5f47fba0cbf0631dfdabb9b6998ae5a3_JaffaCakes118

General

Target

5f47fba0cbf0631dfdabb9b6998ae5a3_JaffaCakes118
Size

181KB
MD5

5f47fba0cbf0631dfdabb9b6998ae5a3
SHA1

6c6eb85a7655d0ea89f6e10829359267f8ebe93e
SHA256

05862d0151148283b0479587171ab4fc7239f2db7d729bd009772f6e589eb62f
SHA512

e73132f64838b73b741f2ab8ce6953826ea95073f169ce5fa88f11ccd363f2c3b49fb5a85de7f065670439d129194bdac978625d233faf150cae243a5f66027f
SSDEEP

3072:awozoCY//ko9IOHQP3b0R/kiDS/xcRUaX8z0tCjoPsd42FvOU7WLJ9cr3qH:awdtj9dHQ/b0VJG/xsxMoCjpd4UHeXo3

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5f47fba0cbf0631dfdabb9b6998ae5a3_JaffaCakes118

Files

5f47fba0cbf0631dfdabb9b6998ae5a3_JaffaCakes118
.exe windows:5 windows x86 arch:x86

ab4afd3551ab44c975df972d5878e168

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

I:\gzyuati\PcPbCiA\kiwf.pdb

Imports

gdi32

GetPixel
DPtoLP
SaveDC
SelectPalette
CreateFontIndirectA
LineTo
GetDIBColorTable
DeleteDC

comdlg32

GetFileTitleW
PrintDlgW
ReplaceTextW

user32

RegisterWindowMessageA
CharToOemBuffA
GetWindowLongW
IsDlgButtonChecked
BeginDeferWindowPos
ShowCaret
GetPropA
GetWindow
ShowScrollBar
IsChild
InvertRect
GetDialogBaseUnits

kernel32

SetErrorMode
lstrcmpiW
CompareFileTime
IsDBCSLeadByteEx
GetProcAddress
GlobalHandle
GetComputerNameExA
GetComputerNameExW
lstrcpynA
LoadLibraryW
GetFullPathNameW
CreateSemaphoreW
QueryPerformanceCounter
GetFileTime

comctl32

ImageList_GetIcon
InitCommonControlsEx
ImageList_GetImageCount

Exports

Exports

?llrAhogdj@@YGPA_NE@Z

Sections

.text
Size: 18KB - Virtual size: 17KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 140KB - Virtual size: 220KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 1024B - Virtual size: 601B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.crt
Size: 14KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ab4afd3551ab44c975df972d5878e168

Headers

File Characteristics

PDB Paths

Imports

gdi32

comdlg32

user32

kernel32

comctl32

Exports

Exports

Sections

.text Size: 18KB - Virtual size: 17KB

.data Size: 140KB - Virtual size: 220KB

.edata Size: 1024B - Virtual size: 601B

.crt Size: 14KB - Virtual size: 13KB

.rsrc Size: 4KB - Virtual size: 4KB

.reloc Size: 3KB - Virtual size: 2KB

.text
Size: 18KB - Virtual size: 17KB

.data
Size: 140KB - Virtual size: 220KB

.edata
Size: 1024B - Virtual size: 601B

.crt
Size: 14KB - Virtual size: 13KB

.rsrc
Size: 4KB - Virtual size: 4KB

.reloc
Size: 3KB - Virtual size: 2KB