b5a0fe675e3afbe1e80daf097972fbc9_JaffaCakes118

General

Target

b5a0fe675e3afbe1e80daf097972fbc9_JaffaCakes118
Size

91KB
MD5

b5a0fe675e3afbe1e80daf097972fbc9
SHA1

4584b827658f4412aa14204a22a7093006390607
SHA256

1cf415f273f25962b36d104e95465f67f6be865a156c77de6ab0d8335a194522
SHA512

93053ae77f386b371cc33b760ac5df609f1214d7fe9134013d7e37c3322b13362515603fe237d67324891469f9a8422ecdecfacc763b6b2acb7761e74eb67c9c
SSDEEP

1536:2eJAP/nlAh19Re0sVtWKKwnHoqeb9PUvB3xjHwYoAuaQIyg9fEG0C36:2einnmxRecFKHgGJkYlEZ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b5a0fe675e3afbe1e80daf097972fbc9_JaffaCakes118

Files

b5a0fe675e3afbe1e80daf097972fbc9_JaffaCakes118
.exe windows:5 windows x86 arch:x86

c2ba925058c3d67f162dc8feb4b1f88d

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

I:\ueQut\ubcql\vhvZaw\smyIt.pdb

Imports

kernel32

GetSystemDirectoryA
SetNamedPipeHandleState
UnlockFile
CreateSemaphoreW
lstrcmpA
GetTickCount
AddAtomW
SetMailslotInfo
GetTempFileNameA
GlobalFindAtomW
FindNextFileW
SetHandleInformation

gdi32

SetWindowOrgEx
ExtFloodFill
SetLayout
GetMapMode
AddFontResourceW
TranslateCharsetInfo
ScaleViewportExtEx
SetPaletteEntries
GetTextExtentPointA
WidenPath

shlwapi

StrSpnA

user32

SetDlgItemTextW
OffsetRect
PtInRect
BringWindowToTop
CopyRect
InsertMenuItemW
ChangeMenuW
GetSystemMetrics
DestroyWindow
SetTimer
CharPrevW
SendDlgItemMessageW

Exports

Exports

?rjNyiIhnWgqi@@YGXGG@Z
?WatqKtktyiniVumw@@YGPAXK@Z
?GsniJyUceXKayiBzZlseW@@YGJE@Z
?alzQDrezgW@@YGPAMKI@Z
?DmgArDbSdnvEylihTvk@@YGHGPAI@Z
?bIFZAMiiharxqfifwadhuq@@YGDD@Z
?gYiufjlv@@YGPAEM_N@Z

Sections

.text
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.crt
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 63KB - Virtual size: 63KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

c2ba925058c3d67f162dc8feb4b1f88d

Headers

File Characteristics

PDB Paths

Imports

kernel32

gdi32

shlwapi

user32

Exports

Exports

Sections

.text Size: 10KB - Virtual size: 10KB

.data Size: 4KB - Virtual size: 24KB

.crt Size: 10KB - Virtual size: 10KB

.rsrc Size: 63KB - Virtual size: 63KB

.reloc Size: 2KB - Virtual size: 1KB

.text
Size: 10KB - Virtual size: 10KB

.data
Size: 4KB - Virtual size: 24KB

.crt
Size: 10KB - Virtual size: 10KB

.rsrc
Size: 63KB - Virtual size: 63KB

.reloc
Size: 2KB - Virtual size: 1KB