d08b68319999edeb3aafb2a7875aef6d_JaffaCakes118

General

Target

d08b68319999edeb3aafb2a7875aef6d_JaffaCakes118
Size

184KB
MD5

d08b68319999edeb3aafb2a7875aef6d
SHA1

a360277337f4d5feae3e80b81fd23844217393de
SHA256

e09a7477809ee115f45db56dca73331cca2fb06050bb5ab22283e6ce5f06019a
SHA512

8110c762f98b8d51a9bf7a50c397c80a8d9cf1c3252afc0e920a2e74b65f7b1119ea4c15a6bf8e800579670e5055c00f6bbcfd115ca9c742268c67a3ad53ae7e
SSDEEP

3072:OhnqGUlgqD7byPvytOpwBMzpGQsijNpy2hROrtq/GSl8XMJe30ual:RRllD7vAtX7yqRStuG9MY3PM

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d08b68319999edeb3aafb2a7875aef6d_JaffaCakes118

Files

d08b68319999edeb3aafb2a7875aef6d_JaffaCakes118
.exe windows:5 windows x86 arch:x86

44abcad3e82da103440b1e17fdb1815c

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

W:\utqZeGev\WvFx\gaivqhMt\osypsz\jGocCqjj.pdb

Imports

kernel32

DuplicateHandle
lstrlenW
GetProcAddress
GetUserDefaultLangID
GetFullPathNameA
GlobalAddAtomW
LockResource
GetLongPathNameW
GetModuleHandleW
GetUserDefaultUILanguage
GetTickCount
lstrcmpW
SizeofResource

comctl32

ImageList_Create
ImageList_Read

gdi32

GetTextAlign
CreateCompatibleBitmap
SetWindowExtEx
CreatePenIndirect
GetSystemPaletteEntries
CreatePen
GetCharWidth32W
GetNearestColor

user32

IsDlgButtonChecked
WindowFromDC
TranslateMessage
LoadCursorW
GetMenuStringA
GetDC
CascadeWindows
GetClipCursor
SendMessageTimeoutW
OpenIcon
SendMessageA
LoadImageW
IsDialogMessageA

Exports

Exports

?thXoylpwkdyNmDQtztgjW@@YGXPAMPAK@Z
?bcqdIyIsVdCAis@@YGMH@Z
?oQowpeyPcGN@@YGMD@Z
?mrxroBzy@@YGMFPAG@Z
?XjyeEUkzRLzteNmMzp@@YGPAXJN@Z

Sections

.text
Size: 26KB - Virtual size: 26KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 144KB - Virtual size: 144KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.crt
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 240B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

44abcad3e82da103440b1e17fdb1815c

Headers

File Characteristics

PDB Paths

Imports

kernel32

comctl32

gdi32

user32

Exports

Exports

Sections

.text Size: 26KB - Virtual size: 26KB

.data Size: 144KB - Virtual size: 144KB

.crt Size: 4KB - Virtual size: 4KB

.edata Size: 512B - Virtual size: 240B

.rsrc Size: 4KB - Virtual size: 4KB

.reloc Size: 3KB - Virtual size: 3KB

.text
Size: 26KB - Virtual size: 26KB

.data
Size: 144KB - Virtual size: 144KB

.crt
Size: 4KB - Virtual size: 4KB

.edata
Size: 512B - Virtual size: 240B

.rsrc
Size: 4KB - Virtual size: 4KB

.reloc
Size: 3KB - Virtual size: 3KB