8c77d3b889c963926b3ab447f0879460_JaffaCakes118

General

Target

8c77d3b889c963926b3ab447f0879460_JaffaCakes118
Size

110KB
MD5

8c77d3b889c963926b3ab447f0879460
SHA1

98f9d30e6fa3c152e8b6e2183f1a34e9adc190d1
SHA256

42693de952a3009efe7ac10a23b07c6530f814f3fcb349360625b9d3cf5e7eb6
SHA512

705db28cb7404deed08f061679b94133e0999da0ee612b28cf58bde52db73eb45065a45b92c5ca855ea4ed05b8cb454facadcef37c9b10fe33a93be40571bf97
SSDEEP

1536:8hiBZKkHmlM3rOCeMz1UfY63GYtlWGZvoLFUKtcd96fRpB1eCsFRi9EFYa6OS64:fQkG38z1S3flV0csBWviq/2

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8c77d3b889c963926b3ab447f0879460_JaffaCakes118

Files

8c77d3b889c963926b3ab447f0879460_JaffaCakes118
.exe windows:5 windows x86 arch:x86

f19d1eb0e781fec3e69630c688e7931e

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

H:\sllAva\lyeBc\xhzOuk.pdb

Imports

comctl32

ImageList_Draw
ImageList_ReplaceIcon

kernel32

SleepEx
LCMapStringA
ResumeThread
GetSystemWindowsDirectoryW
SetThreadContext
EnumResourceNamesW
GetProcAddress
LoadLibraryW
GlobalSize
GetCommConfig
lstrcmpiW
CopyFileW
EnumSystemLocalesA
CreateNamedPipeW

gdi32

CreateBrushIndirect
UnrealizeObject
GetTextCharsetInfo
AddFontResourceW
PtInRegion
CreatePenIndirect
GetTextExtentPointW
ResizePalette

user32

GetWindow
GetClassInfoExW
GetMonitorInfoW
GetDlgItemTextA
GetPropA
GetWindowLongW
DrawStateW
CreateCursor
EnableScrollBar
GetMenuItemRect
IsDialogMessageW
GetWindowDC
ShowScrollBar

Exports

Exports

?teiejHlhAYifAcdTzpcRrL@@YGPAXM@Z

Sections

.text
Size: 17KB - Virtual size: 16KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 72KB - Virtual size: 80KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 101B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.crt
Size: 14KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f19d1eb0e781fec3e69630c688e7931e

Headers

File Characteristics

PDB Paths

Imports

comctl32

kernel32

gdi32

user32

Exports

Exports

Sections

.text Size: 17KB - Virtual size: 16KB

.data Size: 72KB - Virtual size: 80KB

.edata Size: 512B - Virtual size: 101B

.crt Size: 14KB - Virtual size: 13KB

.rsrc Size: 3KB - Virtual size: 2KB

.reloc Size: 2KB - Virtual size: 2KB

.text
Size: 17KB - Virtual size: 16KB

.data
Size: 72KB - Virtual size: 80KB

.edata
Size: 512B - Virtual size: 101B

.crt
Size: 14KB - Virtual size: 13KB

.rsrc
Size: 3KB - Virtual size: 2KB

.reloc
Size: 2KB - Virtual size: 2KB