85d563709c4d0eca0308f37fe9236e8c_JaffaCakes118

General

Target

85d563709c4d0eca0308f37fe9236e8c_JaffaCakes118
Size

118KB
MD5

85d563709c4d0eca0308f37fe9236e8c
SHA1

b7c69a6bef095310b0844bbaf5e49c34b73652e7
SHA256

c24fa895a04f1068a8dd9f58d54a04de2fd627f9e7a38f4ed7c7f10049545633
SHA512

fd0ef596fe8ff4b4691c9a2151237d0076b3484bebc19ce2a4221a7eeeee28b9c07b1c2e70de905c0335fbff0182d28d2c9006d9a6d4d4325d98dbf80dcbe72a
SSDEEP

3072:T6VdOjkygw6yDXo9Uyp2qtTtExVYz71ZRuupjpHF:Y8l5Xo9d2qtT/P1v7pjp

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
85d563709c4d0eca0308f37fe9236e8c_JaffaCakes118

Files

85d563709c4d0eca0308f37fe9236e8c_JaffaCakes118
.exe windows:5 windows x86 arch:x86

28d11af19ef52251b82759892dfd7e44

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

Q:\gyWNWm\XdccT\avufwLfl\saanm.pdb

Imports

user32

HideCaret
SwitchToThisWindow
InflateRect
LoadIconW
SystemParametersInfoW
CreateAcceleratorTableW
GetScrollPos
ShowCursor
DrawIconEx
GetWindow
GetMessageA
SendMessageTimeoutA

comctl32

ImageList_GetImageCount
PropertySheetA
InitCommonControlsEx

kernel32

GetCurrentThread
HeapValidate
FormatMessageW
CloseHandle
GetVersionExA
ResumeThread
GlobalAddAtomW
GetProcAddress
lstrcmpiW
LCMapStringA
GetModuleHandleW
GetNumberFormatA
lstrlenW

gdi32

CreateBitmap
BeginPath
LineTo
SetViewportExtEx
GetTextExtentPoint32A
ScaleViewportExtEx

ntdll

_aullrem

comdlg32

PageSetupDlgW
GetFileTitleW

Exports

Exports

?lmhNqabnIk@@YGPAFFPAI@Z

Sections

.text
Size: 27KB - Virtual size: 26KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.edata
Size: 512B - Virtual size: 92B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 77KB - Virtual size: 77KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.crt
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

28d11af19ef52251b82759892dfd7e44

Headers

File Characteristics

PDB Paths

Imports

user32

comctl32

kernel32

gdi32

ntdll

comdlg32

Exports

Exports

Sections

.text Size: 27KB - Virtual size: 26KB

.edata Size: 512B - Virtual size: 92B

.data Size: 77KB - Virtual size: 77KB

.crt Size: 4KB - Virtual size: 4KB

.rsrc Size: 3KB - Virtual size: 3KB

.reloc Size: 4KB - Virtual size: 3KB

.text
Size: 27KB - Virtual size: 26KB

.edata
Size: 512B - Virtual size: 92B

.data
Size: 77KB - Virtual size: 77KB

.crt
Size: 4KB - Virtual size: 4KB

.rsrc
Size: 3KB - Virtual size: 3KB

.reloc
Size: 4KB - Virtual size: 3KB