6009cbaf6825ee1958aabbd07546f741_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

6009cbaf6825ee1958aabbd07546f741_JaffaCakes118
Size

187KB
MD5

6009cbaf6825ee1958aabbd07546f741
SHA1

c406548066d3f9de2a15ef038b9c585adf014ec3
SHA256

485c593be8cc657b1973475a9badff14095490ee49387878c397f4e693173184
SHA512

8374467a0af99a44ac0b17bc33ebb72fdfa19c330038991cb3b83130c6a9be8734c9ae0b25cb13f073a145479e7f5b188f823df3797fa826df03e8f564b6758e
SSDEEP

3072:OfecHaZlwvCabICwwf95iO6Zbmnxwp0cXCLOJ6NqxRcEZ6Un/2G:OGhIbffjBnGp0cyKJ6N3gnn/5

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
6009cbaf6825ee1958aabbd07546f741_JaffaCakes118

Files

6009cbaf6825ee1958aabbd07546f741_JaffaCakes118
.exe windows:5 windows x86 arch:x86

18cebec00ec4a00466a53e7cc76e9b82

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

K:\CBopjr\QuGH\qucVdoC\qsaifhzv.pdb

Imports

ntdll

_aullrem

comctl32

ImageList_GetImageCount
ImageList_GetIcon
CreateToolbarEx
InitCommonControlsEx

gdi32

GetTextColor
SelectObject
GetStockObject
GetDeviceCaps
CreateICW
GetTextFaceW
RectVisible
CreatePatternBrush
EndPath

user32

GetMessagePos
EnumChildWindows
SetWindowRgn
InvertRect
GetWindow
CreateWindowExA
GetMessageW
SystemParametersInfoA
GetParent
IsDialogMessageA
OemToCharBuffA
OffsetRect
PeekMessageA
GetDesktopWindow

kernel32

GetSystemDirectoryW
LoadLibraryA
MoveFileW
SetSystemTime
lstrlenA
SetWaitableTimer
GetLastError
GetLocaleInfoA
lstrlenW
LockFile
SleepEx
OpenSemaphoreW
GetVersion
VerSetConditionMask

shlwapi

StrIsIntlEqualA
PathIsDirectoryW

Exports

Exports

?Nenwblq@@YGMEK@Z
?AqcakvjyHnlfJAU@@YGFPAJPAH@Z
?eerXrijghvzlkWoSkoZujh@@YGXJH@Z
?lDsfnlxq@@YGX_NM@Z

Sections

.text
Size: 16KB - Virtual size: 16KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.idata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.new
Size: 131KB - Virtual size: 131KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 17KB - Virtual size: 97KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 16KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

18cebec00ec4a00466a53e7cc76e9b82

Headers

File Characteristics

PDB Paths

Imports

ntdll

comctl32

gdi32

user32

kernel32

shlwapi

Exports

Exports

Sections

.text Size: 16KB - Virtual size: 16KB

.idata Size: 2KB - Virtual size: 1KB

.new Size: 131KB - Virtual size: 131KB

.data Size: 17KB - Virtual size: 97KB

.rsrc Size: 16KB - Virtual size: 16KB

.reloc Size: 3KB - Virtual size: 2KB

.text
Size: 16KB - Virtual size: 16KB

.idata
Size: 2KB - Virtual size: 1KB

.new
Size: 131KB - Virtual size: 131KB

.data
Size: 17KB - Virtual size: 97KB

.rsrc
Size: 16KB - Virtual size: 16KB

.reloc
Size: 3KB - Virtual size: 2KB