647c65246f61ea4b976addd105beabb7_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

647c65246f61ea4b976addd105beabb7_JaffaCakes118
Size

124KB
MD5

647c65246f61ea4b976addd105beabb7
SHA1

2cec0f6d2b4c9126b13b07a66b39505e70bd3dfb
SHA256

6775d97a4020191ba013b0a2c7db3f08c6a75000086b84ce75375887117855af
SHA512

86b252eb70a2bdfc256d7fb3175f0ecdfef58347791b4b82f96d4997b71040f1239aba88245c8cc490b4e01195b2198ead5e5ead3d37675c3f049be7d5057574
SSDEEP

3072:6cZC9vrM7EurtJjWbbsGi7sdGkgylRfHsZMcI7xhnex62AiYR:fIvPGPjWfseiyrs+V7xokRbR

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
647c65246f61ea4b976addd105beabb7_JaffaCakes118

Files

647c65246f61ea4b976addd105beabb7_JaffaCakes118
.exe windows:5 windows x86 arch:x86

3654e2bb74b365cf31e538e4d2e2f812

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

O:\iPwda\yoolaDno\myKxhuzb\sqftl.pdb

Imports

user32

GetParent
IsCharUpperA
SetParent
CreatePopupMenu
TileWindows
FindWindowA
wvsprintfW
SetWindowTextA
wsprintfA
GetWindowDC
wsprintfW
SetWindowTextW
GetClassLongW

gdi32

CreatePatternBrush
EnumFontsW
SetBkMode
GetTextExtentPoint32W
SetRectRgn
CreateBitmapIndirect
CreateICW
CombineRgn
GetStockObject

kernel32

lstrcmpiA
lstrcatA
EnterCriticalSection
IsValidLocale
GetTickCount
GetFileAttributesW
SetupComm
VirtualQuery
IsDBCSLeadByteEx
LoadLibraryA
GetModuleFileNameW
UnlockFile
MapViewOfFile
SetNamedPipeHandleState

Exports

Exports

?EJdleLxzOoOd@@YGXDE@Z
?rGsyihtyjDcafeqscoa@@YGPAGH@Z
?KysfQsxdKXsltFtlhpv@@YGPAXH@Z

Sections

.text
Size: 13KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.edata
Size: 1024B - Virtual size: 684B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 269KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.xdata
Size: 89KB - Virtual size: 89KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 1024B - Virtual size: 894B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

3654e2bb74b365cf31e538e4d2e2f812

Headers

File Characteristics

PDB Paths

Imports

user32

gdi32

kernel32

Exports

Exports

Sections

.text Size: 13KB - Virtual size: 12KB

.edata Size: 1024B - Virtual size: 684B

.data Size: 5KB - Virtual size: 269KB

.pdata Size: 9KB - Virtual size: 9KB

.xdata Size: 89KB - Virtual size: 89KB

.idata Size: 1024B - Virtual size: 894B

.rsrc Size: 2KB - Virtual size: 1KB

.reloc Size: 2KB - Virtual size: 2KB

.text
Size: 13KB - Virtual size: 12KB

.edata
Size: 1024B - Virtual size: 684B

.data
Size: 5KB - Virtual size: 269KB

.pdata
Size: 9KB - Virtual size: 9KB

.xdata
Size: 89KB - Virtual size: 89KB

.idata
Size: 1024B - Virtual size: 894B

.rsrc
Size: 2KB - Virtual size: 1KB

.reloc
Size: 2KB - Virtual size: 2KB