b75311804c01c02672ccfe4e06e82ed0_JaffaCakes118

General

Target

b75311804c01c02672ccfe4e06e82ed0_JaffaCakes118
Size

212KB
MD5

b75311804c01c02672ccfe4e06e82ed0
SHA1

5c74fc45cf0c12e3bc1a6a3076c219ac10d49554
SHA256

54ce23b213f264f5c58afd6abc2ee16638c8cbb3c477472fa4eecfcdf6bb2b8f
SHA512

ed8b8496431603d7912af47b231a701e04121ea320bcba7ac192bc6779c770b9946ab0565ce790a07e47aebfbd2522d5e4968e831e1e3eb22355591f7453bdf3
SSDEEP

6144:O0gcn9JwYBWouT+Ounr3rjhroJtcLt4wXKEFk65:r9J9BWbT+Oubhr+t2lJ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b75311804c01c02672ccfe4e06e82ed0_JaffaCakes118

Files

b75311804c01c02672ccfe4e06e82ed0_JaffaCakes118
.exe windows:5 windows x86 arch:x86

3599a02e371d0814241e083c624ce850

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

V:\ftpkqmg\RojaoDx\nwIpaqb\aUzmeGe\mYwx.pdb

Imports

comctl32

ImageList_AddMasked
PropertySheetW
CreateStatusWindowW

kernel32

IsBadStringPtrW
RaiseException
LoadResource
CreateWaitableTimerW
lstrlenA
CompareStringA
DeleteAtom

gdi32

SetTextColor
CreateFontW
GetTextExtentPointW
CreateFontA
Polyline
DeleteDC

user32

ScrollWindowEx
SetCursor
ShowWindow
DialogBoxIndirectParamA
GetWindowTextLengthW
SetRectEmpty
GetKBCodePage
SetWindowPos
DestroyCaret
TranslateAcceleratorA
GetFocus
DefDlgProcW

Exports

Exports

?__O__AT_L_Jys_@@YGHK@Z
?guyniXEBX_X_EXH@@YGPAMHPAH@Z
?reshjv_h@@YGXJ@Z
?T__T_PA@@YGHDH@Z
?__T__WBO_WICCBV_CIXUIM@@YGMGF@Z
?__PNIV_In@@YGXJ@Z
?u__w___ywhp_@@YGJI@Z
?Sfja_ojd_avsF_Tv@@YGKNE@Z
?aqfxyFISD__TLM@@YGDK@Z
?lcykUCXO____DT__NN@@YGXN@Z

Sections

.text
Size: 100KB - Virtual size: 99KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 65KB - Virtual size: 64KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.mdata
Size: 43KB - Virtual size: 202KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

3599a02e371d0814241e083c624ce850

Headers

File Characteristics

PDB Paths

Imports

comctl32

kernel32

gdi32

user32

Exports

Exports

Sections

.text Size: 100KB - Virtual size: 99KB

.rdata Size: 65KB - Virtual size: 64KB

.mdata Size: 43KB - Virtual size: 202KB

.data Size: 1KB - Virtual size: 1KB

.rsrc Size: 512B - Virtual size: 16B

.reloc Size: 1KB - Virtual size: 1KB

.text
Size: 100KB - Virtual size: 99KB

.rdata
Size: 65KB - Virtual size: 64KB

.mdata
Size: 43KB - Virtual size: 202KB

.data
Size: 1KB - Virtual size: 1KB

.rsrc
Size: 512B - Virtual size: 16B

.reloc
Size: 1KB - Virtual size: 1KB