637fa3cb9fe77485f26633ece7331089_JaffaCakes118 | Triage

Sharing

General

Target

637fa3cb9fe77485f26633ece7331089_JaffaCakes118
Size

149KB
MD5

637fa3cb9fe77485f26633ece7331089
SHA1

8665e2d527b81d05f237cf6f1d87811475c9fba7
SHA256

27983f96a7fb21a46bb3516d5372c7c143355329fed9d544d548d9f35049a93a
SHA512

478e4f0d97eebdd6073c04d3f12b36d6539bdf9cee27d4b93bf3a033905f9d38eee7616aa993c718782c30625f83639435463980daeb78c90166181cd473ccfa
SSDEEP

3072:S2+Mjavoj8GyXozRMJlEwfBjpe70hpq0zOgHsT6:v0ojG+6Jvnbzhg6

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
637fa3cb9fe77485f26633ece7331089_JaffaCakes118

Files

637fa3cb9fe77485f26633ece7331089_JaffaCakes118
.exe windows:5 windows x86 arch:x86

1e1a7590ba160fcdf98a03faa5affd87

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

F:\ajUG\sbXxxbi\BJWco\vvHN\uaXab.pdb

Imports

gdi32

GetTextMetricsW
EnumFontsW
RestoreDC
OffsetRgn
CreateFontIndirectA
GetClipBox
PtInRegion

user32

GetAsyncKeyState
GetWindowLongA
GetWindowTextW
SetRectEmpty
ModifyMenuW
GetScrollBarInfo
SetCursor
DefWindowProcA
wsprintfA
GetPropA
EndDialog
GetLastActivePopup
RegisterWindowMessageW
MessageBoxW

kernel32

LoadLibraryExA
HeapSize
lstrcatA
ConnectNamedPipe
GetFileSize
SetCommMask
GetStartupInfoA
IsBadReadPtr
MoveFileA
GetSystemDirectoryW
LCMapStringW
UnlockFile
CreateEventA
lstrlenA

Exports

Exports

?UdefGatexCToMcRLBKni@@YGIH@Z
?mAjbtohk@@YGJPAI@Z
?eLAgpATawdmrmeeUusvfrf@@YGPAKH@Z
?pWeibcs@@YGPAHK@Z
?xiHpfstsbefbRDuwN@@YGXPAMM@Z
?otPkUeXzpBcw@@YG_NEPAG@Z

Sections

.text
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 6KB - Virtual size: 338KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 132KB - Virtual size: 132KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ