641e82c74af23c5306460d795ac8aa76_JaffaCakes118

General

Target

641e82c74af23c5306460d795ac8aa76_JaffaCakes118
Size

167KB
MD5

641e82c74af23c5306460d795ac8aa76
SHA1

5487e51a2af06352f49ce21daa07a6fdc994e9cc
SHA256

f968c77272f08986079335acd3dd7d6d4b43eb550e399fb883d83602d6b36c27
SHA512

4f4f0934f22bb7bda5c87339d16c45e2ec2072373fbac430e8d65b77bf54196ecb1a3f556f87f3ec4d3a5dc9854ce20fb448fc58cf6ba7b5f044218beb28d62a
SSDEEP

3072:MIiVJc+nlfsVI0BFdXbbm5Cuzo9/K+aR2X1KYeaSQkFulCtkZ1+svVctGIHbUp46:MblkVIenLbmowo9/KKYYeaSpuBZ1+oiE

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
641e82c74af23c5306460d795ac8aa76_JaffaCakes118

Files

641e82c74af23c5306460d795ac8aa76_JaffaCakes118
.exe windows:5 windows x86 arch:x86

7c5d803c0f26a74b63e4c52938d92910

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

ole32

CoTaskMemFree
CoInitialize
CoUninitialize
CoTaskMemAlloc

gdi32

CreateCompatibleDC
CreateSolidBrush
CreateRectRgnIndirect
ResizePalette
CreateFontW
DeleteColorSpace
PatBlt
SelectPalette
GetColorSpace

comctl32

ImageList_LoadImageW
CreatePropertySheetPageW

shlwapi

StrCpyW
PathGetArgsW
PathGetCharTypeW

user32

GetSystemMetrics
CascadeWindows
GetDC
GetSysColor
GetShellWindow
RegisterWindowMessageA
CharPrevW
ShowStartGlass
TileChildWindows
GetWindowLongA
DefWindowProcW
SetWindowTextA
SetScrollRange

kernel32

ClearCommBreak
lstrlenW
SetHandleInformation
LoadLibraryExW
FreeResource
GetTapeStatus
GetFileAttributesExA
FindResourceExA
GetACP
FindResourceA
lstrcmpiW
IsValidCodePage
GetSystemWindowsDirectoryW
FlushViewOfFile
GetAtomNameA

Exports

Exports

_BbiycvpEn_mtibjf
?_Yuyrcavn_qhdzdsrn@@YGPADE@Z
_Ktopzxan_qPUwiYxbb
?_Lnnlfkc_xhiinfk_mglgY@@YGPANEH@Z
_FlowfpctP_uqWbo
?_VwbksIjm_gkiqxazq_jkf@@YGKM@Z

Sections

.text
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.itext
Size: 17KB - Virtual size: 16KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 212KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 133KB - Virtual size: 133KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

7c5d803c0f26a74b63e4c52938d92910

Headers

File Characteristics

Imports

ole32

gdi32

comctl32

shlwapi

user32

kernel32

Exports

Exports

Sections

.text Size: 5KB - Virtual size: 4KB

.itext Size: 17KB - Virtual size: 16KB

.data Size: 8KB - Virtual size: 212KB

.rsrc Size: 133KB - Virtual size: 133KB

.reloc Size: 4KB - Virtual size: 4KB

.text
Size: 5KB - Virtual size: 4KB

.itext
Size: 17KB - Virtual size: 16KB

.data
Size: 8KB - Virtual size: 212KB

.rsrc
Size: 133KB - Virtual size: 133KB

.reloc
Size: 4KB - Virtual size: 4KB