ac3521dd65038c17891e97c215f0ceb3_JaffaCakes118

General

Target

ac3521dd65038c17891e97c215f0ceb3_JaffaCakes118
Size

92KB
MD5

ac3521dd65038c17891e97c215f0ceb3
SHA1

cad958906c6ad7d747cc4943b249d8434ef36f22
SHA256

136a87a0b6d611107a474f64805bc5e09ef643faddc8fe79d8c39c36a0098362
SHA512

4b6b5b09a89e9206c556ef89f0aa831e82ebbb4cc8f1c3d8c06bab1688c9df5fab8f178df49c0451d4a35ec47904848666b782efe6ebcdede9534bdb042c3071
SSDEEP

1536:lD92sTVQAfdpL8+Er0/DoYPIp+YXJRGb2WxjJAWjJkBlwawdJbKH:lxmU6rLmiWh9mSrJbO

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ac3521dd65038c17891e97c215f0ceb3_JaffaCakes118

Files

ac3521dd65038c17891e97c215f0ceb3_JaffaCakes118
.exe windows:5 windows x86 arch:x86

3b03497cdbf3580c93d38108ff85023c

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

M:\kOAh\ccuFlW\DSnIEEb\sMomYdjq.pdb

Imports

comctl32

ImageList_GetIconSize
ImageList_Destroy
ImageList_Remove

shlwapi

PathFindExtensionA

kernel32

lstrlenW
GetAtomNameA
GetUserDefaultLCID
SetSystemTimeAdjustment
lstrcmpiW
GlobalMemoryStatusEx
SetThreadPriority
ResetEvent
IsValidLanguageGroup
CloseHandle
CreateSemaphoreW
GetTickCount
FindResourceExW

user32

IsCharLowerA
MoveWindow
LoadImageW
EnumThreadWindows
WindowFromPoint
CharUpperW
LoadIconW
FindWindowExW
DestroyMenu
MessageBoxExA
RegisterWindowMessageW
IsCharAlphaW
GetLastInputInfo
SetDlgItemTextA

gdi32

StretchBlt
GetNearestPaletteIndex
GetLayout
CreateCompatibleBitmap
EndPath
SetPixel
GetDeviceCaps

Exports

Exports

?hjmjsWeuwaabmE@@YGFEPAI@Z
?eykMjRfaytKfwvob@@YGGPAMJ@Z
?sPOmHGcrDsbKekSiuq@@YGXGH@Z
?drgGyzszUqllPjqzTbllij@@YGEPANI@Z
?nFbaYxTfBPOWm@@YGDPAMPAI@Z
?YxyulximdijUuT@@YGPAHPAI@Z
?dgHjzmNfmVqfqxg@@YGPAJF@Z

Sections

.itext
Size: 512B - Virtual size: 172B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.text
Size: 18KB - Virtual size: 17KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 6KB - Virtual size: 78KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 64KB - Virtual size: 64KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

3b03497cdbf3580c93d38108ff85023c

Headers

File Characteristics

PDB Paths

Imports

comctl32

shlwapi

kernel32

user32

gdi32

Exports

Exports

Sections

.itext Size: 512B - Virtual size: 172B

.text Size: 18KB - Virtual size: 17KB

.data Size: 6KB - Virtual size: 78KB

.rsrc Size: 64KB - Virtual size: 64KB

.reloc Size: 2KB - Virtual size: 2KB

.itext
Size: 512B - Virtual size: 172B

.text
Size: 18KB - Virtual size: 17KB

.data
Size: 6KB - Virtual size: 78KB

.rsrc
Size: 64KB - Virtual size: 64KB

.reloc
Size: 2KB - Virtual size: 2KB