b8d941ab280e932a755ee3f0f19c1077_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

b8d941ab280e932a755ee3f0f19c1077_JaffaCakes118
Size

79KB
MD5

b8d941ab280e932a755ee3f0f19c1077
SHA1

f558cb91077d22d3ca38e57f78cf1582e6875e4a
SHA256

5ecbeaf43f5f8c9eefe59c3c765313d54ffd6e3aaf2e566d9fcca28f5daf574b
SHA512

6e8ca9061e0f5b800d0b081684b2c2e70d3b713c810bc98833007357ae28c66b5d61efd873ff13f00151e820a0382be5d5d546f8534e290ad23e4feeb835fe2d
SSDEEP

1536:oMi2NpyUCoci2y7qAXvWw20o6UcSH+H8+kew8yd248qfvq3w+mRDyn:oMhyGdB7qAXvBccSH+HRkX8ydP8IvbD

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b8d941ab280e932a755ee3f0f19c1077_JaffaCakes118

Files

b8d941ab280e932a755ee3f0f19c1077_JaffaCakes118
.exe windows:5 windows x86 arch:x86

373f00b711d3eeae5f99356cf8f61c70

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

L:\adLIi\qcFMokd\tIfKRnCo\unpp\rgDac.pdb

Imports

user32

CheckDlgButton
GetForegroundWindow
SetLastErrorEx
DispatchMessageW
IsZoomed
SetMenuItemInfoW
AdjustWindowRect
SendInput
TileWindows
DrawAnimatedRects
DeleteMenu
GetWindow
LoadStringA
GetClientRect

kernel32

SetHandleInformation
CreateDirectoryA
SetSystemTime
InitializeCriticalSection
lstrcatW
TlsGetValue
lstrlenW
GetModuleHandleA
VerSetConditionMask

msvcrt

strtok
towlower
wcschr
free
wcscpy
bsearch
fgets

shlwapi

PathGetArgsW
StrToIntW

gdi32

EnumFontFamiliesW
TranslateCharsetInfo
Escape
GetNearestColor
CreateICW

ntdll

_aullrem

Exports

Exports

?DksirvJpabRKkwsfiz@@YGGKI@Z
?cuxyfjeAyt@@YGPADPAEH@Z
?KgxwoybyPycGguBoykvqmo@@YGPAMJPAH@Z
?buYRMqujabIp@@YGPADPAIH@Z

Sections

.text
Size: 512B - Virtual size: 512B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.edata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.code
Size: 36KB - Virtual size: 35KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 21KB - Virtual size: 77KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

373f00b711d3eeae5f99356cf8f61c70

Headers

File Characteristics

PDB Paths

Imports

user32

kernel32

msvcrt

shlwapi

gdi32

ntdll

Exports

Exports

Sections

.text Size: 512B - Virtual size: 512B

.edata Size: 512B - Virtual size: 4KB

.code Size: 36KB - Virtual size: 35KB

.data Size: 21KB - Virtual size: 77KB

.rdata Size: 12KB - Virtual size: 12KB

.rsrc Size: 4KB - Virtual size: 4KB

.reloc Size: 3KB - Virtual size: 2KB

.text
Size: 512B - Virtual size: 512B

.edata
Size: 512B - Virtual size: 4KB

.code
Size: 36KB - Virtual size: 35KB

.data
Size: 21KB - Virtual size: 77KB

.rdata
Size: 12KB - Virtual size: 12KB

.rsrc
Size: 4KB - Virtual size: 4KB

.reloc
Size: 3KB - Virtual size: 2KB