635bfdccf002f785c92933cf85f7e979_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

635bfdccf002f785c92933cf85f7e979_JaffaCakes118
Size

2.5MB
MD5

635bfdccf002f785c92933cf85f7e979
SHA1

fec331ce9cedd62da59a9e6be0ab186454afad07
SHA256

fe849bb79af03df6d283c756eb299b8dedb4ce03b2dccba69b868acec512999d
SHA512

bcce76b6035b1c7769bedbde2d64caf0b235b48b97732152a482847cbcc833d6d60d0ad9f9fdd8ca4cd8f9476156cc83e812e879fa0a5a5d7512f54698fa5d4c
SSDEEP

49152:Or/GJ4z+MMUMNVewEhi3QUA0JM3gGX9y0Q8SfgngFLuh3eDumu+lVb:u+J4VMUMNVewEYNA0JM3VCTfxmeqmu+

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
635bfdccf002f785c92933cf85f7e979_JaffaCakes118

Files

635bfdccf002f785c92933cf85f7e979_JaffaCakes118
.exe windows:5 windows x86 arch:x86

7ed3be42008f5a760a80f7dd0bc34c50

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

LoadAcceleratorsW
GetMenu
PostMessageA
IsMenu
DestroyMenu
EnumThreadWindows
DialogBoxIndirectParamW
AdjustWindowRectEx
RemoveMenu
IsWindowUnicode
GetWindowRect
GetCursor
FindWindowA

kernel32

GetFileInformationByHandle
CancelIo
lstrcatA
WaitForMultipleObjectsEx
DefineDosDeviceW
GetACP
UnhandledExceptionFilter
CreateMailslotW
GlobalAddAtomW
CreateNamedPipeA
MulDiv
GetModuleHandleA

ntdll

memset

comctl32

PropertySheetA
ImageList_Draw
DestroyPropertySheetPage

shlwapi

PathFindFileNameA
PathBuildRootA

gdi32

CreateCompatibleBitmap
GetDeviceCaps
ScaleViewportExtEx
CreateSolidBrush
CreateRectRgn
DeleteObject
SetPaletteEntries
GetTextFaceW

Exports

Exports

_JzzwZrpu_yYkaitj_xyib@4
_WrGxetiT_twolozga@16
_Qfpsnksh_fvjfPxcHq@12
_QshughUtc_yKlpionj@12
_SmmlVgcrz_hhygmWnSi@12

Sections

.text
Size: 13KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.vmem
Size: - Virtual size: 6.8MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

DATA
Size: 2.5MB - Virtual size: 2.5MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 26KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

7ed3be42008f5a760a80f7dd0bc34c50

Headers

File Characteristics

Imports

user32

kernel32

ntdll

comctl32

shlwapi

gdi32

Exports

Exports

Sections

.text Size: 13KB - Virtual size: 12KB

.rdata Size: 10KB - Virtual size: 9KB

.vmem Size: - Virtual size: 6.8MB

.data Size: 1KB - Virtual size: 1KB

DATA Size: 2.5MB - Virtual size: 2.5MB

.rsrc Size: 26KB - Virtual size: 25KB

.reloc Size: 3KB - Virtual size: 3KB

.text
Size: 13KB - Virtual size: 12KB

.rdata
Size: 10KB - Virtual size: 9KB

.vmem
Size: - Virtual size: 6.8MB

.data
Size: 1KB - Virtual size: 1KB

DATA
Size: 2.5MB - Virtual size: 2.5MB

.rsrc
Size: 26KB - Virtual size: 25KB

.reloc
Size: 3KB - Virtual size: 3KB