d5579570120859f2c2231b24061c87e5_JaffaCakes118

General

Target

d5579570120859f2c2231b24061c87e5_JaffaCakes118
Size

181KB
MD5

d5579570120859f2c2231b24061c87e5
SHA1

5de02154eb542fd57594cf7095dd8dd966d4f5a9
SHA256

3118e650d5e381d4eacf8e70bc5dfc50c1e3956241b9ac7dee7807e28638eb85
SHA512

f243b37cb7d3332c1b9f17de40f11fe2df2cdf5dd073d02eb0eecf2821e106ba20a6c37970bd94eb81b686a6f5aa21cf35eb62a114409d28e9b187a0bd2d4c1f
SSDEEP

3072:8y3z5GwlbCfJ92ABsg9VrPBQv6ZhZMVAK39iokc6hAlq82LIxe99li/pEsDy:8y3dFCfL2ABsUrPBa6ZhZMVAKtJq82Lp

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d5579570120859f2c2231b24061c87e5_JaffaCakes118

Files

d5579570120859f2c2231b24061c87e5_JaffaCakes118
.exe windows:5 windows x86 arch:x86

c9d7baa52229200296fb3ea81878e0c3

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

Q:\toJiIvoo\usebrv\rvZtp\gjoupm.pdb

Imports

user32

SetCursorPos
GetWindowLongW
GetScrollPos
ShowCursor
DrawStateA
DispatchMessageA
SetWindowTextW
LoadIconW
RegisterClassW
GetMenuStringW
GetWindow
SetWindowRgn

gdi32

GetTextMetricsW
DPtoLP
GetMapMode
StartDocW
SetViewportExtEx
FillRgn
CreateRectRgn
GetSystemPaletteUse

kernel32

GlobalFree
GetLocaleInfoA
OpenFile
TerminateThread
GetProcAddress
lstrlenW
GetBinaryTypeW
DeleteFileA
TransactNamedPipe
lstrcmpiA
GetModuleHandleW
GetLocaleInfoW
GetUserDefaultLCID
SetFilePointer

ntdll

_aullrem

comctl32

ImageList_Draw
ImageList_Create
PropertySheetW

Exports

Exports

?nqdNuvRoadzoYpJoRVDe@@YGFPAHG@Z
?naaontrrfzeatGzaTszy@@YGII@Z

Sections

.text
Size: 25KB - Virtual size: 25KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 142KB - Virtual size: 210KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 140B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.crt
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

c9d7baa52229200296fb3ea81878e0c3

Headers

File Characteristics

PDB Paths

Imports

user32

gdi32

kernel32

ntdll

comctl32

Exports

Exports

Sections

.text Size: 25KB - Virtual size: 25KB

.data Size: 142KB - Virtual size: 210KB

.edata Size: 512B - Virtual size: 140B

.crt Size: 4KB - Virtual size: 4KB

.rsrc Size: 4KB - Virtual size: 4KB

.reloc Size: 3KB - Virtual size: 3KB

.text
Size: 25KB - Virtual size: 25KB

.data
Size: 142KB - Virtual size: 210KB

.edata
Size: 512B - Virtual size: 140B

.crt
Size: 4KB - Virtual size: 4KB

.rsrc
Size: 4KB - Virtual size: 4KB

.reloc
Size: 3KB - Virtual size: 3KB