bc43fa643747af261f8364c01b35d399_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

bc43fa643747af261f8364c01b35d399_JaffaCakes118
Size

105KB
MD5

bc43fa643747af261f8364c01b35d399
SHA1

d06912af9007b31b7ae45d0c6ff7d300c978f994
SHA256

6d30fa13407bb19fc21dd01b3fbc3441bdf1ce2293298d2c3264a0556aa8824f
SHA512

3b1003c9bff0c3a09c74a5bf204762c1443e64cbf63dd0d9d62d2522ffadd2f1f91b523c1b26cf7a6cdb48976753fbf80ca4e96e6ef6ece3ed337ba448133759
SSDEEP

1536:A5rWlgMDFBstnty4S1KlvUY5TJqlmoQtc9YX2xvbVqSZQxay:gEgMDHyt5S1KqCq8qYGZbVqSZe5

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
bc43fa643747af261f8364c01b35d399_JaffaCakes118

Files

bc43fa643747af261f8364c01b35d399_JaffaCakes118
.exe windows:5 windows x86 arch:x86

9b77facce9eef0c70644ce2f388e9dc0

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

F:\qRcbfOlq\errjzjdOz\QpyjvMB\FonYksiCiu.Fnm

Imports

kernel32

VerifyVersionInfoW
LocalAlloc
RegisterWaitForSingleObject
GetSystemInfo
SetTimerQueueTimer
CreateNamedPipeA
AreFileApisANSI
GlobalHandle
FindNextFileW
SetCommTimeouts
LocalFree
GetComputerNameExA

user32

EndPaint
GetKeyboardLayout
ShowScrollBar
GetNextDlgGroupItem
IsWindowUnicode
DrawTextW
TranslateAcceleratorW
IsCharAlphaW
DrawTextA
GetWindowRect
CreateAcceleratorTableW
GetFocus
DrawMenuBar

gdi32

CreatePatternBrush
PatBlt
RectInRegion
LPtoDP
TextOutW
CombineRgn
GetTextExtentPoint32W
ExtTextOutA
CreateFontA

comctl32

ImageList_Write
PropertySheetA

Exports

Exports

Ylcrdglo
Buuollahywv
IpuvcwvvgyVadfyc
HvwDkho
?Txrcrfoon@@YGKPAG@Z
Xwdlzowj

Sections

.text
Size: 16KB - Virtual size: 16KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 10KB - Virtual size: 78KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 71KB - Virtual size: 71KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ