db1612511dfa3712ac4060f84890c63d_JaffaCakes118

General

Target

db1612511dfa3712ac4060f84890c63d_JaffaCakes118
Size

189KB
MD5

db1612511dfa3712ac4060f84890c63d
SHA1

07c124c5a179ac8a26688e7df009a09e2e03d99f
SHA256

a5d715554d274504ab4de56e0dcb456da52b67dd9b7adcd0fbfa738a3d1b7873
SHA512

caa6c849f3ba67c083ff6447854e6147a80a7975bc0059d45312fa65b6dddb642161d634e0c0fb2c082a6a22af5f5b99785d45c32fadac80e8fc4ae82c577790
SSDEEP

3072:BmhsyWpC4yWuoc9GTWJU98HNR0jUMgR7WOwpSBOLSTTfOeoWC55XZN7ke1QKBo:GsJpC43yFUuHspghzOLSTTWdnXvIKBo

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
db1612511dfa3712ac4060f84890c63d_JaffaCakes118

Files

db1612511dfa3712ac4060f84890c63d_JaffaCakes118
.exe windows:5 windows x86 arch:x86

7afb693f2518be7dbcfc76fbb5c3582e

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

F:\mykaEgI\rsOoohkk\OavEGF.pdb

Imports

user32

CharUpperBuffA
GetClassInfoExW
IsDialogMessageA
GetForegroundWindow
GetScrollPos
SendDlgItemMessageA
DefDlgProcA
GetClassInfoExA
GetWindow
InSendMessage
GetWindowLongA
InflateRect

gdi32

CreateBrushIndirect
LPtoDP
GetFontData
SetROP2
Rectangle
GetNearestPaletteIndex
PolyBezier
TextOutA
ScaleWindowExtEx

kernel32

TlsGetValue
LeaveCriticalSection
LoadLibraryW
HeapWalk
LocalReAlloc
FoldStringW
GetProcAddress
lstrcmpiW
LCMapStringA
GetTempPathW
WinExec
GlobalAddAtomA
SearchPathW
IsValidLanguageGroup

comctl32

InitCommonControlsEx
ImageList_Write

Exports

Exports

?pjwyeDbzytauhKaqJf@@YGNDH@Z
?toWlJjyQJWaqcZzHtjd@@YGMIN@Z
?rmhaeqZhrthmububIKECp@@YGJPAH@Z

Sections

.text
Size: 24KB - Virtual size: 23KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.idata
Size: 1024B - Virtual size: 964B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 152KB - Virtual size: 232KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.crt
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

7afb693f2518be7dbcfc76fbb5c3582e

Headers

File Characteristics

PDB Paths

Imports

user32

gdi32

kernel32

comctl32

Exports

Exports

Sections

.text Size: 24KB - Virtual size: 23KB

.idata Size: 1024B - Virtual size: 964B

.data Size: 152KB - Virtual size: 232KB

.crt Size: 4KB - Virtual size: 4KB

.rsrc Size: 4KB - Virtual size: 4KB

.reloc Size: 3KB - Virtual size: 3KB

.text
Size: 24KB - Virtual size: 23KB

.idata
Size: 1024B - Virtual size: 964B

.data
Size: 152KB - Virtual size: 232KB

.crt
Size: 4KB - Virtual size: 4KB

.rsrc
Size: 4KB - Virtual size: 4KB

.reloc
Size: 3KB - Virtual size: 3KB