7688b22f15ecc7914575e0d86256f2d2_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

7688b22f15ecc7914575e0d86256f2d2_JaffaCakes118
Size

112KB
MD5

7688b22f15ecc7914575e0d86256f2d2
SHA1

ef103aaca58517fbc505e2570600b8a32a2e2516
SHA256

70c3a93aa851f4c348d2a9249ce0ba76933e9722908389384ee7bcedb5e44f64
SHA512

48b86962630fa0b636c340bbe2debf4f205d00c1d04712c5b324c4d85e282a1be7fab63097480a1baaec8b3835ff0a3d20004050025b06f26b3e49e18a15d7e6
SSDEEP

1536:NXfkw+5RqdRm73nfpp5Y9IMJxzD4W7+6zw1ARJlg29IBahlVulvXAgTPZt96ch:Zsw+5cdRwnD5Y+gc1AhggzSlhdXp

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
7688b22f15ecc7914575e0d86256f2d2_JaffaCakes118

Files

7688b22f15ecc7914575e0d86256f2d2_JaffaCakes118
.exe windows:5 windows x86 arch:x86

33039e90a417fc6cd098541648ac2b64

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

O:\BQTzsYeM\ynWxka\mtGMZiBs\lBdjom\kOMdgY.pdb

Imports

comdlg32

GetSaveFileNameA
ReplaceTextW
CommDlgExtendedError
GetFileTitleW

kernel32

OpenFile
lstrcmpiW
GlobalAddAtomW
FindFirstFileA
GetProcAddress
DeviceIoControl
lstrcpynA
FoldStringW
SizeofResource
TransactNamedPipe
LoadLibraryW
lstrlenW

gdi32

CreatePen
GetTextExtentPointA
SetViewportOrgEx
ExtTextOutA
GetDIBits
StartDocW
UnrealizeObject
MoveToEx
GetCurrentObject

comctl32

DestroyPropertySheetPage
PropertySheetW

user32

MoveWindow
ShowScrollBar
GetMenuItemCount
GetPropW
IsCharUpperA
MonitorFromPoint
CheckMenuRadioItem
wvsprintfW
SetCaretPos
CreateCursor
IsWindow
GetWindowLongW

shlwapi

StrCmpNW

Exports

Exports

?qAjjXChHxoffadynvCyWeF@@YGJG@Z
?yziqmvxHmr@@YGDM@Z
?vjqsCHnpGMe@@YGFH@Z

Sections

.text
Size: 17KB - Virtual size: 17KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.idata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.edata
Size: 512B - Virtual size: 160B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.temp
Size: 76KB - Virtual size: 76KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.crt
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

33039e90a417fc6cd098541648ac2b64

Headers

File Characteristics

PDB Paths

Imports

comdlg32

kernel32

gdi32

comctl32

user32

shlwapi

Exports

Exports

Sections

.text Size: 17KB - Virtual size: 17KB

.idata Size: 1KB - Virtual size: 1KB

.edata Size: 512B - Virtual size: 160B

.temp Size: 76KB - Virtual size: 76KB

.data Size: 5KB - Virtual size: 17KB

.crt Size: 4KB - Virtual size: 4KB

.rsrc Size: 4KB - Virtual size: 3KB

.reloc Size: 2KB - Virtual size: 2KB

.text
Size: 17KB - Virtual size: 17KB

.idata
Size: 1KB - Virtual size: 1KB

.edata
Size: 512B - Virtual size: 160B

.temp
Size: 76KB - Virtual size: 76KB

.data
Size: 5KB - Virtual size: 17KB

.crt
Size: 4KB - Virtual size: 4KB

.rsrc
Size: 4KB - Virtual size: 3KB

.reloc
Size: 2KB - Virtual size: 2KB