b50c48d9834a440ce3ace9b02c5b086b_JaffaCakes118

General

Target

b50c48d9834a440ce3ace9b02c5b086b_JaffaCakes118
Size

81KB
MD5

b50c48d9834a440ce3ace9b02c5b086b
SHA1

b7cd923b31746df8ddd5a2cb74debb9b04bd7441
SHA256

989e44583d52b2479bfe3931638a11e0cd007e916547b5793161fbe4a6c8900d
SHA512

742725967821e6a28909a5313b4eb3babeb731a19127c01ccd5ee056762014961f216591f4b74e9efe60d808e14c4541bef13ee20839c40f65cf5348bc52efee
SSDEEP

1536:GNMXorgXDfai+uUr7pvhP+OR3pfaTFI6wJUnwyXP4YannnvdferEa:GN8Yg7A9rjLfaC6wJadpanv0rEa

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b50c48d9834a440ce3ace9b02c5b086b_JaffaCakes118

Files

b50c48d9834a440ce3ace9b02c5b086b_JaffaCakes118
.exe windows:5 windows x86 arch:x86

e6a063b6f8990c7fd269b2c41bd01ea3

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

L:\wcsjop\anPUsrsh\yhtjToX.pdb

Imports

comdlg32

ChooseFontW
PrintDlgExW
GetFileTitleW

user32

SetDlgItemTextA
EndDialog
wsprintfW
CharNextA
CopyRect
WindowFromPoint
OemToCharA
GetWindowContextHelpId
CharToOemA
GetScrollInfo
GetDC
IsWindowUnicode
LoadBitmapW

gdi32

SetDIBitsToDevice
CreatePatternBrush
LPtoDP
PtInRegion
UnrealizeObject
ExtFloodFill
CreateEllipticRgnIndirect
GetObjectW

kernel32

GetStringTypeA
GlobalHandle
GetBinaryTypeA
SearchPathW
InterlockedIncrement
GetFileTime
CreateMailslotW
CreateRemoteThread
lstrlenW
CallNamedPipeW
GetNumberFormatA
GetVersion
GetCurrentThread

Exports

Exports

?btuAeHLEhkvovfkqHc@@YGEPAHJ@Z
?GWlyKsPVoNrM@@YGPAJIPAH@Z
?ktBcvhju@@YGPAXD@Z
?vMcpZvt@@YGJJPAI@Z
?BlmCvftzgsHJedLMjdzkdP@@YGPAHPAKH@Z
?chGcJMxnse@@YGFPAF@Z
?lQlkVqWCfNwqa@@YGIE@Z

Sections

.text
Size: 36KB - Virtual size: 35KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.itext
Size: 512B - Virtual size: 164B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 31KB - Virtual size: 31KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rdata
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 3KB - Virtual size: 95KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e6a063b6f8990c7fd269b2c41bd01ea3

Headers

File Characteristics

PDB Paths

Imports

comdlg32

user32

gdi32

kernel32

Exports

Exports

Sections

.text Size: 36KB - Virtual size: 35KB

.itext Size: 512B - Virtual size: 164B

.rsrc Size: 31KB - Virtual size: 31KB

.rdata Size: 5KB - Virtual size: 5KB

.data Size: 3KB - Virtual size: 95KB

.reloc Size: 4KB - Virtual size: 4KB

.text
Size: 36KB - Virtual size: 35KB

.itext
Size: 512B - Virtual size: 164B

.rsrc
Size: 31KB - Virtual size: 31KB

.rdata
Size: 5KB - Virtual size: 5KB

.data
Size: 3KB - Virtual size: 95KB

.reloc
Size: 4KB - Virtual size: 4KB