c0836c5f9c2b72143a7eb5dde1621dbc_JaffaCakes118

General

Target

c0836c5f9c2b72143a7eb5dde1621dbc_JaffaCakes118
Size

2.9MB
MD5

c0836c5f9c2b72143a7eb5dde1621dbc
SHA1

c7273405072ef2954b70fdd61c867af9b6cd12a5
SHA256

15f0944a7d618ddacda76eed1582d0283667bd03c6f5290e4ce99ac95328e982
SHA512

2ba4a5f1914262088beff5c7882d28ebae9fd134a2cda43e5f663ff13125718680b66f5483742f261e3f99226dab4f81fc2d775e6c41ba0b8016a75abb633723
SSDEEP

49152:tEl6Lek2KUXsv1j5hERUwY9LySesDoNGxOD7t0QlUJ/ZD5aqjaCON+UOqEDZU6UV:Ik2xsv1dhFz9TZMNGXZD5aCtON/sCN11

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c0836c5f9c2b72143a7eb5dde1621dbc_JaffaCakes118

Files

c0836c5f9c2b72143a7eb5dde1621dbc_JaffaCakes118
.exe windows:5 windows x86 arch:x86

794fe1c8f00d05edb4d5fcaecb4e6b51

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

C:\pryb\dzvKMZpvm\tPtpxac\XpiuoFbCcf.bkn

Imports

comctl32

ImageList_GetIcon
ImageList_ReplaceIcon
ImageList_Write
ImageList_LoadImageW

shlwapi

StrCatBuffW

user32

TileChildWindows
OpenIcon
SetMenuItemBitmaps
GetCursorPos
UpdateWindow
ExitWindowsEx
CreateIconIndirect
EnableScrollBar
DrawMenuBar
GetWindowPlacement
MessageBoxExA
OffsetRect
EnumWindows

gdi32

PolyBezier
CombineRgn
CreateRectRgnIndirect
DeleteDC
GetSystemPaletteUse
CreateCompatibleDC
EndPage
RectInRegion

kernel32

GetSystemTimeAsFileTime
SetFileApisToOEM
ConnectNamedPipe
SetWaitableTimer
DefineDosDeviceW
VerifyVersionInfoW
CloseHandle
SetCommMask
FlushViewOfFile
CompareStringA
LCMapStringA
GetSystemDirectoryW
lstrcatA

ole32

CoTaskMemAlloc
CoTaskMemFree

Exports

Exports

JygkznrsgbYdZZDjdX
MfqmKwpsdsxHuacifj
CyphZaegeqvvWqpkcHrz
?OyfjacrLqk@@YG_NPANPAG@Z
IrkuuiosfrvzBbslolucap
Rqinjgt

Sections

.itext
Size: 18KB - Virtual size: 18KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.text
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 7KB - Virtual size: 7.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2.9MB - Virtual size: 2.9MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

794fe1c8f00d05edb4d5fcaecb4e6b51

Headers

File Characteristics

PDB Paths

Imports

comctl32

shlwapi

user32

gdi32

kernel32

ole32

Exports

Exports

Sections

.itext Size: 18KB - Virtual size: 18KB

.text Size: 5KB - Virtual size: 4KB

.data Size: 7KB - Virtual size: 7.2MB

.rsrc Size: 2.9MB - Virtual size: 2.9MB

.reloc Size: 3KB - Virtual size: 2KB

.itext
Size: 18KB - Virtual size: 18KB

.text
Size: 5KB - Virtual size: 4KB

.data
Size: 7KB - Virtual size: 7.2MB

.rsrc
Size: 2.9MB - Virtual size: 2.9MB

.reloc
Size: 3KB - Virtual size: 2KB