cea822cae43269ba65675226e767111b_JaffaCakes118

General

Target

cea822cae43269ba65675226e767111b_JaffaCakes118
Size

113KB
MD5

cea822cae43269ba65675226e767111b
SHA1

1bfcfc45f1af3c35e3126cbb05026103d93a0bf1
SHA256

fb3951269ce74964fa5b8316c51e3db3a67897ee943bb10a45192d373636cb86
SHA512

e05f6ddf6d196a32304dcb819b8bd198bdd2515d5fd15df83689b29beb88dfe2409b720745a68034cdff4bbe68d768e2797e68df160b80d06ad0e6f0be547b1d
SSDEEP

3072:dupapq64T2erITSCbKyPsCCYiXEY7/7Do4:dupapXm2kCSCbJsZXEi/f

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
cea822cae43269ba65675226e767111b_JaffaCakes118

Files

cea822cae43269ba65675226e767111b_JaffaCakes118
.exe windows:5 windows x86 arch:x86

0021a1527025cfee25c9c80c6716e396

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

Y:\dFUt\pbKJltlu\oNfZ\Iqwte\tmOdJ.pdb

Imports

kernel32

CancelWaitableTimer
EnumResourceLanguagesA
GetLongPathNameW
GetPriorityClass
LoadLibraryW
GetCurrentThreadId
lstrcmpiW
IsBadStringPtrW
ReleaseSemaphore
GetProcAddress
GetSystemTimeAsFileTime
GlobalUnlock
GetCommTimeouts

comctl32

ImageList_GetIcon
PropertySheetW
ImageList_Write

gdi32

CreateFontIndirectW
CreatePolygonRgn
AddFontResourceW
GetROP2
SetPixel
GetNearestPaletteIndex
TextOutW
SetViewportOrgEx
PtInRegion

user32

WaitMessage
MessageBoxW
GetWindow
CharPrevW
MonitorFromPoint
ShowScrollBar
CharUpperW
GetWindowLongW
MapVirtualKeyA
GetPropA
GetClassInfoW
UnionRect
SetMenuItemBitmaps

Exports

Exports

?nDasXvmjXeajvGgzU@@YGEE@Z
?gbuujryDddJp@@YGPAXPA_NK@Z
?uvncqurXqjd@@YGPAGHD@Z

Sections

.text
Size: 19KB - Virtual size: 18KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 73KB - Virtual size: 81KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 166B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.crt
Size: 14KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

0021a1527025cfee25c9c80c6716e396

Headers

File Characteristics

PDB Paths

Imports

kernel32

comctl32

gdi32

user32

Exports

Exports

Sections

.text Size: 19KB - Virtual size: 18KB

.data Size: 73KB - Virtual size: 81KB

.edata Size: 512B - Virtual size: 166B

.crt Size: 14KB - Virtual size: 13KB

.rsrc Size: 2KB - Virtual size: 2KB

.reloc Size: 3KB - Virtual size: 2KB

.text
Size: 19KB - Virtual size: 18KB

.data
Size: 73KB - Virtual size: 81KB

.edata
Size: 512B - Virtual size: 166B

.crt
Size: 14KB - Virtual size: 13KB

.rsrc
Size: 2KB - Virtual size: 2KB

.reloc
Size: 3KB - Virtual size: 2KB