b05d2b8a0ef5835120b48cf97318c9a9_JaffaCakes118

General

Target

b05d2b8a0ef5835120b48cf97318c9a9_JaffaCakes118
Size

122KB
MD5

b05d2b8a0ef5835120b48cf97318c9a9
SHA1

8bb96774cd4db24fdd2725b6513833f86b5073f0
SHA256

9e11122bc051e8dabbe8466db3208d507494eccc3571a4d487acb40cc3ec1533
SHA512

226457a2974ca98b956f56c274bfe3f9d08ddfff999ff73f5a36d33b038c0eaaec2d62bde24dde9cb7e382532c091402602de16f981558a31494dddb4c1dc8dd
SSDEEP

3072:8ezVRiVxVBPJBAJ3lVnGriYZVVHz8kIYhIeyYsd:d633PJ6DEriYZVVzjpyYsd

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b05d2b8a0ef5835120b48cf97318c9a9_JaffaCakes118

Files

b05d2b8a0ef5835120b48cf97318c9a9_JaffaCakes118
.exe windows:5 windows x86 arch:x86

03bee5a5695498338e5461160331f597

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

Q:\tmvkl\uCfankq\ZcmMxwzCAL85_0THE7_

Imports

comdlg32

ReplaceTextW
FindTextW
GetFileTitleW
ChooseFontW
GetSaveFileNameA

gdi32

CreateFontIndirectW
ExcludeClipRect
ScaleViewportExtEx
SetDIBColorTable
SelectPalette
GetNearestPaletteIndex
RestoreDC
GetTextAlign
LineTo
TextOutA
GetSystemPaletteUse
SaveDC
PatBlt
PathToRegion
CreateRoundRectRgn

shlwapi

StrCatW

kernel32

GlobalSize
VirtualQuery
TlsGetValue
GetThreadPriority
FindResourceExA
SearchPathW
GlobalAddAtomW
HeapValidate
HeapWalk
ReleaseMutex
QueryPerformanceCounter
GetCommModemStatus
CreateFileA
GetComputerNameW
FoldStringW

user32

GetShellWindow
PostMessageW
DefDlgProcW
GetDialogBaseUnits
CreateWindowExA
GetCursorPos
GetUserObjectInformationW
AppendMenuW
CreateCaret
ScrollWindowEx
GetMenuItemCount
ClientToScreen
GetKeyNameTextW
mouse_event
AdjustWindowRectEx
LoadCursorA
ShowOwnedPopups
GetClassInfoExW
IsMenu
CopyRect
CopyAcceleratorTableW
AppendMenuA
TranslateMessage
GetClassLongA
MapVirtualKeyExW
DrawIcon
CharUpperA
OpenDesktopW
wsprintfA
OpenIcon
MessageBoxExA
InvertRect

Exports

Exports

?_EnumDesktopsA@@YGXEH@Z

Sections

.text
Size: 117KB - Virtual size: 116KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: - Virtual size: 132KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

03bee5a5695498338e5461160331f597

Headers

File Characteristics

PDB Paths

Imports

comdlg32

gdi32

shlwapi

kernel32

user32

Exports

Exports

Sections

.text Size: 117KB - Virtual size: 116KB

.rdata Size: - Virtual size: 132KB

.rsrc Size: 2KB - Virtual size: 2KB

.reloc Size: 1KB - Virtual size: 1KB

.text
Size: 117KB - Virtual size: 116KB

.rdata
Size: - Virtual size: 132KB

.rsrc
Size: 2KB - Virtual size: 2KB

.reloc
Size: 1KB - Virtual size: 1KB