e9767a5aca08955df6c95ab333208788_JaffaCakes118

General

Target

e9767a5aca08955df6c95ab333208788_JaffaCakes118
Size

52KB
MD5

e9767a5aca08955df6c95ab333208788
SHA1

5868ab1126c908266194bde8613e1204d2461c42
SHA256

ba29405deac8ab945d13b9dbe3d21277db5d7d3758aaaaf4817adf623c4e0a81
SHA512

e7a0568ee3879047a6577da9bb59bdff7b9dd643a19652554f8b8480431a680542801df0abde0b650df695543c46e084e7e4aba1be914898374c323fd2ea5997
SSDEEP

1536:ZdzZOqsZ5MB3H4RkijXntfFqiRl7huKrw:vz3YAH4R7jdfFTRb

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
e9767a5aca08955df6c95ab333208788_JaffaCakes118

Files

e9767a5aca08955df6c95ab333208788_JaffaCakes118
.exe windows:5 windows x86 arch:x86

5ff9188a53bff1ade11496a69b6709af

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

Y:\wIzke\wJZJhas\oMnRwofo\Orjsq\cneAcuE.pdb

Imports

gdi32

PatBlt
LineDDA
GetTextExtentExPointW
GetPixel
LPtoDP
GetMapMode
TextOutW
Ellipse

kernel32

FormatMessageW
HeapSize
GetCurrentThreadId
VirtualAlloc
GetSystemWindowsDirectoryA
GetUserDefaultUILanguage
SetCommMask
SetSystemTimeAdjustment
ReadFile
lstrlenA
CompareStringA
SetFileAttributesW
CreateMailslotW

comdlg32

ChooseColorW
FindTextW
GetOpenFileNameA

user32

SendDlgItemMessageW
MessageBoxExA
wsprintfA
TranslateAcceleratorA
LoadCursorA
DrawEdge
DeleteMenu
TrackPopupMenuEx
GetMonitorInfoW
keybd_event
GetUpdateRect
LookupIconIdFromDirectory
SetMenuItemInfoW

comctl32

PropertySheetA
ImageList_Remove

Exports

Exports

?iupfbujefkbmltmBWN@@YGXI@Z
?ubVtkIjva@@YGPAMG@Z
?kFkjcnagBjQff@@YGGPAKI@Z
?guftgmjYEyqwfaUupoRp@@YGII@Z
?gnaoZfzrfpsyiSbfpako@@YGFI@Z
?jfFiiknb@@YGHPAJ@Z

Sections

.text
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 1024B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 7KB - Virtual size: 203KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 33KB - Virtual size: 33KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

5ff9188a53bff1ade11496a69b6709af

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

gdi32

kernel32

comdlg32

user32

comctl32

Exports

Exports

Sections

.text Size: 8KB - Virtual size: 7KB

.rdata Size: 1024B - Virtual size: 1024B

.data Size: 7KB - Virtual size: 203KB

.rsrc Size: 33KB - Virtual size: 33KB

.reloc Size: 1KB - Virtual size: 1KB

.text
Size: 8KB - Virtual size: 7KB

.rdata
Size: 1024B - Virtual size: 1024B

.data
Size: 7KB - Virtual size: 203KB

.rsrc
Size: 33KB - Virtual size: 33KB

.reloc
Size: 1KB - Virtual size: 1KB