8d6f7f3c6756d28db80d1f98d8037ed5_JaffaCakes118

General

Target

8d6f7f3c6756d28db80d1f98d8037ed5_JaffaCakes118
Size

184KB
MD5

8d6f7f3c6756d28db80d1f98d8037ed5
SHA1

10c95eed98dcfa1ba5c72b7ebef18be2eb5c9ea6
SHA256

092dba5309509057cebaea3cc05c13d0d7f8126e279ab164eb5464c614a7e569
SHA512

0153421d475eb36f07d63b764f618186a50140a9bbf28c0a8b28629ccae88c00830784b8bf428650d6252b9f513e0ba360b4a6e1e5f7eafb7bb76c0e3fd5c994
SSDEEP

3072:U+7DyS7J92A5SpCzvP8TonTVubpUi+zCC1BeWiwIpM0S3WLWUWoD90:U+H7L2A8cLP88TGpUJRXg/qGLWUZ9

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8d6f7f3c6756d28db80d1f98d8037ed5_JaffaCakes118

Files

8d6f7f3c6756d28db80d1f98d8037ed5_JaffaCakes118
.exe windows:5 windows x86 arch:x86

7a3e1ea59670818724de3bad01e33dd2

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

R:\vJxpBfjt\dVXumSAm\sTCqIa\Qydsw\rKibtH.pdb

Imports

kernel32

lstrcpyW
GetAtomNameA
lstrlenW
lstrcmpiA
SetThreadExecutionState
DeleteFileA
ReadFile
LocalAlloc
lstrcpynW
GetModuleHandleW
GetProcAddress
SetCommTimeouts
SetCommMask

comctl32

CreatePropertySheetPageW
InitCommonControlsEx
ImageList_GetIconSize
ImageList_GetIcon

gdi32

GetDIBColorTable
CreateRectRgn
RectVisible
CreatePatternBrush
GetPixel
Polygon
GetMapMode
SetLayout

user32

InSendMessageEx
TileWindows
LoadIconW
PeekMessageA
OemToCharBuffA
GetMenuCheckMarkDimensions
DialogBoxIndirectParamW
DefFrameProcA
GetWindow
GetDC
TranslateAcceleratorW
GetScrollPos
DestroyMenu

ntdll

_aullrem

Exports

Exports

?dflGrlszmtH@@YGNJ@Z
?gfMbJCW@@YGGPAFPAI@Z

Sections

.text
Size: 28KB - Virtual size: 28KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 141KB - Virtual size: 201KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 120B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.crt
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

7a3e1ea59670818724de3bad01e33dd2

Headers

File Characteristics

PDB Paths

Imports

kernel32

comctl32

gdi32

user32

ntdll

Exports

Exports

Sections

.text Size: 28KB - Virtual size: 28KB

.data Size: 141KB - Virtual size: 201KB

.edata Size: 512B - Virtual size: 120B

.crt Size: 5KB - Virtual size: 5KB

.rsrc Size: 4KB - Virtual size: 4KB

.reloc Size: 4KB - Virtual size: 3KB

.text
Size: 28KB - Virtual size: 28KB

.data
Size: 141KB - Virtual size: 201KB

.edata
Size: 512B - Virtual size: 120B

.crt
Size: 5KB - Virtual size: 5KB

.rsrc
Size: 4KB - Virtual size: 4KB

.reloc
Size: 4KB - Virtual size: 3KB