ce0392dfeb86f6d60ff980a9c844ab8e_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

ce0392dfeb86f6d60ff980a9c844ab8e_JaffaCakes118
Size

199KB
MD5

ce0392dfeb86f6d60ff980a9c844ab8e
SHA1

44e6d18346c0c1503e76b174ce85e79d83e4486b
SHA256

41b66c32712bbeda8f8ff25bbc6b9d4d2e2197b47f67956f0cd58245bf1846ce
SHA512

b53fae0ce9b9a97bf915ec3c572fc05e02c3ea583c0ecca5cf1e49c0c45ab84819d2be0c3b9504f398c8be134c9abca6bff9d350e9de630734b94bc104a5169b
SSDEEP

3072:+JzXAiNA6pUnPJ73/NB/AQT8mIE9TSxrNWQdCha75DXaAiSoBL4O1:+xAkbaJ7PNtXTxiNFv7x/nB

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ce0392dfeb86f6d60ff980a9c844ab8e_JaffaCakes118

Files

ce0392dfeb86f6d60ff980a9c844ab8e_JaffaCakes118
.exe windows:5 windows x86 arch:x86

2b7f8593bef23ff526113ed32555c7ea

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

R:\eScbxaar\eLRt\ysjqGieu\iveitqt\xGxeliim.pdb

Imports

gdi32

Polyline
GetPixel
GetTextExtentPointW
WidenPath
GetWindowOrgEx
GetTextMetricsA
GetDIBColorTable

user32

GetKeyState
DialogBoxParamW
GetCaretBlinkTime
SwitchToThisWindow
RegisterClassW
GetForegroundWindow
MapVirtualKeyExA
GetMessagePos
SetMenuItemBitmaps
TranslateAcceleratorW
VkKeyScanW
GetFocus
DestroyIcon
GetMessageExtraInfo

comctl32

ImageList_Draw
PropertySheetW
CreateStatusWindowW
ImageList_GetIconSize

shlwapi

ChrCmpIW
PathRemoveArgsW

kernel32

GetFileType
FindCloseChangeNotification
AddAtomW
RemoveDirectoryA
SizeofResource
GlobalAlloc
VirtualFree
GetCommTimeouts
OpenMutexW
GlobalFlags
CancelWaitableTimer
GetShortPathNameA

Exports

Exports

?mdplxDHxeQRfEqD@@YGMI@Z
?xtxttibPwovF@@YGEJ@Z
?phaqFbmtxoCcahDj@@YGPADPA_NH@Z

Sections

.itext
Size: 512B - Virtual size: 512B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.text
Size: 38KB - Virtual size: 38KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 51KB - Virtual size: 119KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 24KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rdata
Size: 76KB - Virtual size: 76KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

2b7f8593bef23ff526113ed32555c7ea

Headers

File Characteristics

PDB Paths

Imports

gdi32

user32

comctl32

shlwapi

kernel32

Exports

Exports

Sections

.itext Size: 512B - Virtual size: 512B

.text Size: 38KB - Virtual size: 38KB

.data Size: 51KB - Virtual size: 119KB

.edata Size: 24KB - Virtual size: 24KB

.rdata Size: 76KB - Virtual size: 76KB

.rsrc Size: 4KB - Virtual size: 4KB

.reloc Size: 3KB - Virtual size: 3KB

.itext
Size: 512B - Virtual size: 512B

.text
Size: 38KB - Virtual size: 38KB

.data
Size: 51KB - Virtual size: 119KB

.edata
Size: 24KB - Virtual size: 24KB

.rdata
Size: 76KB - Virtual size: 76KB

.rsrc
Size: 4KB - Virtual size: 4KB

.reloc
Size: 3KB - Virtual size: 3KB