e1f8c40b070e15cc0ad926a728ef38b9_JaffaCakes118

General

Target

e1f8c40b070e15cc0ad926a728ef38b9_JaffaCakes118
Size

165KB
MD5

e1f8c40b070e15cc0ad926a728ef38b9
SHA1

4c54ddc5f7e65078b39b5e635d8e786c3c4350f6
SHA256

f17a3b44160476cf4f7024ebffb5c13b717fc6535e37f89b458d9d0058c112ec
SHA512

ff0fabe8e579f81a54df891fd68d12ee93bd12735d636ce608f76419e0fb30551b3143c13dc680d24ebb9f72a06271f55a499c3025e791f49a2e4ecf75e8caf8
SSDEEP

3072:hc2XQvvEL1cqShDwWJ3SH1FW/hQz0mos+pny4o+va1Jc3IjrJ7VlLans0iqZ7:hW3a1whDwWw2/hQz0Ps+Fy4Lvajc3cBa

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
e1f8c40b070e15cc0ad926a728ef38b9_JaffaCakes118

Files

e1f8c40b070e15cc0ad926a728ef38b9_JaffaCakes118
.exe windows:5 windows x86 arch:x86

bb203326db3de82b9c4aad2353110254

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

M:\iBblgpih\Badu\jkwv.pdb

Imports

user32

MessageBoxA
EndDialog
FindWindowA
ActivateKeyboardLayout
CharUpperA
DialogBoxIndirectParamA
CopyImage
CreateWindowExA
LoadCursorA
DispatchMessageA
DefFrameProcA
CharUpperW
GetDlgItemTextA
CharNextW

comdlg32

GetOpenFileNameA
GetSaveFileNameW
ReplaceTextW
ChooseColorW

kernel32

GetFileType
UnlockFile
GetSystemTimeAsFileTime
GetThreadPriority
SetThreadPriority
OpenEventA
CreateFileA
GetWindowsDirectoryW
GetModuleHandleW
GetNumberFormatA
GetProcAddress
lstrcmpiW
SuspendThread
MapViewOfFile

gdi32

WidenPath
CombineRgn
UnrealizeObject
GetClipBox
CreateRoundRectRgn
GetBitmapBits
GetStockObject
CreateCompatibleBitmap

Exports

Exports

?yxkbUpa@@YGPAXMH@Z
?spJdVYhgUkb@@YGPAH_N@Z
?wuGQacjKsdun@@YGFPAF@Z
?qpXwgyxPaZgjc@@YGDE@Z
?GofzyszeyDXwgYCCgaRj@@YGJPAE@Z

Sections

.text
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 827B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 96KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.crt
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 135KB - Virtual size: 135KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

bb203326db3de82b9c4aad2353110254

Headers

File Characteristics

PDB Paths

Imports

user32

comdlg32

kernel32

gdi32

Exports

Exports

Sections

.text Size: 12KB - Virtual size: 12KB

.rdata Size: 1024B - Virtual size: 827B

.data Size: 4KB - Virtual size: 96KB

.crt Size: 10KB - Virtual size: 10KB

.rsrc Size: 135KB - Virtual size: 135KB

.reloc Size: 2KB - Virtual size: 1KB

.text
Size: 12KB - Virtual size: 12KB

.rdata
Size: 1024B - Virtual size: 827B

.data
Size: 4KB - Virtual size: 96KB

.crt
Size: 10KB - Virtual size: 10KB

.rsrc
Size: 135KB - Virtual size: 135KB

.reloc
Size: 2KB - Virtual size: 1KB