8c2e9e818a22669fe9a64864960418c4_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

8c2e9e818a22669fe9a64864960418c4_JaffaCakes118
Size

180KB
MD5

8c2e9e818a22669fe9a64864960418c4
SHA1

4b5275e9b324618bf297a92ed041269d35c544b7
SHA256

feb7b67163c1b05979403c7f5b75d93b6470190ecf6cf060c12fcb793705b2f8
SHA512

7e3202857b80cffe7a5cc228c604dcdcdf158693fdfd9cb55bebfba95a315252715d6785dac66fc6c6384441c6367d8bb31334f245f611fdd0052e017cd967f2
SSDEEP

3072:y15COl+mUDmIUnaQ3zkkygw6yDnHCmZS7a2MNg8wGaaYUf76Gc2TxgpuNAEL6Onp:OUOl+mUtUnk5nPZ2ib7vxfNAEgF0

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8c2e9e818a22669fe9a64864960418c4_JaffaCakes118

Files

8c2e9e818a22669fe9a64864960418c4_JaffaCakes118
.exe windows:5 windows x86 arch:x86

7c4977957439904e5b752426104f2360

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

W:\wkqnCule\xqtPar\rTsP\kFwxRJsi\mHnkjfZ.pdb

Imports

user32

BeginDeferWindowPos
EnumChildWindows
DestroyCursor
EnableScrollBar
DefFrameProcA
DestroyMenu
GetScrollPos
GetWindow
SetScrollInfo
LoadIconW
GetWindowLongA
GetKeyboardLayoutNameW

comctl32

ImageList_Read
ImageList_GetImageCount

gdi32

CreateFontA
SetROP2
SaveDC
ExcludeClipRect
FillRgn
CreateCompatibleBitmap

comdlg32

PrintDlgExW
GetOpenFileNameW
GetSaveFileNameA
CommDlgExtendedError

kernel32

GetProcAddress
FindResourceW
lstrlenW
lstrcmpiW
TryEnterCriticalSection
SetThreadLocale
GetStringTypeExW
GetModuleHandleA
GetSystemTimeAdjustment
lstrcatA
GetModuleHandleW
GetFileAttributesW

ntdll

_aullrem

Exports

Exports

?vuPKeCrTdvvyGbavzFpxyK@@YGDPAD@Z
?tbqJSgcXlJjNukDmvyqkdM@@YGIJPAG@Z

Sections

.text
Size: 26KB - Virtual size: 25KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.edata
Size: 512B - Virtual size: 146B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 140KB - Virtual size: 208KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.crt
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

7c4977957439904e5b752426104f2360

Headers

File Characteristics

PDB Paths

Imports

user32

comctl32

gdi32

comdlg32

kernel32

ntdll

Exports

Exports

Sections

.text Size: 26KB - Virtual size: 25KB

.edata Size: 512B - Virtual size: 146B

.data Size: 140KB - Virtual size: 208KB

.crt Size: 4KB - Virtual size: 4KB

.rsrc Size: 4KB - Virtual size: 4KB

.reloc Size: 4KB - Virtual size: 3KB

.text
Size: 26KB - Virtual size: 25KB

.edata
Size: 512B - Virtual size: 146B

.data
Size: 140KB - Virtual size: 208KB

.crt
Size: 4KB - Virtual size: 4KB

.rsrc
Size: 4KB - Virtual size: 4KB

.reloc
Size: 4KB - Virtual size: 3KB