametersInfoA
SetParent
wsprintfW
GetWindowPlacement
wvsprintfW
IsCharAlphaNumericA
GetCursorPos
DestroyWindow
GetWindowRect
CharToOemBuffA
GrayStringW

Exports

Exports

?xSizsduaGqfj@@YGMPAJ@Z
?qmjzzZHy@@YGPAJPANK@Z
?xsxelObjihkYHfanofswyg@@YGPAHPAIPAK@Z

Sections

.text
Size: 512B - Virtual size: 512B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.code
Size: 33KB - Virtual size: 32KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.edata
Size: 512B - Virtual size: 173B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 46KB - Virtual size: 298KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 52KB - Virtual size: 52KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

2c42d4c1806eeb598e71770e1ec7b13f

Headers

File Characteristics

PDB Paths

Imports

kernel32

gdi32

comctl32

ntdll

comdlg32

shlwapi

user32

Exports

Exports

Sections

.text Size: 512B - Virtual size: 512B

.code Size: 33KB - Virtual size: 32KB

.edata Size: 512B - Virtual size: 173B

.data Size: 46KB - Virtual size: 298KB

.rdata Size: 52KB - Virtual size: 52KB

.rsrc Size: 2KB - Virtual size: 1KB

.reloc Size: 3KB - Virtual size: 2KB

.text
Size: 512B - Virtual size: 512B

.code
Size: 33KB - Virtual size: 32KB

.edata
Size: 512B - Virtual size: 173B

.data
Size: 46KB - Virtual size: 298KB

.rdata
Size: 52KB - Virtual size: 52KB

.rsrc
Size: 2KB - Virtual size: 1KB

.reloc
Size: 3KB - Virtual size: 2KB