acccd5bf60d1a1115b4eac9ae933c5b7_JaffaCakes118

General

Target

acccd5bf60d1a1115b4eac9ae933c5b7_JaffaCakes118
Size

184KB
MD5

acccd5bf60d1a1115b4eac9ae933c5b7
SHA1

6f19f8cfbd6be770f65154c267a8fafe73854aba
SHA256

0724007075761cd084ec36e9d88eb2448ce78461c796a5faa301b1e04b5ffa66
SHA512

c99e47f7650d840dd9962e5cd6968ac67d3cb14fbbd010d69d4d5d307ac9c48e1f5ac7255a5358414be0adee6de11d281b94fa85c31405b38fe1fc0b5151550a
SSDEEP

3072:XZUfDiFaFBiT6bAdjBnnXNVHPdW1aTCetUjgN3FHC7IdU3B1Ab0s8NijML4hmIUO:XZUfDiFajiTVdjBnnPUa0gN3Fi8dUxix

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
acccd5bf60d1a1115b4eac9ae933c5b7_JaffaCakes118

Files

acccd5bf60d1a1115b4eac9ae933c5b7_JaffaCakes118
.exe windows:5 windows x86 arch:x86

d58015005a62b49a86b5ba89caea18e2

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

G:\Quam\vOtmypz\freySKn\kipn.pdb

Imports

user32

DrawMenuBar
SetCursorPos
IsChild
GetMessageExtraInfo
WindowFromDC
RegisterClassA
SetRectEmpty
MapDialogRect
InvalidateRgn
LoadCursorA
EnableWindow
LoadCursorW

comctl32

CreateStatusWindowW
ImageList_GetIcon
ImageList_Read

kernel32

lstrcmpW
GetProcAddress
WinExec
LCMapStringA
DeleteFileW
GetThreadContext
SetThreadAffinityMask
ResumeThread
GetModuleHandleW
GetTickCount
GetComputerNameW
HeapSize
lstrlenW

comdlg32

GetFileTitleW
PageSetupDlgW

gdi32

GetCurrentObject
CreateDIBitmap
EndDoc
CreateRectRgn
SetBrushOrgEx
RoundRect
GetSystemPaletteUse

Exports

Exports

?DmukYqtEwqxOagh@@YGFN@Z
?eeimletuJj@@YGXG@Z
?PwrCFaxjeyTKTyl@@YGKDPA_N@Z
?eskmOrCGNjuOtlzl@@YGKH@Z
?qajaAdpbztkbSneoyywgK@@YGXPAD@Z
?Dwmudav@@YGKM@Z
?vwlamGQQ@@YGPAGIPAG@Z

Sections

.text
Size: 27KB - Virtual size: 27KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 143KB - Virtual size: 143KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.crt
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 300B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d58015005a62b49a86b5ba89caea18e2

Headers

File Characteristics

PDB Paths

Imports

user32

comctl32

kernel32

comdlg32

gdi32

Exports

Exports

Sections

.text Size: 27KB - Virtual size: 27KB

.data Size: 143KB - Virtual size: 143KB

.crt Size: 4KB - Virtual size: 4KB

.edata Size: 512B - Virtual size: 300B

.rsrc Size: 4KB - Virtual size: 4KB

.reloc Size: 4KB - Virtual size: 3KB

.text
Size: 27KB - Virtual size: 27KB

.data
Size: 143KB - Virtual size: 143KB

.crt
Size: 4KB - Virtual size: 4KB

.edata
Size: 512B - Virtual size: 300B

.rsrc
Size: 4KB - Virtual size: 4KB

.reloc
Size: 4KB - Virtual size: 3KB