b6918e1067974b78c015bf5c69b949c0_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

b6918e1067974b78c015bf5c69b949c0_JaffaCakes118
Size

88KB
MD5

b6918e1067974b78c015bf5c69b949c0
SHA1

e651af8ece1ed24545d91b5ce169ab6c90430527
SHA256

6ee999b195db0e9580951ab1b7215ec811158712ce14bcb0c018eb769b53e7ba
SHA512

b3dee625eba1f1bc74b272022b87d4b1a5d1a3c16faa900a75cb0e7af203e560c26f9fa7ac5b0aaea53f88954b05c17248f56324885270b2816ca0c31a35ed84
SSDEEP

1536:ipUfDFORhxgoJihZVNjCjLmJJNmYIl786gAbnPzNgFSWqLzCzHgScNN:ipuDQLxtghZzm3mbQjgunPKxZg1D

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b6918e1067974b78c015bf5c69b949c0_JaffaCakes118

Files

b6918e1067974b78c015bf5c69b949c0_JaffaCakes118
.exe windows:5 windows x86 arch:x86

2ef7df51a2e28c23e4d4b38e4fa6d433

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

A:\UjaDZasi\tnkYq\EstvUkSd\mDXqbzpq.pdb

Imports

comctl32

InitCommonControlsEx
CreatePropertySheetPageA

shlwapi

PathFindExtensionA
StrToIntA
PathIsFileSpecA

user32

GetMessagePos
IsWindowUnicode
IsCharAlphaW
SetDlgItemTextW
SetActiveWindow
GetWindowPlacement
ReplyMessage
MapWindowPoints
DestroyCursor
SetRect
FindWindowExA
EndPaint
LoadStringW
ClipCursor

kernel32

GlobalDeleteAtom
IsBadStringPtrW
LoadLibraryExA
LoadLibraryW
GetCurrentThread
lstrlenA
DeleteAtom
CreateEventW
ExitProcess
lstrlenW

msvcrt

exit

gdi32

GetNearestColor
GetMapMode
GetTextAlign
ExtFloodFill
EnumFontFamiliesExW

Exports

Exports

?JC_C__T__LCKtjaUHBOb@@YGPAHPAKD@Z
?PSRHGZ_fmtvc_BIq_@@YGNPAFI@Z
?rscu___dsoI@@YGPAXE@Z
?fvrnh___gec_qqipy@@YGIF@Z
?yjnqKHI_DCmvHKCC_@@YGPAEPAM@Z
?BXCMBYt_@@YGPAED@Z
?qq__S_O_GWkhsit_@@YGGFK@Z
?ORu___ubJ_L@@YGEJ@Z
?pyhrySOGUbO_k_w@@YGPAJI@Z

Sections

.text
Size: 45KB - Virtual size: 45KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

debug
Size: 2KB - Virtual size: 161KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.code
Size: 157KB - Virtual size: 156KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

2ef7df51a2e28c23e4d4b38e4fa6d433

Headers

File Characteristics

PDB Paths

Imports

comctl32

shlwapi

user32

kernel32

msvcrt

gdi32

Exports

Exports

Sections

.text Size: 45KB - Virtual size: 45KB

.rdata Size: 10KB - Virtual size: 10KB

debug Size: 2KB - Virtual size: 161KB

.code Size: 157KB - Virtual size: 156KB

.rsrc Size: 8KB - Virtual size: 8KB

.reloc Size: 1KB - Virtual size: 1KB

.text
Size: 45KB - Virtual size: 45KB

.rdata
Size: 10KB - Virtual size: 10KB

debug
Size: 2KB - Virtual size: 161KB

.code
Size: 157KB - Virtual size: 156KB

.rsrc
Size: 8KB - Virtual size: 8KB

.reloc
Size: 1KB - Virtual size: 1KB