5e4336e3e26b7e4186f6703fecfb339f_JaffaCakes118

General

Target

5e4336e3e26b7e4186f6703fecfb339f_JaffaCakes118
Size

86KB
MD5

5e4336e3e26b7e4186f6703fecfb339f
SHA1

da393a2a069a5905c19bcf14d10c245395aa8d38
SHA256

7d3bf38079e812be23c1bd7625618545e51ea4862ea90c211cd059033d1b4af1
SHA512

c699e4d59fee231793e76c72abccb11ff41e17b542b6de404a7a39875849497a273c7d7d653dd8327069fffcbceec34a7ba5d71b71b408b5878131906965ebc2
SSDEEP

1536:4DBrgDSxaRtrRsDsKn8ZogiIf/2GdtMTEOWrw0DTnUbTG0OU5LkI4iI+OU:wg+8W8Wun9FOWrlA/G0OU5oXiI+t

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5e4336e3e26b7e4186f6703fecfb339f_JaffaCakes118

Files

5e4336e3e26b7e4186f6703fecfb339f_JaffaCakes118
.exe windows:5 windows x86 arch:x86

9266721d5161402b571f6e188e27c26b

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetModuleHandleW
GetAtomNameW
ExitThread
VirtualAlloc
GetFileAttributesA
CompareStringW
GetFileAttributesW
GetLastError
GetFileSizeEx
IsBadHugeReadPtr
GetModuleHandleA
LoadLibraryA
SetEndOfFile
VirtualProtect
ExitProcess
GetSystemDirectoryA
VirtualFree

msvcrt

tmpnam
_wsearchenv
_initterm
_isctype
_winver
iscntrl
atol
_ismbcl0
_fpreset
_setmbcp
getenv
_lrotl
fsetpos
memcpy
_strnicoll
iswctype
rand
_osver
is_wctype
fclose
__unguarded_readlc_active
__argc
srand
_wmkdir

user32

GetDlgItemInt
FillRect
SetDlgItemInt
GetNextDlgTabItem
IsClipboardFormatAvailable
LoadIconW

winmm

waveInGetPosition
waveInPrepareHeader
mciDriverYield
WOWAppExit
mmTaskSignal
wid32Message
auxOutMessage
joyGetNumDevs
mciExecute
joy32Message
tid32Message

Exports

Exports

Uforb
ZhbBaakoiOutrjo
NhIkry
JgiMtziRpvqSwnomlLs
YejrYpyogCjtawdNho

Sections

.text
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 20KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 40KB - Virtual size: 39KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 62B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

9266721d5161402b571f6e188e27c26b

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

msvcrt

user32

winmm

Exports

Exports

Sections

.text Size: 13KB - Virtual size: 13KB

.rdata Size: 11KB - Virtual size: 11KB

.data Size: 20KB - Virtual size: 19KB

.rsrc Size: 40KB - Virtual size: 39KB

.reloc Size: 512B - Virtual size: 62B

.text
Size: 13KB - Virtual size: 13KB

.rdata
Size: 11KB - Virtual size: 11KB

.data
Size: 20KB - Virtual size: 19KB

.rsrc
Size: 40KB - Virtual size: 39KB

.reloc
Size: 512B - Virtual size: 62B