cfc0315621108c0982a1e11c0a9a900b_JaffaCakes118 | Triage

Sharing

General

Target

cfc0315621108c0982a1e11c0a9a900b_JaffaCakes118
Size

46KB
MD5

cfc0315621108c0982a1e11c0a9a900b
SHA1

28b3e20628547837fd8d6d57b8791823c46fbac7
SHA256

226b7441e73ee322788f6b105eb2a3240f3fad57562ddf2429516c16d1752af0
SHA512

a9d7ed57d9d04e6e8f5f242ad793e0e8e03e4df696ab0eb5ed661179a02389fcc07738426b8ec86eb6794d48ee884971b8abe10cacfaddf7f5abb8768ebedce1
SSDEEP

768:BG2WZy73d2Uz84vBKIly7DpPOd9ADwTnndLZV8NLZtN:JWY7NP84vofROd9ADwznJZG1

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
cfc0315621108c0982a1e11c0a9a900b_JaffaCakes118

Files

cfc0315621108c0982a1e11c0a9a900b_JaffaCakes118
.exe windows:5 windows x86 arch:x86

5de0961f4705ed9a4b17ba7246a8da63

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

V:\jndgflw\lgZqtE\Nsypdl\wFeu.pdb

Imports

kernel32

GlobalAlloc
GetStartupInfoW
InitializeCriticalSection
SetEvent
RegisterWaitForSingleObject
SetLastError
GlobalUnlock
lstrlenW
CreateEventW
GetModuleHandleA
IsBadCodePtr
SuspendThread
lstrcatW

comdlg32

PageSetupDlgW
FindTextW
ChooseFontW

gdi32

PathToRegion
GetPixel
CreateRoundRectRgn
CreateHatchBrush
SetWindowOrgEx
SaveDC
CreateDCW
GetTextFaceW
OffsetRgn

comctl32

CreateToolbarEx
InitCommonControlsEx
ImageList_Create

user32

HideCaret
IsCharAlphaA
CreateCursor
RemoveMenu
DestroyWindow
GetMessageW
GetDlgItemTextA
DeleteMenu
GetKeyState
GetMenuItemCount
wsprintfW
GetMonitorInfoW
GetShellWindow
FillRect

Exports

Exports

?pMtatth@@YGEKG@Z
?rfvsLUt@@YGPAJJ@Z
?BbdrugSd@@YGXPAK@Z
?tFoItdiLumuxiDuFQeWs@@YGPAMK@Z
?dMYxUlt@@YGPAGPAF@Z

Sections

.text
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 26KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ