b4f66a4068a0f1dbaf134e63de8187ac_JaffaCakes118

General

Target

b4f66a4068a0f1dbaf134e63de8187ac_JaffaCakes118
Size

173KB
MD5

b4f66a4068a0f1dbaf134e63de8187ac
SHA1

465ccf3a044c85dd70874559a36f98c5c4712934
SHA256

f0544841a8bb9eedf81267c8b523ecc52eb133deadb71975d340e89d7cc58211
SHA512

17f851135b870d3a898d7e00ae7f1166334e0b267cb8f8f36ab8f73586f2e5becaadafe342697c4895011fd39d2d3d1b1611f6413d5cbe1cdcc997841546c86f
SSDEEP

3072:YLivgza4zSPk0jH6yqyDi4pcmP66Q1eb3YiVrQ9BgzGK1mf05n8:0EgO4kSci4dPRX3YyQUVUf06

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b4f66a4068a0f1dbaf134e63de8187ac_JaffaCakes118

Files

b4f66a4068a0f1dbaf134e63de8187ac_JaffaCakes118
.exe windows:5 windows x86 arch:x86

0a15677ae695c067c56f667024b2a4c0

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

T:\dFBKi\ngwUw\DmukYvqn\tzntnycn.pdb

Imports

gdi32

SetBrushOrgEx
DPtoLP
GetTextExtentPoint32A
OffsetRgn
LineDDA
ResizePalette
CreatePalette
EnumFontFamiliesW

kernel32

GetStringTypeExW
FreeResource
DeleteCriticalSection
SetUnhandledExceptionFilter
SystemTimeToFileTime
GetModuleHandleW
lstrcmpW
EnumResourceNamesA
GetProcAddress
lstrlenW
HeapUnlock
TransactNamedPipe

ntdll

_aullrem

user32

GetWindowPlacement
WaitMessage
LoadStringA
LoadIconA
LoadStringW
DialogBoxParamW
InvalidateRgn
CheckRadioButton
WindowFromDC
SetRectEmpty
TranslateMessage
GetUpdateRgn
IsWindowUnicode
GetDCEx

Exports

Exports

?cbzyFMuixqcsfhaxzoymp@@YGJE@Z
?vEcrqqUiGkehmfk@@YGXPAK@Z
?pailTcfrwvxxBVZnMaz@@YGKPAFPAK@Z
?nnggkkjbyshrVbfnE@@YGPAGPAM@Z
?yBirebKvrsopNxo@@YGEE@Z
?osqGZbATmeiX@@YGEK@Z

Sections

.text
Size: 15KB - Virtual size: 14KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 141KB - Virtual size: 217KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.crt
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

0a15677ae695c067c56f667024b2a4c0

Headers

File Characteristics

PDB Paths

Imports

gdi32

kernel32

ntdll

user32

Exports

Exports

Sections

.text Size: 15KB - Virtual size: 14KB

.data Size: 141KB - Virtual size: 217KB

.crt Size: 3KB - Virtual size: 3KB

.edata Size: 1KB - Virtual size: 1KB

.rsrc Size: 8KB - Virtual size: 8KB

.reloc Size: 2KB - Virtual size: 2KB

.text
Size: 15KB - Virtual size: 14KB

.data
Size: 141KB - Virtual size: 217KB

.crt
Size: 3KB - Virtual size: 3KB

.edata
Size: 1KB - Virtual size: 1KB

.rsrc
Size: 8KB - Virtual size: 8KB

.reloc
Size: 2KB - Virtual size: 2KB