a3d411e13ed2fe70a11c00d769e7e6cd_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

a3d411e13ed2fe70a11c00d769e7e6cd_JaffaCakes118
Size

107KB
MD5

a3d411e13ed2fe70a11c00d769e7e6cd
SHA1

5f84e93fbbc3da789382d651858ca43c0588e9b3
SHA256

700a283cc6970ccab06fd86c360768fc594769110bb8e13fda1f206450531d09
SHA512

61e96b689da842366cf0fdd47061ecd247dad607eb5915c337e11bac2dc111d29566ba55c12a878821e9eb80e96655f492d6a580178ce9e8c4bb340c4d891de5
SSDEEP

1536:l4DqUtl2PgGS8O7DbgyldEbSE4bHvrV7t3UGhS/5Muts1YA1Tp+Nr9ap:iDDl2P9yXbN/JE4bHzVhJI/5oTpH

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a3d411e13ed2fe70a11c00d769e7e6cd_JaffaCakes118

Files

a3d411e13ed2fe70a11c00d769e7e6cd_JaffaCakes118
.exe windows:5 windows x86 arch:x86

b234d0063a0414ecca608674c0bb83d4

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

Q:\mWvq\hutdik\gwte\SqDpBHJj.pdb

Imports

user32

OemToCharBuffA
wsprintfW
CharLowerBuffW
BeginDeferWindowPos
AdjustWindowRect
GetWindowTextA
GetWindowTextLengthA
GetClassInfoW
SetWindowLongW
IsDialogMessageA
IsCharAlphaA
GetCaretPos
GetWindowTextLengthW

kernel32

GetVersionExW
SetCurrentDirectoryW
CreateDirectoryA
GetDateFormatW
LoadLibraryW
LoadLibraryExW
HeapAlloc
GetComputerNameExW
SetErrorMode
lstrcpyW
GlobalCompact
lstrlenW
SetSystemTimeAdjustment
GetOverlappedResult

comctl32

ImageList_Write
CreateStatusWindowW
ImageList_Create
ImageList_GetImageCount

shlwapi

StrIsIntlEqualW
StrCmpNIW
PathIsUNCW

gdi32

CreateFontA
SetPixel
GetTextMetricsA
SetBrushOrgEx
SetLayout
GetSystemPaletteUse
GetTextExtentExPointW

Exports

Exports

?ocqkWmROqjMSosNlzo@@YGFHPAJ@Z
?gMriLpldcaUdHhGgpaff@@YGFGK@Z
?uziMBJeadOeUj@@YGEPAF@Z

Sections

.text
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.edata
Size: 512B - Virtual size: 174B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.xdata
Size: 64KB - Virtual size: 64KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 7KB - Virtual size: 71KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 16KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b234d0063a0414ecca608674c0bb83d4

Headers

File Characteristics

PDB Paths

Imports

user32

kernel32

comctl32

shlwapi

gdi32

Exports

Exports

Sections

.text Size: 5KB - Virtual size: 5KB

.edata Size: 512B - Virtual size: 174B

.xdata Size: 64KB - Virtual size: 64KB

.data Size: 7KB - Virtual size: 71KB

.pdata Size: 11KB - Virtual size: 11KB

.rsrc Size: 16KB - Virtual size: 16KB

.reloc Size: 1KB - Virtual size: 1KB

.text
Size: 5KB - Virtual size: 5KB

.edata
Size: 512B - Virtual size: 174B

.xdata
Size: 64KB - Virtual size: 64KB

.data
Size: 7KB - Virtual size: 71KB

.pdata
Size: 11KB - Virtual size: 11KB

.rsrc
Size: 16KB - Virtual size: 16KB

.reloc
Size: 1KB - Virtual size: 1KB