db24567c7cd26a57b33992292a4f1221_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

db24567c7cd26a57b33992292a4f1221_JaffaCakes118
Size

69KB
MD5

db24567c7cd26a57b33992292a4f1221
SHA1

1c9900378a6954577bbb556aafc705deaca85cb4
SHA256

5b1c8ee922127b819cf88c9c23be7027a8baaf71b979c1d267f80fc238b01412
SHA512

80ab7cc9d0e03481bad1e2586e7cd827d8adc1603e29938867873f30842b2a7e1c6e16d846a4e8c6f8e7d52dcedc79e890d484f92f0863355710887f9905f772
SSDEEP

1536:6gJOI3/b9ooL68um/EmFSOzDv0V4wROiYtr:zbtNu2EmFuiv

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
db24567c7cd26a57b33992292a4f1221_JaffaCakes118

Files

db24567c7cd26a57b33992292a4f1221_JaffaCakes118
.exe windows:5 windows x86 arch:x86

18fea96c7405307a1ccedc023b9b6f1c

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

FindWindowW
SetUserObjectInformationW
GetCaretBlinkTime
GetClassInfoA
AdjustWindowRect
GetKeyboardType
LoadAcceleratorsW
LookupIconIdFromDirectory
CopyImage
DestroyMenu
GetMenu
CharToOemW
GetClassInfoExA

gdi32

CreateRectRgn
SetBrushOrgEx
Escape
CreatePenIndirect
GetTextColor
RemoveFontResourceW
ScaleWindowExtEx
GetTextAlign
DeleteObject

kernel32

SetErrorMode
SetConsoleCP
GetFileAttributesExW
GlobalFree
GetComputerNameW
ResetEvent
SetThreadContext
lstrlenW
GetModuleHandleA
GetStdHandle
QueryDosDeviceW
CreateRemoteThread
GetOEMCP
GetExitCodeProcess
GetCommModemStatus

shlwapi

PathFindFileNameW
StrCatW
PathBuildRootW

Exports

Exports

_ZOshrmNx_qbclggcl@4
_Veuzlgkk_zcjalpj_Sru@8
_VkHczgrk_uwassuzud_k@4
_XdheHuikx_dTiwc@16
_DlTphufr_uwmvdn@16

Sections

.text
Size: 14KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.xdata
Size: 14KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 18KB - Virtual size: 90KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

18fea96c7405307a1ccedc023b9b6f1c

Headers

File Characteristics

Imports

user32

gdi32

kernel32

shlwapi

Exports

Exports

Sections

.text Size: 14KB - Virtual size: 13KB

.rdata Size: 9KB - Virtual size: 9KB

.data Size: 4KB - Virtual size: 4KB

.xdata Size: 14KB - Virtual size: 14KB

.pdata Size: 18KB - Virtual size: 90KB

.edata Size: 2KB - Virtual size: 1KB

.rsrc Size: 3KB - Virtual size: 3KB

.reloc Size: 3KB - Virtual size: 3KB

.text
Size: 14KB - Virtual size: 13KB

.rdata
Size: 9KB - Virtual size: 9KB

.data
Size: 4KB - Virtual size: 4KB

.xdata
Size: 14KB - Virtual size: 14KB

.pdata
Size: 18KB - Virtual size: 90KB

.edata
Size: 2KB - Virtual size: 1KB

.rsrc
Size: 3KB - Virtual size: 3KB

.reloc
Size: 3KB - Virtual size: 3KB