e0b36f532a243b7f4bba9d4b52760b66_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

e0b36f532a243b7f4bba9d4b52760b66_JaffaCakes118
Size

213KB
MD5

e0b36f532a243b7f4bba9d4b52760b66
SHA1

71591d8a22df4e17f7f2e475f1b24e88bca3e6e1
SHA256

f9e47bdb8e932489fa9eb1e14d7be89b762acf468b1e6f9d6c29fdf0e87904b5
SHA512

9094e70ccd06d82fe0925c834e578eab2fc17a2c356af7d42ac74287e544386dfb5efa80b427e147912efaebc7bc978aa1dab016f9cfb0dd0ff118679a94ba78
SSDEEP

6144:F9NdZDE0DftAcf1WTMhl0WSHBUKdhctYU:F9TDfuSHhiBPdhcF

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
e0b36f532a243b7f4bba9d4b52760b66_JaffaCakes118

Files

e0b36f532a243b7f4bba9d4b52760b66_JaffaCakes118
.exe windows:5 windows x86 arch:x86

228621f171e4a189d9b3612dd957c845

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

P:\grDhvccO\kQfxzGWL\arOgm.pdb

Imports

gdi32

ResizePalette
CreateFontA
SetWindowExtEx
TranslateCharsetInfo
IntersectClipRect
GetBitmapBits
CreateRectRgnIndirect
GetTextMetricsW
SetROP2
SetStretchBltMode
CreateICW
GetNearestColor
SelectPalette

kernel32

Sleep
PulseEvent
AddAtomA
GetComputerNameW
GetOverlappedResult
FindFirstFileW
TryEnterCriticalSection
ConnectNamedPipe
GetProcAddress
HeapCreate
SetSystemTimeAdjustment
SetupComm
OpenEventA
ClearCommError

comctl32

ImageList_Create
CreateToolbarEx
CreatePropertySheetPageA

ole32

OleUninitialize
OleInitialize

user32

HiliteMenuItem
GetMenuItemRect
SendInput
SetClassLongW
SendDlgItemMessageA
MessageBoxExW
IsRectEmpty
WaitMessage
CharUpperW
RegisterClassExA
GetMenuStringW
DeferWindowPos
LoadIconW
ToUnicodeEx
DefFrameProcW
CharToOemA
DrawIconEx
GetSystemMenu
EnumThreadWindows
EnableWindow
GetDlgItemTextA
ShowCaret
DestroyAcceleratorTable
CheckDlgButton
SetCursor
MapDialogRect
GetScrollInfo
LoadAcceleratorsA

Exports

Exports

?_UTKB_Unkayxxtq@@YGPANEH@Z
?__kpu_tvhr___XE__ejarg@@YGKJD@Z
?SSRS___Pdm_i@@YGPAHJ@Z
?zmdnp_auNLAYHN_@@YGPAXPAN@Z
?gg___mxuompoQ_WJXW_@@YGKPAGPA_N@Z
?GLQWLXy@@YGPAGG@Z
?OFFKu_hd@@YGGFM@Z
?_rnkmviuuq_elbp_ob_LE@@YGPADMPAD@Z
?b_tJUPVQplYUjzx_fm_@@YGPAHPAF@Z
?v_tfVhWZ_@@YGXPA_NPAD@Z
?TG_Y__VIl__z@@YGPAJPAMF@Z
?wcqmbnehwtaiC_KNSFRx@@YGJEE@Z

Sections

.text
Size: 132KB - Virtual size: 131KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 32KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.mdata
Size: 11KB - Virtual size: 170KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 34KB - Virtual size: 34KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

228621f171e4a189d9b3612dd957c845

Headers

File Characteristics

PDB Paths

Imports

gdi32

kernel32

comctl32

ole32

user32

Exports

Exports

Sections

.text Size: 132KB - Virtual size: 131KB

.rdata Size: 32KB - Virtual size: 32KB

.mdata Size: 11KB - Virtual size: 170KB

.data Size: 34KB - Virtual size: 34KB

.rsrc Size: 512B - Virtual size: 16B

.reloc Size: 1KB - Virtual size: 1KB

.text
Size: 132KB - Virtual size: 131KB

.rdata
Size: 32KB - Virtual size: 32KB

.mdata
Size: 11KB - Virtual size: 170KB

.data
Size: 34KB - Virtual size: 34KB

.rsrc
Size: 512B - Virtual size: 16B

.reloc
Size: 1KB - Virtual size: 1KB