5fa35282c7887859fd0bd298bac8911c_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

5fa35282c7887859fd0bd298bac8911c_JaffaCakes118
Size

176KB
MD5

5fa35282c7887859fd0bd298bac8911c
SHA1

18a1032ffc1209df8ac4f0c1a8fa5047e21ab389
SHA256

49992f5a4e4ed92615f50afef6bba159d76d2d4577dbfaaeaca25163c07e5298
SHA512

a6618a7707fbb535b80254b54faadeafbf2686ade8c504fc249b746d3653e065645572a431b25a9d86d1cb1c8669b3c606e289f8239c20b4201b433546617916
SSDEEP

3072:5CQ/dcqsDoZD1eVsXot6WDy5U9876/+etNZ5c8g3rGZI:WJDoZReVs4cWDyG980hYD3F

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5fa35282c7887859fd0bd298bac8911c_JaffaCakes118

Files

5fa35282c7887859fd0bd298bac8911c_JaffaCakes118
.exe windows:5 windows x86 arch:x86

581d76c2a9ab2584ed7f085a1fc3a64d

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

V:\kFfpxn\vfWicXfP\fxbMfuO.pdb

Imports

comctl32

ImageList_LoadImageW
CreatePropertySheetPageA
ImageList_ReplaceIcon

gdi32

SetDIBColorTable
CreateEllipticRgnIndirect
LineTo
GetMapMode
EndPath
GetTextExtentPoint32A

shlwapi

IntlStrEqWorkerA
PathCommonPrefixW
StrCpyW
PathMakePrettyW
StrCmpNIW

comdlg32

GetSaveFileNameA
GetFileTitleW
ChooseFontW
PageSetupDlgW

kernel32

GetStdHandle
MoveFileA
SetEndOfFile
SetCommMask
SetLocalTime
ReadFile

user32

IsWindowUnicode
ScreenToClient
InsertMenuW
MonitorFromRect
GetParent
IntersectRect
WaitMessage
LoadAcceleratorsW
ShowScrollBar
GetCursorPos
GetAsyncKeyState
CharUpperBuffA
CharLowerBuffW
GetKeyboardLayoutList

Exports

Exports

?xYbuMqrcurqadlnK@@YGPAMN@Z
?kOtzCkam@@YGXPAE@Z
?pqmMjCdWlxa@@YGKEG@Z

Sections

.itext
Size: 512B - Virtual size: 176B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

DATA
Size: 140KB - Virtual size: 295KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

CODE
Size: 24KB - Virtual size: 24KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 512B - Virtual size: 153B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

581d76c2a9ab2584ed7f085a1fc3a64d

Headers

File Characteristics

PDB Paths

Imports

comctl32

gdi32

shlwapi

comdlg32

kernel32

user32

Exports

Exports

Sections

.itext Size: 512B - Virtual size: 176B

DATA Size: 140KB - Virtual size: 295KB

CODE Size: 24KB - Virtual size: 24KB

.rdata Size: 512B - Virtual size: 153B

.rsrc Size: 8KB - Virtual size: 8KB

.reloc Size: 1KB - Virtual size: 1KB

.itext
Size: 512B - Virtual size: 176B

DATA
Size: 140KB - Virtual size: 295KB

CODE
Size: 24KB - Virtual size: 24KB

.rdata
Size: 512B - Virtual size: 153B

.rsrc
Size: 8KB - Virtual size: 8KB

.reloc
Size: 1KB - Virtual size: 1KB