778c79f0c42c4663dbbd34cd795a5d5d_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

778c79f0c42c4663dbbd34cd795a5d5d_JaffaCakes118
Size

111KB
MD5

778c79f0c42c4663dbbd34cd795a5d5d
SHA1

b5529c4b5e8eddfcc58f97793f8647b4314ace13
SHA256

06a95965381edf9bc7e005322e63c30e76db8090ca9840e9abb0073dd83b1774
SHA512

5161c4e03a81b5f77427eed7970130658e627b99af4690fb185979f3b7d37f1b1092f0635d160c85800158711cc020f30e3abdc6e2ad4b87e33216bd02208a1c
SSDEEP

3072:P5SJR6ciV4vcTz6V3sxr6PJwiYVvKAI/eBOwjw7Kf:7ZAcP0sxreJq3I/eBW

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
778c79f0c42c4663dbbd34cd795a5d5d_JaffaCakes118

Files

778c79f0c42c4663dbbd34cd795a5d5d_JaffaCakes118
.exe windows:5 windows x86 arch:x86

748017864324690a917ce837de522a68

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

E:\znmCNt\VbIyoWzj\oXiSnw.pdb

Imports

user32

WaitMessage
PostThreadMessageA
EnumChildWindows
OpenInputDesktop
ShowScrollBar
GetMenuContextHelpId
SetWindowLongW
GetParent
GetPropW
GetScrollPos
TileWindows
SendMessageW
GetWindowLongW
IsCharAlphaNumericA

kernel32

WaitForMultipleObjectsEx
GetProcAddress
WaitForMultipleObjects
OpenSemaphoreW
SetWaitableTimer
FreeResource
LoadLibraryW
GetModuleHandleA
lstrcmpiW
EnumResourceNamesW
lstrlenW
IsBadWritePtr
DeleteFileW
GetModuleFileNameW

shlwapi

StrCmpNW

gdi32

Polygon
SetBitmapDimensionEx
TextOutA
GetSystemPaletteEntries
MoveToEx
CreatePatternBrush
GetTextColor
SetBkMode
EnumFontFamiliesExW

Exports

Exports

?bShJnpz@@YGKK@Z
?zulgtuTmznrylqcAhppxo@@YGPAMPAMPAN@Z
?nrfxscnVRiFpVJ@@YGPANGPAJ@Z
?VthdkzswotxzajPq@@YGEF@Z

Sections

.text
Size: 19KB - Virtual size: 19KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.idata
Size: 1024B - Virtual size: 1012B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.edata
Size: 512B - Virtual size: 207B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.temp
Size: 74KB - Virtual size: 74KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.crt
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

748017864324690a917ce837de522a68

Headers

File Characteristics

PDB Paths

Imports

user32

kernel32

shlwapi

gdi32

Exports

Exports

Sections

.text Size: 19KB - Virtual size: 19KB

.idata Size: 1024B - Virtual size: 1012B

.edata Size: 512B - Virtual size: 207B

.temp Size: 74KB - Virtual size: 74KB

.data Size: 5KB - Virtual size: 17KB

.crt Size: 4KB - Virtual size: 4KB

.rsrc Size: 2KB - Virtual size: 2KB

.reloc Size: 3KB - Virtual size: 2KB

.text
Size: 19KB - Virtual size: 19KB

.idata
Size: 1024B - Virtual size: 1012B

.edata
Size: 512B - Virtual size: 207B

.temp
Size: 74KB - Virtual size: 74KB

.data
Size: 5KB - Virtual size: 17KB

.crt
Size: 4KB - Virtual size: 4KB

.rsrc
Size: 2KB - Virtual size: 2KB

.reloc
Size: 3KB - Virtual size: 2KB