ddebfa7b5363881c905928597d4d8fcc_JaffaCakes118

General

Target

ddebfa7b5363881c905928597d4d8fcc_JaffaCakes118
Size

147KB
MD5

ddebfa7b5363881c905928597d4d8fcc
SHA1

8d7bba86f300c8ef88f5469374c7b308a403432c
SHA256

6ee7f76d31c830e0e177fb11d330f6e4f9ad86039bb59205effbf55fdcf074b1
SHA512

3d0bb17f4bdd138bb37cf923e151d3418880e4c376227b92bab76cc285458d1f659dfaa64a04af15c0306172742047f0e78aa9d10660e0bd5ce926990359b15e
SSDEEP

3072:+nN3Ws1oDIHbet6XDutFkc+NoAUjVPNb3:+QsuDCt8DjF

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ddebfa7b5363881c905928597d4d8fcc_JaffaCakes118

Files

ddebfa7b5363881c905928597d4d8fcc_JaffaCakes118
.exe windows:5 windows x86 arch:x86

42b39106d19c5c8b3958ea9a814b2406

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

K:\bwmxp\oyLqDC\twACx\gylptV.pdb

Imports

kernel32

GetComputerNameExW
VirtualAlloc
ReleaseSemaphore
TlsGetValue
SetCommTimeouts
LocalUnlock
IsBadReadPtr
CreateDirectoryW
SetSystemTime
GetACP
LCMapStringA
lstrlenW
WaitForSingleObject
GetThreadPriority

shlwapi

StrCatBuffW

user32

DrawIconEx
wsprintfW
MessageBoxA
GetWindowTextLengthA
GetMenuState
CreateWindowExW
EnableWindow
HideCaret
LoadImageA
RemovePropW
ShowScrollBar
mouse_event
DeleteMenu
IsCharAlphaNumericW
GetMenuDefaultItem

gdi32

SelectClipRgn
CreatePen
GetViewportOrgEx
CreateFontIndirectW
AddFontResourceW
Polygon
GetTextColor
GetDIBColorTable
WidenPath

Exports

Exports

?tTxtXnTsxliccSjmQfH@@YGDPAEJ@Z
?schJlpmyBqjidsijg@@YGEJ@Z
?dQayNbjSohwiu@@YGPAX_NG@Z

Sections

.text
Size: 30KB - Virtual size: 30KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.idata
Size: 1024B - Virtual size: 1000B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.edata
Size: 1024B - Virtual size: 1024B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 249KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 104KB - Virtual size: 104KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

42b39106d19c5c8b3958ea9a814b2406

Headers

File Characteristics

PDB Paths

Imports

kernel32

shlwapi

user32

gdi32

Exports

Exports

Sections

.text Size: 30KB - Virtual size: 30KB

.idata Size: 1024B - Virtual size: 1000B

.edata Size: 1024B - Virtual size: 1024B

.data Size: 5KB - Virtual size: 249KB

.rsrc Size: 104KB - Virtual size: 104KB

.reloc Size: 4KB - Virtual size: 4KB

.text
Size: 30KB - Virtual size: 30KB

.idata
Size: 1024B - Virtual size: 1000B

.edata
Size: 1024B - Virtual size: 1024B

.data
Size: 5KB - Virtual size: 249KB

.rsrc
Size: 104KB - Virtual size: 104KB

.reloc
Size: 4KB - Virtual size: 4KB