9683700f224da2f6d59ddce6d113f08f_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

9683700f224da2f6d59ddce6d113f08f_JaffaCakes118
Size

171KB
MD5

9683700f224da2f6d59ddce6d113f08f
SHA1

a3104c39b6facf6f81eca748d2746dbb7651cb35
SHA256

896a82ef42794aa6c998fc2f3bba943560eebc7d0dcf48ee650d74dc2edc79d1
SHA512

5037ef340b843a149c302ec193f22a8d6bb9c28367fc53b83c527e71feede6a19e7f1abf5aa6ffca490d65b2bd584f2c89cfc31250427dde3629690b37a1d24b
SSDEEP

3072:DdGlB+XoNU5KavSW9xxSnQ+pCh9Zgjv4R9EDowAwMTIlTxmlmM:JEB+Xoy5KavT9/S1py9Zgz4fEDoxIxQs

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
9683700f224da2f6d59ddce6d113f08f_JaffaCakes118

Files

9683700f224da2f6d59ddce6d113f08f_JaffaCakes118
.exe windows:5 windows x86 arch:x86

6c3ffc81327105f313b3227eb7c6b21a

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

M:\vtZywaaxpnj\nzqyxvRTzjj\ushvuhRFdqijSh.pdb

Imports

kernel32

SetThreadAffinityMask
HeapCreate
CreateDirectoryW
GetNumberFormatW
GetSystemTimeAdjustment
OpenFileMappingW
GetUserDefaultLCID
FlushViewOfFile
lstrcmpA
GetModuleFileNameW
ExitThread
EnumResourceNamesW
TryEnterCriticalSection
GetUserDefaultLangID
RaiseException
SetThreadExecutionState
GetSystemDirectoryA
SetFileAttributesW
CreateEventW
TlsSetValue
GetCommandLineA
WaitCommEvent
SetCommBreak
GlobalAddAtomA
OpenFileMappingA
GetModuleHandleExW
FlushFileBuffers
TlsFree
DeleteFileW
SetCommState
CreateNamedPipeW
GetCommState
GlobalAddAtomW

comdlg32

FindTextW
ChooseFontW
CommDlgExtendedError
ChooseColorW

comctl32

ImageList_GetImageCount
CreateToolbarEx
CreatePropertySheetPageA
ImageList_Create
ImageList_AddMasked
ImageList_Write

user32

wvsprintfW
LoadMenuA
CreateDialogIndirectParamW
LoadStringW
GetScrollInfo
SendDlgItemMessageW
ActivateKeyboardLayout
ShowCursor
MessageBoxA
CreateIconFromResource
ShowCaret
SendNotifyMessageW
GetMenuItemRect
CharToOemA
CheckMenuItem
TranslateAcceleratorA
RegisterClassA
SetDlgItemInt
InvertRect
ShowScrollBar
CharToOemBuffA
OffsetRect
GetWindowLongW
FillRect
PostThreadMessageA
LoadCursorA
OemToCharA
MonitorFromRect
BringWindowToTop
ChangeMenuW
GetSubMenu
LoadIconW

Exports

Exports

?FindSizeOld@@YGMPADJPAEF<V

Sections

.text
Size: 146KB - Virtual size: 145KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 22KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

6c3ffc81327105f313b3227eb7c6b21a

Headers

File Characteristics

PDB Paths

Imports

kernel32

comdlg32

comctl32

user32

Exports

Exports

Sections

.text Size: 146KB - Virtual size: 145KB

.data Size: 22KB - Virtual size: 21KB

.rsrc Size: 512B - Virtual size: 16B

.reloc Size: 2KB - Virtual size: 1KB

.text
Size: 146KB - Virtual size: 145KB

.data
Size: 22KB - Virtual size: 21KB

.rsrc
Size: 512B - Virtual size: 16B

.reloc
Size: 2KB - Virtual size: 1KB