78f2da3f6e66b21080e14af46138d4a2_JaffaCakes118

General

Target

78f2da3f6e66b21080e14af46138d4a2_JaffaCakes118
Size

172KB
MD5

78f2da3f6e66b21080e14af46138d4a2
SHA1

84d216e8c8936d8bf37630dfc0d1d2a6034f66ff
SHA256

c331f0d92be32a187bcd05a660a8079179a1f84ea49304823e518b9d5c90acbb
SHA512

f6736c6de4fe84fb544355f1a245d3b15e13d3a4acbecafe6695171ed78ddd2139432e7a16f26735a5b4bc78812c53b7dd6d8d43989154e0e08f2a78db1601eb
SSDEEP

3072:BpBfjkvrLTMe+0aYUF2jdoWnGec3MSn1y1z5yC9jfA/0qXtoAaqYl0AWAVzfNF:9kZUoRNGpU1z0CxA/JtDl/AVzf

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
78f2da3f6e66b21080e14af46138d4a2_JaffaCakes118

Files

78f2da3f6e66b21080e14af46138d4a2_JaffaCakes118
.dll windows:5 windows x86 arch:x86

9ddf0815d5339a26d65952bd760d89c4

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

O:\uVMiuf\tGrM\pnewm\iSPhyZkg\vmtsqta.pdb

Imports

gdi32

GetTextExtentPointW
RectInRegion
CreateBitmapIndirect
SetWindowOrgEx
Polyline
AddFontResourceW

user32

DrawTextA
SetRect
GetKeyboardLayoutList
DeferWindowPos
IsDialogMessageA
MapDialogRect
InflateRect
SetCursorPos
GetSysColor
PtInRect
LoadStringW
GetKeyNameTextW
InvalidateRect
TrackPopupMenu

shlwapi

PathGetArgsA

ntdll

RtlInitUnicodeString

kernel32

OpenFile
GetFileTime
GlobalFree
TlsGetValue
GetSystemTimeAdjustment
ExitProcess
GlobalAlloc
GetThreadPriority
ConvertDefaultLocale

Exports

Exports

?_WW_XNPkzmkEZF@@YGKKPAH@Z
?qb_krho_e_wZl_f_xaDP@@YGPAGE@Z
?KZZKLGtmcno@@YGFPAKPAI@Z
?_gce_MODTYCUPIO_JLHqf@@YGIPAE@
?JIY_WEEMQ@@YGJPADPAH@Z
?gBMHKElol_@@YGXDPAE@Z
?augQaneqx@@YGPAH_N@Z
?AQEK_Zhwmd_OI@@YGMN@Z
?mvqscojVELSpwb_P@@YGNJ@Z
?xjmwv_oufkO_AP@@YGJD@Z
?_Bo_v__LQL__PAJV_gat@@YGXPAH@Z
?TLL___UUoumYOE_a_u_g@@YGID@Z

Sections

.text
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.idata
Size: 1024B - Virtual size: 850B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 152KB - Virtual size: 312KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

9ddf0815d5339a26d65952bd760d89c4

Headers

File Characteristics

PDB Paths

Imports

gdi32

user32

shlwapi

ntdll

kernel32

Exports

Exports

Sections

.text Size: 12KB - Virtual size: 11KB

.idata Size: 1024B - Virtual size: 850B

.data Size: 152KB - Virtual size: 312KB

.rsrc Size: 4KB - Virtual size: 4KB

.reloc Size: 1KB - Virtual size: 1KB

.text
Size: 12KB - Virtual size: 11KB

.idata
Size: 1024B - Virtual size: 850B

.data
Size: 152KB - Virtual size: 312KB

.rsrc
Size: 4KB - Virtual size: 4KB

.reloc
Size: 1KB - Virtual size: 1KB