b264171684ba05959d2a32a68c183ba8_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

b264171684ba05959d2a32a68c183ba8_JaffaCakes118
Size

148KB
MD5

b264171684ba05959d2a32a68c183ba8
SHA1

c836af2f06d5949dae8e6d92142cb4ad7efb3b62
SHA256

910d8667fbd1bbfc573486e87e7a52b2b2d3234b450cd2b9d0bcd67116f42793
SHA512

632fdd5745f5fcdd3713f743c816a5f6b6b9351a29f33caeade905e385af8fd501d3c237f5304c539c6b78c02d313eb39ba35c35b30fd4b0404438aa786d633c
SSDEEP

3072:Wi8dLmvLONqfGXhKwJuMUHOQDyYudZ0zO6V/L59Rngo0RGNF4DTE6XfhurXCr3Ut:WnlXwwv5U2gO6N1t09kShOymow

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b264171684ba05959d2a32a68c183ba8_JaffaCakes118

Files

b264171684ba05959d2a32a68c183ba8_JaffaCakes118
.exe windows:5 windows x86 arch:x86

6d79205298a955ec5544cf42e3e18627

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

Z:\nEOH\nmhv\uiVw\PKgfL.pdb

Imports

gdi32

ExtFloodFill
CreateFontA
ExtTextOutA
GetTextExtentPoint32A
CreateCompatibleDC
CreateBitmap
ResizePalette
GetTextMetricsA
RemoveFontResourceW
CreateFontIndirectA
CreateICW
IntersectClipRect
GetTextMetricsW

user32

LockWindowUpdate
DefDlgProcA
LoadCursorW
CreateDialogParamA
InvalidateRgn
WaitMessage
CallWindowProcA
GetDCEx
DefFrameProcA
MapVirtualKeyExW
GetMenuItemCount
GetFocus
GetSysColor
KillTimer
GetDialogBaseUnits
GetMonitorInfoW
SendDlgItemMessageA
DefDlgProcW
GetMenuItemID
RegisterClassA
ActivateKeyboardLayout
TranslateMessage
InsertMenuW
MessageBoxA
PostThreadMessageW
EnableScrollBar
GetDoubleClickTime
SetCursor
GetDC

kernel32

GetCommModemStatus
CreateDirectoryA
FlushFileBuffers
TransactNamedPipe
FindNextFileW
GetStartupInfoW
CopyFileA
EnumResourceNamesW
SetUnhandledExceptionFilter
GetWindowsDirectoryW
IsBadStringPtrW
GetSystemWindowsDirectoryW
GlobalUnlock
SetFileAttributesW
FreeLibrary

ole32

CoUninitialize
CoInitializeEx

comctl32

InitCommonControlsEx
ImageList_GetIconSize
PropertySheetW
ImageList_LoadImageW

Exports

Exports

?ax__zlDQp__A_WDzjx_B@@YGKPA_N@Z
?aoyzm_rsjihD@@YGXF@Z
?_ljhGMVH_XF_gR@@YGPAIMK@Z
?G_F_kyxntezvTCJEEizkW@@YGPAKH@Z
?JIW__ID_TUBFjd_VVZHx@@YGFPAE@Z
?DNSMqntX_G____as@@YGFDPAI@Z

Sections

.text
Size: 89KB - Virtual size: 89KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 42KB - Virtual size: 41KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.mdata
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1KB - Virtual size: 105KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

6d79205298a955ec5544cf42e3e18627

Headers

File Characteristics

PDB Paths

Imports

gdi32

user32

kernel32

ole32

comctl32

Exports

Exports

Sections

.text Size: 89KB - Virtual size: 89KB

.rdata Size: 42KB - Virtual size: 41KB

.mdata Size: 12KB - Virtual size: 11KB

.data Size: 1KB - Virtual size: 105KB

.rsrc Size: 512B - Virtual size: 16B

.reloc Size: 1KB - Virtual size: 1KB

.text
Size: 89KB - Virtual size: 89KB

.rdata
Size: 42KB - Virtual size: 41KB

.mdata
Size: 12KB - Virtual size: 11KB

.data
Size: 1KB - Virtual size: 105KB

.rsrc
Size: 512B - Virtual size: 16B

.reloc
Size: 1KB - Virtual size: 1KB