712198f524ecc6d53f331bd16895ae84_JaffaCakes118

General

Target

712198f524ecc6d53f331bd16895ae84_JaffaCakes118
Size

105KB
MD5

712198f524ecc6d53f331bd16895ae84
SHA1

b9b05293ff89d697b1d5ebd04d0beccffa9875b6
SHA256

4bb32cbfadd59f25357978b8eba4370044dc4ebf0e00b04f39f478dde8ad2a91
SHA512

76e8f13bf633555d061b42923345b74430abc99054dd1c682940c116a876dc13beb3e5a32f97be81251e5d01854cadc2ced051a323737c8320b53941717171bf
SSDEEP

1536:Q5oaJTXYdJqxDFvi8Se4S1KlvUY5TJqlmoQtc9YX2xvbVqSZQof5y:Q5HTo7qxDpi/FS1KqCq8qYGZbVqSZJfk

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
712198f524ecc6d53f331bd16895ae84_JaffaCakes118

Files

712198f524ecc6d53f331bd16895ae84_JaffaCakes118
.exe windows:5 windows x86 arch:x86

1785a48574eb28e3c3ebbe6eb360d95c

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

H:\SehoeUbt\FHoKJiJny\kRtikuP\ggBtVtbysC.juT

Imports

comdlg32

ReplaceTextW
PrintDlgExW
GetSaveFileNameW
GetOpenFileNameA

gdi32

SetBkMode
AddFontResourceW
SaveDC
SetWindowExtEx
GetPaletteEntries
StartPage
GetTextExtentPointA

user32

CallWindowProcA
LoadImageW
SetTimer
InSendMessage
IsCharAlphaW
GetKeyboardLayout
SetWindowLongW
LoadStringW
DrawIconEx
GetFocus
GetWindowLongA
DrawCaptionTempW
DefWindowProcA

kernel32

TerminateThread
GetThreadContext
FindFirstFileA
AreFileApisANSI
LocalFree
GlobalMemoryStatusEx
VerifyVersionInfoW
LocalAlloc
EnterCriticalSection
GetStringTypeExW
LoadResource
LocalReAlloc
SetErrorMode
AddAtomA

comctl32

ImageList_Destroy
ImageList_Write

Exports

Exports

_PnnYy
VuHksuUn
RhkmpyQpqglOp
_DzmefJfbl
?PsaCstvzriuolsjsrvnbk@@YGIIPAF@Z
TaGgzabBxquua

Sections

.text
Size: 16KB - Virtual size: 16KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 10KB - Virtual size: 78KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 71KB - Virtual size: 71KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

1785a48574eb28e3c3ebbe6eb360d95c

Headers

File Characteristics

PDB Paths

Imports

comdlg32

gdi32

user32

kernel32

comctl32

Exports

Exports

Sections

.text Size: 16KB - Virtual size: 16KB

.rdata Size: 10KB - Virtual size: 78KB

.data Size: 3KB - Virtual size: 3KB

.rsrc Size: 71KB - Virtual size: 71KB

.reloc Size: 2KB - Virtual size: 2KB

.text
Size: 16KB - Virtual size: 16KB

.rdata
Size: 10KB - Virtual size: 78KB

.data
Size: 3KB - Virtual size: 3KB

.rsrc
Size: 71KB - Virtual size: 71KB

.reloc
Size: 2KB - Virtual size: 2KB