c88d9816d8f68d12f476e7f5d1b206fe_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

c88d9816d8f68d12f476e7f5d1b206fe_JaffaCakes118
Size

145KB
MD5

c88d9816d8f68d12f476e7f5d1b206fe
SHA1

723188c236f629e9d9cf115096f847f57daa5fbd
SHA256

5b995a0344cd7e541858b1c1aee8593c15bdb8fd9f4273d32586fcb007b5b73c
SHA512

7504baa6fc0a33a120c49a412ad378a5d0d6e644897fe95ee51aa16c1e07ba82ee6409bb35e0f913c30cbab120aa75d6263c7aad69da1e0221ea1639f923160b
SSDEEP

3072:GT8kq47UDo8daQbOP4zcgPhDb/r2aMr45nNuMt8oZR:GTtADo8tb4Mceb/rpMrANZH

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c88d9816d8f68d12f476e7f5d1b206fe_JaffaCakes118

Files

c88d9816d8f68d12f476e7f5d1b206fe_JaffaCakes118
.exe windows:5 windows x86 arch:x86

acb817f05f3a4c79459a19654ce3c8de

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

G:\ejfpDb\pguoaz\siugXqp.pdb

Imports

gdi32

GetDIBColorTable
OffsetRgn
SetAbortProc
GetTextMetricsA
AddFontResourceW
SetRectRgn
RectInRegion
GetStockObject
RoundRect
DeleteObject
CombineRgn
RestoreDC
StartPage

kernel32

FindNextFileW
SetLocalTime
GetBinaryTypeW
EnumResourceNamesA
lstrcpyW
LocalReAlloc
GetCommTimeouts
lstrcatA
lstrcmpiW
GetComputerNameExA
lstrlenW
SetHandleInformation
GetThreadContext
GetCommandLineW
CreateEventW
lstrcpynW
GetLocalTime
CompareStringA

shlwapi

UrlUnescapeA
StrToIntA
PathMakePrettyW
StrSpnA

comdlg32

CommDlgExtendedError
GetSaveFileNameW
GetOpenFileNameA
GetSaveFileNameA

user32

GetScrollPos
CreateIconIndirect
CharToOemW
SetScrollInfo
MapVirtualKeyA
mouse_event
DestroyCaret
GetForegroundWindow
FillRect
SetActiveWindow
SetPropW
SetDlgItemTextA
GetDC
CopyImage
DrawEdge
CascadeWindows
SetWindowLongW
AllowSetForegroundWindow
HideCaret
IsWindowEnabled
DrawMenuBar
ChildWindowFromPointEx
SetScrollRange
InSendMessageEx
LoadCursorA
IsRectEmpty
DefWindowProcA
PostThreadMessageW
EqualRect

Exports

Exports

?g__j_ujg_c_xb@@YGXNPAM@Z
?qDSjIHZ@@YGXF@Z
?_GxbjSPQ_UBoewTQ@@YGPAEPAG@Z
?_lea_XV@@YGIN@Z
?Rmtxptbsntc@@YGIMPAE@Z
?hctdbRTXL_auU@@YGXIPAM@Z

Sections

.text
Size: 53KB - Virtual size: 212KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 36KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.xdata
Size: 31KB - Virtual size: 31KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rdata
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 5KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

acb817f05f3a4c79459a19654ce3c8de

Headers

File Characteristics

PDB Paths

Imports

gdi32

kernel32

shlwapi

comdlg32

user32

Exports

Exports

Sections

.text Size: 53KB - Virtual size: 212KB

.data Size: 36KB - Virtual size: 36KB

.xdata Size: 31KB - Virtual size: 31KB

.rdata Size: 16KB - Virtual size: 15KB

.rsrc Size: 5KB - Virtual size: 8KB

.reloc Size: 2KB - Virtual size: 1KB

.text
Size: 53KB - Virtual size: 212KB

.data
Size: 36KB - Virtual size: 36KB

.xdata
Size: 31KB - Virtual size: 31KB

.rdata
Size: 16KB - Virtual size: 15KB

.rsrc
Size: 5KB - Virtual size: 8KB

.reloc
Size: 2KB - Virtual size: 1KB