b629e0f5414e5efae880a4895ae6abe4_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

b629e0f5414e5efae880a4895ae6abe4_JaffaCakes118
Size

150KB
MD5

b629e0f5414e5efae880a4895ae6abe4
SHA1

c370939f1f67b2637ae866cd2715fccebd52e67e
SHA256

c802638bfdf36e34a77268499b888e3080b2f8e212bbd2c476e11b19b4d1766f
SHA512

24cd8fccbe6b4d9eb6ba9e66d02ff1913f2a2504ba3b3f6e217f8fa55ea14e2059ff18b371ff462d6e6f4ccbcda52da89a2723aec30e7c1fb70e397ea05efead
SSDEEP

3072:mrnzlCK87bQdv6cXkHANoS5qXP3z+6mEU2GAsbsnas992jtE:4CK8gPk13Xq6iwaFp

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b629e0f5414e5efae880a4895ae6abe4_JaffaCakes118

Files

b629e0f5414e5efae880a4895ae6abe4_JaffaCakes118
.exe windows:5 windows x86 arch:x86

c7b274521dbe0cabd3f52e6a28d4a2e9

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

Z:\TOJL\LSREkstg\xnKtm\qevd.pdb

Imports

comdlg32

GetOpenFileNameA
GetSaveFileNameA

user32

SetClassLongW
RegisterHotKey
DialogBoxParamA
AdjustWindowRectEx
GetWindowDC
wsprintfA
BeginPaint
GetLastActivePopup
InSendMessageEx
HideCaret
RemovePropW
SetMenuDefaultItem
InsertMenuW
OemToCharA
GetMenuCheckMarkDimensions
DialogBoxParamW
GetMessageW
SystemParametersInfoA
CopyRect
FindWindowW
CreateDialogParamW
CharToOemW
GetMenu
GrayStringW
CharLowerBuffW
GetUserObjectInformationW
SetWindowRgn
GetSystemMenu

kernel32

CreateMailslotW
CancelIo
SetHandleInformation
CreateFileMappingW
CreateWaitableTimerW
lstrcatA
lstrlenW
GlobalFlags
IsDBCSLeadByte
DisconnectNamedPipe
FindNextFileW
IsBadReadPtr
lstrcmpiW
lstrcmpA
GetStartupInfoW

gdi32

CreateHatchBrush
StretchDIBits
CreateCompatibleDC
FillRgn
CreateFontIndirectW
RectVisible
DeleteObject
ExcludeClipRect
GetTextColor
GetTextExtentPoint32W
GetPaletteEntries
GetNearestPaletteIndex
GetSystemPaletteEntries

ole32

CoUninitialize
CoInitializeEx

Exports

Exports

?SCjepgiIEIMijdce_gfkL@@YGPAGG@Z
?____cntxcuBWWRSLXf@@YGPAIPAF@Z
?W_svykj@@YGIM@Z
?hTCZTY_QTW_@@YGXKK@Z

Sections

.text
Size: 91KB - Virtual size: 90KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 21KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.mdata
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 22KB - Virtual size: 130KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

c7b274521dbe0cabd3f52e6a28d4a2e9

Headers

File Characteristics

PDB Paths

Imports

comdlg32

user32

kernel32

gdi32

ole32

Exports

Exports

Sections

.text Size: 91KB - Virtual size: 90KB

.rdata Size: 21KB - Virtual size: 21KB

.mdata Size: 12KB - Virtual size: 11KB

.data Size: 22KB - Virtual size: 130KB

.rsrc Size: 512B - Virtual size: 16B

.reloc Size: 1KB - Virtual size: 1KB

.text
Size: 91KB - Virtual size: 90KB

.rdata
Size: 21KB - Virtual size: 21KB

.mdata
Size: 12KB - Virtual size: 11KB

.data
Size: 22KB - Virtual size: 130KB

.rsrc
Size: 512B - Virtual size: 16B

.reloc
Size: 1KB - Virtual size: 1KB