b8b332ac0a7ffca049afd2b34a90459c_JaffaCakes118

General

Target

b8b332ac0a7ffca049afd2b34a90459c_JaffaCakes118
Size

187KB
MD5

b8b332ac0a7ffca049afd2b34a90459c
SHA1

487530b22c3d56fa0403c2952ba8498f07edf57f
SHA256

c8eeafce7c98d55e3cbdedcb1e665309d228b960e8a631ae367410ac44e9b3a3
SHA512

431d6fdddf3d7db0f43c396a1a5308d493e3d07ec8eccf04d9a0bcc9a937139c812430a229d665d3a028011f45baffb4c403810b1b04fa93bb33d4b46fcb49ed
SSDEEP

3072:Gkb8oQ4/sSfrJ92A8AUFQPkkDUgjfkgBSTXbvOkocNa0Cix/7:XS4/prL2A8ABP5DU8cxTDOk

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b8b332ac0a7ffca049afd2b34a90459c_JaffaCakes118

Files

b8b332ac0a7ffca049afd2b34a90459c_JaffaCakes118
.exe windows:5 windows x86 arch:x86

4d8de121889a95a1c1e5c3a7c947c309

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

O:\hHqoL\Shrpizi\amiE.pdb

Imports

kernel32

GetFileType
lstrcmpiA
GetModuleHandleW
ClearCommBreak
GetProcAddress
TerminateThread
SetThreadPriority
FindResourceW
UnlockFile
lstrlenW
GlobalAddAtomW
SetFilePointer

ntdll

_aullrem

gdi32

GetPaletteEntries
ExtTextOutA
GetViewportOrgEx
ScaleWindowExtEx
DPtoLP
WidenPath
RectVisible

user32

LoadIconW
GetWindowTextLengthW
GetWindow
GetScrollPos
DrawEdge
CreateDialogParamA
SetFocus
ShowWindow
SendMessageTimeoutW
GetNextDlgGroupItem
SetWindowTextW
WaitForInputIdle

comdlg32

CommDlgExtendedError
PrintDlgExW

Exports

Exports

?caithhQEiKXwNzWWwpujkl@@YGMPADN@Z
?oqmhIgC@@YGPAXJ@Z
?eJyofrAcHb@@YGPAEE@Z
?aRztzsmIpJxMkfwnvEjx@@YGG_N@Z
?aHfTrzVinehxdLizlpE@@YGGPAI@Z
?uMYxMuB@@YGXEN@Z

Sections

.text
Size: 27KB - Virtual size: 27KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 141KB - Virtual size: 209KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.crt
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

4d8de121889a95a1c1e5c3a7c947c309

Headers

File Characteristics

PDB Paths

Imports

kernel32

ntdll

gdi32

user32

comdlg32

Exports

Exports

Sections

.text Size: 27KB - Virtual size: 27KB

.data Size: 141KB - Virtual size: 209KB

.edata Size: 1KB - Virtual size: 1KB

.crt Size: 3KB - Virtual size: 3KB

.rsrc Size: 8KB - Virtual size: 8KB

.reloc Size: 4KB - Virtual size: 3KB

.text
Size: 27KB - Virtual size: 27KB

.data
Size: 141KB - Virtual size: 209KB

.edata
Size: 1KB - Virtual size: 1KB

.crt
Size: 3KB - Virtual size: 3KB

.rsrc
Size: 8KB - Virtual size: 8KB

.reloc
Size: 4KB - Virtual size: 3KB