b72e19750d7d203358d1506f276d5927_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

b72e19750d7d203358d1506f276d5927_JaffaCakes118
Size

114KB
MD5

b72e19750d7d203358d1506f276d5927
SHA1

e67cb513df49653ca7d838d7c59162c0610f9a20
SHA256

4bc6e4c0663663f58c606de8332cd3e710b384238d8b801a3cf63531eedc592f
SHA512

80521ea94f96d80c4d2620da56b174236468e47ee287534a30cad18fb3af5be9e43ce2d71c12627909c0697849a50b680b5e0e596b47ff298d985454229b8b6a
SSDEEP

1536:CSDQ7036J/D3tnp03OdkGrqcqaE9FGTBKz04L2W111u9AAg5r3grtT8B:CcQUyr35aeda5EB4L2uDxEG

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b72e19750d7d203358d1506f276d5927_JaffaCakes118

Files

b72e19750d7d203358d1506f276d5927_JaffaCakes118
.exe windows:5 windows x86 arch:x86

3dba17d1539c344617147fdf0b88c878

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

X:\rHbJQ\aflbmhvD\MbSgtfPt.pdb

Imports

comctl32

ImageList_LoadImageW
CreateToolbarEx
ImageList_Destroy

user32

CreateDialogParamA
GetSystemMenu
CloseDesktop
CopyAcceleratorTableW
IsCharUpperA
GetPropW
EnumThreadWindows
CreateDialogParamW
GetKeyNameTextW
GetWindowLongW
CreateAcceleratorTableW
ShowScrollBar
GetWindow

kernel32

lstrcmpiW
GetThreadPriority
GetACP
GetProcAddress
HeapUnlock
GetModuleHandleA
LoadLibraryW
SetUnhandledExceptionFilter
GetSystemDirectoryW
CreateFileA
GetFullPathNameA
lstrlenW
CallNamedPipeW

gdi32

SetDIBColorTable
CreatePenIndirect
TranslateCharsetInfo
GetTextMetricsA
CreateRectRgn
CreateDIBSection
GetBkMode
GetLayout
FillRgn

shlwapi

StrCmpNW

comdlg32

GetOpenFileNameA
GetSaveFileNameW
GetFileTitleW
ChooseFontW

Exports

Exports

?owNHbaeXjrccexdUONjYw@@YGPA_NHI@Z
?VZsuaOkegeJbnw@@YGXED@Z
?hlnxGizrkUPCjk@@YGPAFJ@Z
?qZqtAohJbpddK@@YGDFJ@Z

Sections

.text
Size: 19KB - Virtual size: 18KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.idata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.edata
Size: 512B - Virtual size: 207B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.temp
Size: 77KB - Virtual size: 77KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.crt
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

3dba17d1539c344617147fdf0b88c878

Headers

File Characteristics

PDB Paths

Imports

comctl32

user32

kernel32

gdi32

shlwapi

comdlg32

Exports

Exports

Sections

.text Size: 19KB - Virtual size: 18KB

.idata Size: 1KB - Virtual size: 1KB

.edata Size: 512B - Virtual size: 207B

.temp Size: 77KB - Virtual size: 77KB

.data Size: 5KB - Virtual size: 17KB

.crt Size: 4KB - Virtual size: 4KB

.rsrc Size: 3KB - Virtual size: 3KB

.reloc Size: 2KB - Virtual size: 2KB

.text
Size: 19KB - Virtual size: 18KB

.idata
Size: 1KB - Virtual size: 1KB

.edata
Size: 512B - Virtual size: 207B

.temp
Size: 77KB - Virtual size: 77KB

.data
Size: 5KB - Virtual size: 17KB

.crt
Size: 4KB - Virtual size: 4KB

.rsrc
Size: 3KB - Virtual size: 3KB

.reloc
Size: 2KB - Virtual size: 2KB