a0ba8f101e7a5b463eac9335dd46e965_JaffaCakes118

General

Target

a0ba8f101e7a5b463eac9335dd46e965_JaffaCakes118
Size

2.5MB
MD5

a0ba8f101e7a5b463eac9335dd46e965
SHA1

e9776bdaa68984c0dcf86dd9c7acf1ab7c5c2846
SHA256

dd93134671a0e5e9d01e60628d4a0cad4c61145622f655fb16d04b791424a5e5
SHA512

3abfa232133e7e7a06c33879d5ad5013514b5e5f7dd4186225408ce09d3dbe8d0151fc55be050f424da43a98811face0cfef115d921d4def6c93050cab8ba475
SSDEEP

49152:6x04pU3b8lxvswH6p6Zp1KRvirjwujOPz8NG1:6x04pU3Qap6Zp1KR6Hw6O

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a0ba8f101e7a5b463eac9335dd46e965_JaffaCakes118

Files

a0ba8f101e7a5b463eac9335dd46e965_JaffaCakes118
.exe windows:5 windows x86 arch:x86

a174f37c81edc71b70f34222b10ceeaa

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

D:\WzTWhZrf\oJsimgpca\ygJwWvP\Jjiigrfpqp.Fan

Imports

comctl32

InitCommonControlsEx
ImageList_GetImageCount

user32

CreateDialogParamA
SendMessageTimeoutA
VkKeyScanW
GetDoubleClickTime
ExitWindowsEx
CallWindowProcW
ToUnicodeEx
LoadCursorA
SetCaretPos
FillRect
OffsetRect
EnumWindows

kernel32

SuspendThread
MoveFileExA
GetWindowsDirectoryW
RemoveDirectoryW
lstrcpynW
GetConsoleAliasExesLengthW
IsBadStringPtrW
GetLogicalDrives
lstrcpynA
FindResourceExW
CompareStringW
GlobalSize
ReleaseSemaphore

ole32

CoTaskMemAlloc
CoTaskMemFree

gdi32

OffsetRgn
CreatePenIndirect
GetDIBits
CreateFontIndirectA
GetRgnBox
WidenPath

Exports

Exports

?GwedaWrxg@@YGPAXHPAD@Z
?FnbswoybXxdzt@@YGHMD@Z
?TeTgrctjqwxj@@YGPAXD@Z
?YcsyjjawjargtbqoS@@YGPAEPAGG@Z
?QxnTJmeSmgvgaelJzRpd@@YGXK@Z
?NbszsltxbolbTlcqogkrz@@YGEPA_N@Z

Sections

.itext
Size: 17KB - Virtual size: 16KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.text
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 6KB - Virtual size: 20.5MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2.5MB - Virtual size: 2.5MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a174f37c81edc71b70f34222b10ceeaa

Headers

File Characteristics

PDB Paths

Imports

comctl32

user32

kernel32

ole32

gdi32

Exports

Exports

Sections

.itext Size: 17KB - Virtual size: 16KB

.text Size: 5KB - Virtual size: 4KB

.data Size: 6KB - Virtual size: 20.5MB

.rsrc Size: 2.5MB - Virtual size: 2.5MB

.reloc Size: 2KB - Virtual size: 2KB

.itext
Size: 17KB - Virtual size: 16KB

.text
Size: 5KB - Virtual size: 4KB

.data
Size: 6KB - Virtual size: 20.5MB

.rsrc
Size: 2.5MB - Virtual size: 2.5MB

.reloc
Size: 2KB - Virtual size: 2KB