debb6fd6d4b1ad05f87a7799fb199ef8_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

debb6fd6d4b1ad05f87a7799fb199ef8_JaffaCakes118
Size

144KB
MD5

debb6fd6d4b1ad05f87a7799fb199ef8
SHA1

cc0d83acc15c36ab4daba58a9909f14644f75607
SHA256

8cf5d2924e4f1f06fe085d91bc69f4c8e37e67b20b5febedc7b6b69730027fab
SHA512

398ac0028b6f52f0cdf56488fc97a40188006accbc7a6c6da7b175c93e48a74f94d43947acb9130503432c37e36437d62af8dfe01806d64832a289acd6b95345
SSDEEP

1536:CNuf/WHodfNO5L56mUFqhv4s/bm8rXlIoodQoIrkJ:bf++oI/FkvD/bDhIFar

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
debb6fd6d4b1ad05f87a7799fb199ef8_JaffaCakes118

Files

debb6fd6d4b1ad05f87a7799fb199ef8_JaffaCakes118
.exe windows:5 windows x86 arch:x86

c4fd46c8da4d7e0eb0b17f0c0d79c632

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

GetDesktopWindow
RemovePropW
LoadCursorW
GrayStringW
GetWindow
GetSystemMetrics
InSendMessage
GetWindowContextHelpId
CreateAcceleratorTableW
CreateDialogIndirectParamW
GetParent

shlwapi

PathRemoveFileSpecW
ChrCmpIW
PathCanonicalizeW
PathCommonPrefixW
StrIsIntlEqualA

comdlg32

ReplaceTextW
FindTextW
ChooseFontW
ChooseColorW

kernel32

SetFilePointer
LoadLibraryExW
IsBadWritePtr
SetThreadPriority
OpenSemaphoreW
ExitProcess
GetModuleHandleExW
FreeResource

ntdll

memset

gdi32

ExtTextOutA
RoundRect
GetBitmapBits
Polyline
GetTextExtentPoint32A
TextOutA

Exports

Exports

?uekaSpkkvluJJr@@YGPAHFG@Z
?zyuCudacMRYoRK@@YGPAG_ND@Z

Sections

.text
Size: 164B - Virtual size: 164B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 68KB - Virtual size: 68KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.code
Size: 24KB - Virtual size: 24KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.edata
Size: 128B - Virtual size: 128B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rdata
Size: 19KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

c4fd46c8da4d7e0eb0b17f0c0d79c632

Headers

File Characteristics

Imports

user32

shlwapi

comdlg32

kernel32

ntdll

gdi32

Exports

Exports

Sections

.text Size: 164B - Virtual size: 164B

.data Size: 68KB - Virtual size: 68KB

.code Size: 24KB - Virtual size: 24KB

.edata Size: 128B - Virtual size: 128B

.rdata Size: 19KB - Virtual size: 19KB

.rsrc Size: 8KB - Virtual size: 8KB

.reloc Size: 1KB - Virtual size: 1KB

.text
Size: 164B - Virtual size: 164B

.data
Size: 68KB - Virtual size: 68KB

.code
Size: 24KB - Virtual size: 24KB

.edata
Size: 128B - Virtual size: 128B

.rdata
Size: 19KB - Virtual size: 19KB

.rsrc
Size: 8KB - Virtual size: 8KB

.reloc
Size: 1KB - Virtual size: 1KB