c0ee7f4a64246897556e5470a59a4d29_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

c0ee7f4a64246897556e5470a59a4d29_JaffaCakes118
Size

129KB
MD5

c0ee7f4a64246897556e5470a59a4d29
SHA1

30c4125d1673ee1f19b0227c2e309325c4d29d59
SHA256

dd9566e5174a3de501eabc1d4b2ddd0ce3c88ab8341173bf6284f59d5d2fe3f1
SHA512

9bccce8092f833b4e03e0b411e522e8594363a0c7916c89f6487486dfed7e796055b652454df0319039fc58d0c6f77819c3a0df2b99a4e67efbf6be3832de919
SSDEEP

3072:e8r0e0BRfKdA2X4Ah6ysEg7FC05FYxcWWSyVu:Z0dD2X1s7RRh5F6cWWSyo

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c0ee7f4a64246897556e5470a59a4d29_JaffaCakes118

Files

c0ee7f4a64246897556e5470a59a4d29_JaffaCakes118
.exe windows:5 windows x86 arch:x86

42b9e4b0ef36e86cff10c53b17df563e

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

G:\hwJeI\fxorznI\FcwWmpH.pdb

Imports

user32

GetKeyNameTextW
ArrangeIconicWindows
ExitWindowsEx
IntersectRect
GetKeyboardLayoutList
SetWindowLongA
SystemParametersInfoA
ClientToScreen
SetWindowPlacement
CopyRect
GetWindowTextW
CreateIconFromResource

comdlg32

GetFileTitleW
PageSetupDlgW
GetOpenFileNameW

shlwapi

StrToIntA
StrCpyW

gdi32

GetFontData
GetDeviceCaps
GetDIBColorTable
PathToRegion
CreatePalette

kernel32

VirtualProtect
GetThreadContext
CreateFileMappingA
lstrcmpiW
MulDiv
ExitProcess
lstrcmpiA
LCMapStringA

comctl32

ImageList_Create
ImageList_GetIconSize
ImageList_Remove

Exports

Exports

?b_UNILCY_l_fm_@@YGIE@Z
?YrzHKAZILfzit_nh@@YGPADMI@Z
?_MTEIVVUCyfaH_D_jqktM@@YGEHPAM@Z
?ktkrIUEBQX_i@@YGPAMDD@Z
?_TP_S_igwfv@@YGPAHPAK@Z

Sections

.text
Size: 52KB - Virtual size: 236KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 30KB - Virtual size: 29KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pacdat
Size: 15KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idat
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rdata
Size: 14KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 3KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

42b9e4b0ef36e86cff10c53b17df563e

Headers

File Characteristics

PDB Paths

Imports

user32

comdlg32

shlwapi

gdi32

kernel32

comctl32

Exports

Exports

Sections

.text Size: 52KB - Virtual size: 236KB

.data Size: 30KB - Virtual size: 29KB

.pacdat Size: 15KB - Virtual size: 14KB

.idat Size: 11KB - Virtual size: 11KB

.rdata Size: 14KB - Virtual size: 14KB

.rsrc Size: 3KB - Virtual size: 4KB

.reloc Size: 2KB - Virtual size: 1KB

.text
Size: 52KB - Virtual size: 236KB

.data
Size: 30KB - Virtual size: 29KB

.pacdat
Size: 15KB - Virtual size: 14KB

.idat
Size: 11KB - Virtual size: 11KB

.rdata
Size: 14KB - Virtual size: 14KB

.rsrc
Size: 3KB - Virtual size: 4KB

.reloc
Size: 2KB - Virtual size: 1KB