a55f01431957031ebfdbe4c443103e32_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

a55f01431957031ebfdbe4c443103e32_JaffaCakes118
Size

183KB
MD5

a55f01431957031ebfdbe4c443103e32
SHA1

ec121b8577da7623aab35faca6deff51c11dfaa5
SHA256

e3516edf3608d45a11f221aa0f8f8eacd7c7fa7c83cc7c6278c79e7609229c76
SHA512

16a6c6c174b8dcf80192aeef6dca7ff4925b56fd764094e8351018277103b9dfc164967946561e6a2d2828443fdbe4652ab1d82e4c0a45563cdc8b792b6c968b
SSDEEP

3072:UkO/0mqbDQ8BfaY7GLNdwIdXetEfGuLWrpiYoYO4VQM+IxzmIjn8e/Hc2UaES:UT/3gDQ8paYiL7NfJWFiYZOk3LqI4a8O

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a55f01431957031ebfdbe4c443103e32_JaffaCakes118

Files

a55f01431957031ebfdbe4c443103e32_JaffaCakes118
.exe windows:5 windows x86 arch:x86

f3dfbf3503934a4b78249be5e476713f

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

Q:\xziph\zFan\eszEisn\uXus.pdb

Imports

kernel32

GetLocaleInfoW
OpenFile
IsBadHugeReadPtr
DeleteCriticalSection
HeapCreate
GetTickCount
GetProcAddress
GetCurrentThreadId
IsBadCodePtr
GetModuleHandleW
lstrcpynA
VerSetConditionMask

comdlg32

CommDlgExtendedError
ChooseFontW
GetFileTitleW

shlwapi

PathFindFileNameW

comctl32

ImageList_Create
ImageList_GetImageCount
DestroyPropertySheetPage
InitCommonControlsEx

user32

DefWindowProcA
CreateMenu
GetUserObjectInformationW
GetKeyboardType
SetWindowTextW
AdjustWindowRectEx
DestroyCaret
GetTopWindow
GetWindowTextW
ScreenToClient
SetCaretPos
TileWindows

gdi32

CreateRectRgn
CreateRoundRectRgn
StretchDIBits
SetViewportExtEx
GetTextExtentPointW
RealizePalette
OffsetViewportOrgEx

Exports

Exports

?axOWmzJaJ@@YGIGH@Z
?zjzgdxnZfkSlkgx@@YGPAEGG@Z
?gbnpaVdspvqlIrb@@YGJJ@Z
?miEwCvnDqpFcHmHsp@@YGJEE@Z
?sxTmKtQslUZ@@YGKKK@Z

Sections

.text
Size: 35KB - Virtual size: 35KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 354B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 2KB - Virtual size: 282KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

DATA
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 137KB - Virtual size: 137KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f3dfbf3503934a4b78249be5e476713f

Headers

File Characteristics

PDB Paths

Imports

kernel32

comdlg32

shlwapi

comctl32

user32

gdi32

Exports

Exports

Sections

.text Size: 35KB - Virtual size: 35KB

.rdata Size: 512B - Virtual size: 354B

.data Size: 2KB - Virtual size: 282KB

DATA Size: 3KB - Virtual size: 3KB

.rsrc Size: 137KB - Virtual size: 137KB

.reloc Size: 3KB - Virtual size: 3KB

.text
Size: 35KB - Virtual size: 35KB

.rdata
Size: 512B - Virtual size: 354B

.data
Size: 2KB - Virtual size: 282KB

DATA
Size: 3KB - Virtual size: 3KB

.rsrc
Size: 137KB - Virtual size: 137KB

.reloc
Size: 3KB - Virtual size: 3KB