70e54006c38d1ddec69d13656ca3ba70_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

70e54006c38d1ddec69d13656ca3ba70_JaffaCakes118
Size

111KB
MD5

70e54006c38d1ddec69d13656ca3ba70
SHA1

c3bdd7794cc1c0f272e85f6667751eaa9ecdecad
SHA256

4e6701371dfe08a59e58c421db4f03976f92e7292f1cb882f0db2016c2deabdd
SHA512

121b4c7241780059a952ae9db368bd693d75f170ea946177646eb31d12a81701a104f1e2454ccb83e57f7ca212c7dcabce093cc3730fb0e07d7c782d86f36ed2
SSDEEP

3072:bPtjGOb3wowJrIwrzRJzjj+luCs+gy9GYSG10t:blZvwFJzRZjR+g6G9U

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
70e54006c38d1ddec69d13656ca3ba70_JaffaCakes118

Files

70e54006c38d1ddec69d13656ca3ba70_JaffaCakes118
.exe windows:5 windows x86 arch:x86

fda6fcadd455f287611f89e7dbbf45d1

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

O:\TeZjqk\fTnk\zsDunm\toikZ.pdb

Imports

kernel32

lstrcmpiW
GlobalMemoryStatus
GetProcAddress
ClearCommBreak
GetStartupInfoA
RegisterWaitForSingleObject
OpenEventA
LoadLibraryW
GetStartupInfoW
lstrlenW
GlobalSize

gdi32

StartDocW
GetTextFaceW
CreateBitmap
DeleteDC
Polygon
CreateCompatibleDC
SetPixel
GetROP2

shlwapi

StrCmpNW

user32

GetWindowLongW
LoadMenuA
ShowScrollBar
GetPropW
CharPrevW
GetDlgItemTextW
TranslateAcceleratorA
SetDlgItemInt
DialogBoxIndirectParamW
IsDlgButtonChecked
DefFrameProcA
IsCharUpperA

Exports

Exports

?wjbgMNywMfE@@YGGPAGPAE@Z
?WmDbjqwvSasisqAfqupumg@@YGXPAM@Z

Sections

.text
Size: 17KB - Virtual size: 17KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.idata
Size: 1024B - Virtual size: 844B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.edata
Size: 512B - Virtual size: 137B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.temp
Size: 76KB - Virtual size: 76KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.crt
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

fda6fcadd455f287611f89e7dbbf45d1

Headers

File Characteristics

PDB Paths

Imports

kernel32

gdi32

shlwapi

user32

Exports

Exports

Sections

.text Size: 17KB - Virtual size: 17KB

.idata Size: 1024B - Virtual size: 844B

.edata Size: 512B - Virtual size: 137B

.temp Size: 76KB - Virtual size: 76KB

.data Size: 5KB - Virtual size: 17KB

.crt Size: 4KB - Virtual size: 4KB

.rsrc Size: 3KB - Virtual size: 3KB

.reloc Size: 2KB - Virtual size: 2KB

.text
Size: 17KB - Virtual size: 17KB

.idata
Size: 1024B - Virtual size: 844B

.edata
Size: 512B - Virtual size: 137B

.temp
Size: 76KB - Virtual size: 76KB

.data
Size: 5KB - Virtual size: 17KB

.crt
Size: 4KB - Virtual size: 4KB

.rsrc
Size: 3KB - Virtual size: 3KB

.reloc
Size: 2KB - Virtual size: 2KB