d5cd42d7e7a6050fa926c15f5e509ba8_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

d5cd42d7e7a6050fa926c15f5e509ba8_JaffaCakes118
Size

158KB
MD5

d5cd42d7e7a6050fa926c15f5e509ba8
SHA1

102754fe04b5da6250e0f5cf11b7fa6637dfe1cd
SHA256

4117ce32b398603a70f1b9bed706e4c7846b42345ebb953cdfef74189b03c86c
SHA512

432b2e216fde00b4475b1ee83f597ac83d91e3d4b9628dd4381056ef3c51e620fee977215fb9f2fd1937e428d1b28ba4ceccd56dea037388b8ca722ccc8c5c07
SSDEEP

3072:1Az/1UF0iBwlNxR9e7SxiI/D06Js2mjza5GjTYmpf2ac0h76B:1AzdUFXwlbRVj/vJVcUYh7p

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d5cd42d7e7a6050fa926c15f5e509ba8_JaffaCakes118

Files

d5cd42d7e7a6050fa926c15f5e509ba8_JaffaCakes118
.exe windows:5 windows x86 arch:x86

9ac8d4e1e3caf1d22acdcbde656c3914

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

T:\mDooFtxbo\TomXGhOrntls\BiygqSspbigcl\SLxzLtsOOFhpFd.pdb

Imports

user32

GetForegroundWindow
GetActiveWindow
GetMenuState
GetTopWindow
FindWindowA

gdi32

GetTextFaceW
TextOutW
CreateEllipticRgnIndirect
EndDoc
SetTextColor
SetDIBits
CreateICW
SaveDC
GetMapMode
CreateDIBSection
GetObjectA

kernel32

MoveFileW
MoveFileA
AddAtomW
LoadLibraryA
MoveFileExW
CreateEventW
WaitForMultipleObjectsEx
RaiseException
VerSetConditionMask
CancelWaitableTimer
lstrcmpiA
GetOEMCP
CompareFileTime
TlsSetValue

Exports

Exports

?ToBindabl

Sections

.text
Size: 147KB - Virtual size: 147KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.dtr
Size: 512B - Virtual size: 32B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.nhb
Size: 512B - Virtual size: 32B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.nbm
Size: 512B - Virtual size: 32B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ioi
Size: 512B - Virtual size: 105B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

9ac8d4e1e3caf1d22acdcbde656c3914

Headers

File Characteristics

PDB Paths

Imports

user32

gdi32

kernel32

Exports

Exports

Sections

.text Size: 147KB - Virtual size: 147KB

.dtr Size: 512B - Virtual size: 32B

.nhb Size: 512B - Virtual size: 32B

.nbm Size: 512B - Virtual size: 32B

.ioi Size: 512B - Virtual size: 105B

.rdata Size: 2KB - Virtual size: 1KB

.rsrc Size: 4KB - Virtual size: 3KB

.reloc Size: 2KB - Virtual size: 1KB

.text
Size: 147KB - Virtual size: 147KB

.dtr
Size: 512B - Virtual size: 32B

.nhb
Size: 512B - Virtual size: 32B

.nbm
Size: 512B - Virtual size: 32B

.ioi
Size: 512B - Virtual size: 105B

.rdata
Size: 2KB - Virtual size: 1KB

.rsrc
Size: 4KB - Virtual size: 3KB

.reloc
Size: 2KB - Virtual size: 1KB