c9693f2bf6b4e73db699444fb4119015_JaffaCakes118

General

Target

c9693f2bf6b4e73db699444fb4119015_JaffaCakes118
Size

55KB
MD5

c9693f2bf6b4e73db699444fb4119015
SHA1

a333aacc3fb3a2c6327e67d97eb74771c2674179
SHA256

4fb36b0ce42ae911e76516274822e6d710f409f177531d48112fd64d5256c849
SHA512

5336abaeaa864c21957e764d2c35f4443596b2b11e6965eb57818da732bcc85258e1b5b553213b38382d8fd7cba034d79a90e36644e56739435a94668f865c67
SSDEEP

768:8jaCcPMvTpmpZ4VlMEyrIyR+DavcOtVOGplqxqlujLNE3w42PBYYbK0bCz:8VcUv6Z0MFI++OUDNqIK9

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c9693f2bf6b4e73db699444fb4119015_JaffaCakes118

Files

c9693f2bf6b4e73db699444fb4119015_JaffaCakes118
.exe windows:5 windows x86 arch:x86

ca7e27dba48fa67fd61999b4d06ab9a3

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

O:\nolnwwG\ylhyeqzt\zKqH\ikJclc\eecy.pdb

Imports

user32

IsWindowEnabled
KillTimer
MonitorFromPoint
InternalGetWindowText
PtInRect
DestroyIcon
IntersectRect
CharLowerBuffW
GetMenuStringW
CascadeWindows
TranslateAcceleratorA
DialogBoxParamW
SendNotifyMessageW

comctl32

ImageList_GetIcon
ImageList_ReplaceIcon
ImageList_Destroy

gdi32

CreateCompatibleDC
CreateDCW
GetDeviceCaps
GetTextFaceW
GetROP2
GetTextExtentPointA

kernel32

WaitForSingleObject
GetFileTime
SetErrorMode
GetOEMCP
MoveFileW
lstrcmpA
lstrcpynW
lstrcmpiA
lstrlenA
GetTickCount
TlsFree
GetExitCodeThread

Exports

Exports

?_YthyjofyOcDwl@@YGMED@Z
?IyyffsD@@YGDMJ@Z
?Khaepqsgdvtyaunhhfjezb@@YGHGPAG@Z
?PtKeadfdochywyexU@@YGM_NK@Z
?UwZfhuLw@@YGEDG@Z
?NtqRrljusftohiopFqutdh@@YGPAGHM@Z

Sections

.itext
Size: 512B - Virtual size: 152B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.text
Size: 23KB - Virtual size: 23KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 24KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ca7e27dba48fa67fd61999b4d06ab9a3

Headers

File Characteristics

PDB Paths

Imports

user32

comctl32

gdi32

kernel32

Exports

Exports

Sections

.itext Size: 512B - Virtual size: 152B

.text Size: 23KB - Virtual size: 23KB

.data Size: 4KB - Virtual size: 4KB

.rsrc Size: 24KB - Virtual size: 24KB

.reloc Size: 1KB - Virtual size: 1KB

.itext
Size: 512B - Virtual size: 152B

.text
Size: 23KB - Virtual size: 23KB

.data
Size: 4KB - Virtual size: 4KB

.rsrc
Size: 24KB - Virtual size: 24KB

.reloc
Size: 1KB - Virtual size: 1KB