b74f159b828d2625fb18c1c504543432_JaffaCakes118

General

Target

b74f159b828d2625fb18c1c504543432_JaffaCakes118
Size

99KB
MD5

b74f159b828d2625fb18c1c504543432
SHA1

0708c3b963c847e4c6e4b853c1241280d9722ff9
SHA256

7504f4b9f0a53f33a9b0096887507d35ebfc26b88cd0e526ca1ee64235eb3d4b
SHA512

e25671e1b5282a1106c095233d2a1ed7edc1e7a6ab5935b182e77ba04a76733dee43d89b895707986a9d13f9a5b86bf76e3116858f53d8159da23f599458d53f
SSDEEP

1536:juSAy+v9QY010BVHTRvV3LitzAC5PVd0q3PDL/2ksD+qGe/vEkAU1Xy:juf60rHnitbVL3PDL/Oq13kAU

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b74f159b828d2625fb18c1c504543432_JaffaCakes118

Files

b74f159b828d2625fb18c1c504543432_JaffaCakes118
.exe windows:5 windows x86 arch:x86

4c3baa6b7d7575b25e9e72d0dad52fcc

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

comctl32

ImageList_GetIcon
CreateToolbarEx

kernel32

DeleteAtom
GetCommModemStatus
GetExitCodeProcess
SetErrorMode
IsBadStringPtrW
GetComputerNameExA
GetModuleHandleA
ResetEvent
HeapSize
FreeResource
GetOEMCP
SetUnhandledExceptionFilter
SetConsoleCP
GetModuleHandleW

gdi32

CreateDCW
SetLayout
SelectClipRgn
GetWindowOrgEx
ScaleViewportExtEx
DeleteObject
GetTextMetricsA
CreateRectRgn

shlwapi

PathFindFileNameW
StrCatW
PathBuildRootW

user32

SendMessageW
GetCaretBlinkTime
PtInRect
PostMessageA
BeginDeferWindowPos
GetParent
AdjustWindowRect
ScrollWindowEx
DestroyMenu
FindWindowW
IsWindow
GetMenu
CharPrevW

Exports

Exports

_Eeoedyfja_iSpply@16
_Qhlswmel_wHtgyU@12
_NfzbDohl_itppcnjt_wq@16
_TDqmrjre_oxUbdf@4
_Frpqmvqmy_UnOgp@8
_Blznamyr_kZRdfsexk_PMv@8
_Axucfgqj_gvceerl_sR@16

Sections

.text
Size: 17KB - Virtual size: 17KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 30KB - Virtual size: 162KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

DATA
Size: 40KB - Virtual size: 40KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

4c3baa6b7d7575b25e9e72d0dad52fcc

Headers

File Characteristics

Imports

comctl32

kernel32

gdi32

shlwapi

user32

Exports

Exports

Sections

.text Size: 17KB - Virtual size: 17KB

.rdata Size: 30KB - Virtual size: 162KB

.data Size: 1KB - Virtual size: 1KB

DATA Size: 40KB - Virtual size: 40KB

.rsrc Size: 5KB - Virtual size: 5KB

.reloc Size: 3KB - Virtual size: 3KB

.text
Size: 17KB - Virtual size: 17KB

.rdata
Size: 30KB - Virtual size: 162KB

.data
Size: 1KB - Virtual size: 1KB

DATA
Size: 40KB - Virtual size: 40KB

.rsrc
Size: 5KB - Virtual size: 5KB

.reloc
Size: 3KB - Virtual size: 3KB