93bc2058f0ecd7c54c09f170af5f3190_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

93bc2058f0ecd7c54c09f170af5f3190_JaffaCakes118
Size

175KB
MD5

93bc2058f0ecd7c54c09f170af5f3190
SHA1

7e645515a05670e3bb88a56254b6848879c8f8c5
SHA256

abb49ff5be12bfd08a3eac2e720773e29ad927dc5cdf4b1279154263a4f9c83c
SHA512

baa847c2c3b1a0fe1dbca9feab09e2a55d9e15d05060615cb60551df1fac1e64069e9ef32b26ad76e3423d2552f224188869940d51dedebc47eac77bf225fb87
SSDEEP

3072:2qYNgW49Y1CTtJJ26dG6VBPqZChQ1XgDxrXn0hCoP7xH+gjkb1mu15ELjUXCG:2vd4K1+tJJ26I6VBPSCBtX0hBzjkbgIl

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
93bc2058f0ecd7c54c09f170af5f3190_JaffaCakes118

Files

93bc2058f0ecd7c54c09f170af5f3190_JaffaCakes118
.exe windows:5 windows x86 arch:x86

5df53c405e496cbc83df6c5cc4e98904

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

A:\cnsdOejv\CPxSaalv\rrqpvzs.pdb

Imports

gdi32

GetBkMode
Polygon
EndDoc
CreateFontA
CreateDIBSection

kernel32

GetCurrentThreadId
DisconnectNamedPipe
GetFileTime
SetEvent
ExitProcess
InitializeCriticalSection
GetTimeZoneInformation

comdlg32

ReplaceTextW
ChooseColorW
FindTextW
GetOpenFileNameA

user32

GetUserObjectInformationW
OffsetRect
InsertMenuA
MonitorFromRect
GetClassNameW
LoadCursorA
InSendMessageEx
PtInRect
GetCursorPos
GetKeyboardLayout
InflateRect
ArrangeIconicWindows

msvcrt

exit

shlwapi

ChrCmpIA
StrCmpNIA
StrChrIA

Exports

Exports

?ZXT_IK_C_T@@YGPAJPAE@Z
?NTMY_TSGPUJMEMh_x_@@YGXHG@Z
?padjY_JHASHCGRDBZy_ckZ@@YGPAXPAG@Z
?__JYEOEzz_J__PBKU___@@YGG_N@Z
?DGmlsSPQaaje__z__@@YGGD@Z
?I___DWWXRBA_L__ZLG_O@@YGPADPAI@Z
?FBAoxrcAJD@@YGIMPAH@Z
?ni_uvhT_RMBgcaUREMFl@@YGEPAIPAH@Z
?VSWQBTMY_Jn@@YGPAJPAM@Z
?mzfvd_fvFXJobwagpDY_W@@YGGJD@Z
?gvhvgeay_fg@@YGDDPAM@Z
?osoz__espyzuh@@YGGF@Z
?_BV__IGEFTTytnZU_rg_@@YGXPAEG@Z
?KLUF_JDsqAQh@@YGPAMPAKD@Z

Sections

.text
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 152KB - Virtual size: 312KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 1024B - Virtual size: 792B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

5df53c405e496cbc83df6c5cc4e98904

Headers

File Characteristics

PDB Paths

Imports

gdi32

kernel32

comdlg32

user32

msvcrt

shlwapi

Exports

Exports

Sections

.text Size: 11KB - Virtual size: 11KB

.data Size: 152KB - Virtual size: 312KB

.edata Size: 1024B - Virtual size: 792B

.rsrc Size: 8KB - Virtual size: 8KB

.reloc Size: 1KB - Virtual size: 1KB

.text
Size: 11KB - Virtual size: 11KB

.data
Size: 152KB - Virtual size: 312KB

.edata
Size: 1024B - Virtual size: 792B

.rsrc
Size: 8KB - Virtual size: 8KB

.reloc
Size: 1KB - Virtual size: 1KB