a04c634d2e7936d34b7c9ed21f0c1dfe_JaffaCakes118

General

Target

a04c634d2e7936d34b7c9ed21f0c1dfe_JaffaCakes118
Size

110KB
MD5

a04c634d2e7936d34b7c9ed21f0c1dfe
SHA1

cbec0b555f37a1fe37b41cccbb1c116c1c72ac9a
SHA256

90188a110cee66f8b1a4f8773de264dfbdc9ff144ceb9bbedae0d19de5cbe0a0
SHA512

d34ad893aabd5bc052f4e6537182e67914882a0794f1dddcae6b634eb3ab5a2de101b324eee0a959f2f512ab47aee1cf1d4d831b8ab48aafc9d67733cd4f38e9
SSDEEP

3072:lITWJqMFBhR9NNRBMlUbX7sc3/FZ5C3fu:NRF5NRBMlOnFZ5u2

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a04c634d2e7936d34b7c9ed21f0c1dfe_JaffaCakes118

Files

a04c634d2e7936d34b7c9ed21f0c1dfe_JaffaCakes118
.exe windows:5 windows x86 arch:x86

a68444c6d46d6e3e7237ac958bb0b3b7

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

comdlg32

CommDlgExtendedError
ChooseColorW
GetOpenFileNameW
PrintDlgW

kernel32

WaitForSingleObject
lstrcmpW
LocalFree
DeleteFileW
GlobalMemoryStatus
LocalAlloc
GetCPInfoExA
FindFirstChangeNotificationW
DeleteFileA
SetEndOfFile
EnumSystemLocalesA
SetUnhandledExceptionFilter

msvcrt

iswascii

gdi32

GetBkMode
CreateFontW
GetTextAlign
MoveToEx
CreateBitmap
EnumFontFamiliesW
CreateCompatibleBitmap
SetWindowExtEx

user32

GetClientRect
GetPropW
GetDlgItemTextA
SetWindowLongW
CallWindowProcA
LoadBitmapW
DeferWindowPos
DestroyWindow
GetForegroundWindow
GetKBCodePage
ReplyMessage
IsCharAlphaW
DrawIcon

Exports

Exports

?JkhbhpsgspHD@@YGKF@Z
Wwkoxsrsk
?RwjeUGwhbtntzlsnLp@@YGMEM@Z
_AzrdyengKqfxgsru
?KxhgBabk@@YGJN@Z
?UyvhgTgl@@YGKDE@Z

Sections

.text
Size: 20KB - Virtual size: 20KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 10KB - Virtual size: 74KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 70KB - Virtual size: 70KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a68444c6d46d6e3e7237ac958bb0b3b7

Headers

File Characteristics

Imports

comdlg32

kernel32

msvcrt

gdi32

user32

Exports

Exports

Sections

.text Size: 20KB - Virtual size: 20KB

.rdata Size: 10KB - Virtual size: 74KB

.data Size: 3KB - Virtual size: 3KB

.rsrc Size: 70KB - Virtual size: 70KB

.reloc Size: 4KB - Virtual size: 4KB

.text
Size: 20KB - Virtual size: 20KB

.rdata
Size: 10KB - Virtual size: 74KB

.data
Size: 3KB - Virtual size: 3KB

.rsrc
Size: 70KB - Virtual size: 70KB

.reloc
Size: 4KB - Virtual size: 4KB