af6baa7ad9157728209c1168fa42fca5_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

af6baa7ad9157728209c1168fa42fca5_JaffaCakes118
Size

96KB
MD5

af6baa7ad9157728209c1168fa42fca5
SHA1

c2fee10a96c646be5ec53079d307f2ae1e8d57c7
SHA256

9a933db1dbd7ae6908441e7ab988eb3058039803dd3db6b27e57eefd6293634b
SHA512

1fa9c599b13ed1581cea86cf121c64a10130d0051630b3d4fc57301f380d0dcda68ea2ab7aa13c48d2cf2cc29df97eb976951a4e49bda7b66b81505684cba5d0
SSDEEP

1536:ipUfDFORhxgoJihZVNjCjLmJJNmYIl786gAbnPzNgFSWqLzCzHgScNRpM0:ipuDQLxtghZzm3mbQjgunPKxZg1JM0

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
af6baa7ad9157728209c1168fa42fca5_JaffaCakes118

Files

af6baa7ad9157728209c1168fa42fca5_JaffaCakes118
.exe windows:5 windows x86 arch:x86

2ef7df51a2e28c23e4d4b38e4fa6d433

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

A:\UjaDZasi\tnkYq\EstvUkSd\mDXqbzpq.pdb

Imports

comctl32

InitCommonControlsEx
CreatePropertySheetPageA

shlwapi

PathFindExtensionA
StrToIntA
PathIsFileSpecA

user32

GetMessagePos
IsWindowUnicode
IsCharAlphaW
SetDlgItemTextW
SetActiveWindow
GetWindowPlacement
ReplyMessage
MapWindowPoints
DestroyCursor
SetRect
FindWindowExA
EndPaint
LoadStringW
ClipCursor

kernel32

GlobalDeleteAtom
IsBadStringPtrW
LoadLibraryExA
LoadLibraryW
GetCurrentThread
lstrlenA
DeleteAtom
CreateEventW
ExitProcess
lstrlenW

msvcrt

exit

gdi32

GetNearestColor
GetMapMode
GetTextAlign
ExtFloodFill
EnumFontFamiliesExW

Exports

Exports

?JC_C__T__LCKtjaUHBOb@@YGPAHPAKD@Z
?PSRHGZ_fmtvc_BIq_@@YGNPAFI@Z
?rscu___dsoI@@YGPAXE@Z
?fvrnh___gec_qqipy@@YGIF@Z
?yjnqKHI_DCmvHKCC_@@YGPAEPAM@Z
?BXCMBYt_@@YGPAED@Z
?qq__S_O_GWkhsit_@@YGGFK@Z
?ORu___ubJ_L@@YGEJ@Z
?pyhrySOGUbO_k_w@@YGPAJI@Z

Sections

.text
Size: 45KB - Virtual size: 45KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

debug
Size: 2KB - Virtual size: 161KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.code
Size: 157KB - Virtual size: 156KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

2ef7df51a2e28c23e4d4b38e4fa6d433

Headers

File Characteristics

PDB Paths

Imports

comctl32

shlwapi

user32

kernel32

msvcrt

gdi32

Exports

Exports

Sections

.text Size: 45KB - Virtual size: 45KB

.rdata Size: 10KB - Virtual size: 10KB

debug Size: 2KB - Virtual size: 161KB

.code Size: 157KB - Virtual size: 156KB

.rsrc Size: 8KB - Virtual size: 8KB

.reloc Size: 1KB - Virtual size: 1KB

.text
Size: 45KB - Virtual size: 45KB

.rdata
Size: 10KB - Virtual size: 10KB

debug
Size: 2KB - Virtual size: 161KB

.code
Size: 157KB - Virtual size: 156KB

.rsrc
Size: 8KB - Virtual size: 8KB

.reloc
Size: 1KB - Virtual size: 1KB