95e0e0eed92bbeb95dcee187bb12e908_JaffaCakes118

General

Target

95e0e0eed92bbeb95dcee187bb12e908_JaffaCakes118
Size

141KB
MD5

95e0e0eed92bbeb95dcee187bb12e908
SHA1

56d30a51eeaf4919a9fd973fb95929846dac3bd8
SHA256

319781bc6e7fa6534dbd531618247d8640de44d586974491e61daba7e241d977
SHA512

681282579709f2121f1acc2fa27563f85c1dc3cc739fd71d32492e1b8013f45d2899f7cacfe63459aa5b191754244fa7600a1bffc2c140b2175e8453d0bb0889
SSDEEP

3072:+d7xoTvuD0l0hp04ViB8AfC+NptVbDO4xq0PYqpXP0FFFFFFFFFFFFFFXFFFFFFi:+d7gvab06s8P+PtVu4k0wqp/h

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
95e0e0eed92bbeb95dcee187bb12e908_JaffaCakes118

Files

95e0e0eed92bbeb95dcee187bb12e908_JaffaCakes118
.exe windows:5 windows x86 arch:x86

320fc2b337a753650792044ef0e7ef5d

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

I:\zpke\zvmd\bbiykk\ixrZhpm\iRbKbx.pdb

Imports

user32

SetForegroundWindow
SetUserObjectInformationW
AdjustWindowRect
GetClipboardOwner
ShowWindowAsync
ChildWindowFromPointEx
LoadImageW
SetCursor
WaitMessage
mouse_event
SetFocus
SetCursorPos

gdi32

EndPage
GetPaletteEntries
CreateCompatibleDC
GetTextAlign
CreatePolygonRgn
CreateCompatibleBitmap

kernel32

GetCurrentThreadId
SetCommBreak
HeapReAlloc
FindClose
ExitThread
GetTickCount
GlobalGetAtomNameW
ExitProcess
GetCurrentProcessId
GetWindowsDirectoryA
LoadLibraryExW
GetAtomNameA

shlwapi

PathCanonicalizeW
StrToInt64ExW

Exports

Exports

?XS__EDAbtw@@YGEF@Z
?_gzyroepWB@@YGHD@Z
?jf_ACXHFl@@YGPAGE@Z
?tegdy_du_Vct_m__a@@YGPAK_NPAJ@Z
?_cpxaauxiit@@YGFN_N@Z
?_B_INI_iVVBRk_xxinwda_@@YGHJ@Z
?f_zycxh_TIqkvhp@@YGFF@Z

Sections

.text
Size: 48KB - Virtual size: 47KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 44KB - Virtual size: 199KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 25KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.pdata
Size: 14KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 6KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

320fc2b337a753650792044ef0e7ef5d

Headers

File Characteristics

PDB Paths

Imports

user32

gdi32

kernel32

shlwapi

Exports

Exports

Sections

.text Size: 48KB - Virtual size: 47KB

.data Size: 44KB - Virtual size: 199KB

.rdata Size: 25KB - Virtual size: 25KB

.pdata Size: 14KB - Virtual size: 13KB

.rsrc Size: 6KB - Virtual size: 8KB

.reloc Size: 2KB - Virtual size: 1KB

.text
Size: 48KB - Virtual size: 47KB

.data
Size: 44KB - Virtual size: 199KB

.rdata
Size: 25KB - Virtual size: 25KB

.pdata
Size: 14KB - Virtual size: 13KB

.rsrc
Size: 6KB - Virtual size: 8KB

.reloc
Size: 2KB - Virtual size: 1KB