e9feb793e6bed928984a29ded311b5e1_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

e9feb793e6bed928984a29ded311b5e1_JaffaCakes118
Size

116KB
MD5

e9feb793e6bed928984a29ded311b5e1
SHA1

4fe320e65f25a4ad098c89cbc30b5dce3b21599f
SHA256

272813ab2618087fe42be7ced666f55a25e483830cc0af4f08baa13234ca5d35
SHA512

f2cfde712310da55b567cf59bd80410539cd9a7b6f2b6cf61707ca8efbc6c643e96fe3f8e0d990b2d381dc4a4fcb7bded4a8efba593929c3964b39b33aad35c6
SSDEEP

3072:GqW7+/kxqU1IFuf6Z3dwqfErx2LRCvdtYhwpxpN:GqW7+G1IFufG6qfagRCvdtb

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
e9feb793e6bed928984a29ded311b5e1_JaffaCakes118

Files

e9feb793e6bed928984a29ded311b5e1_JaffaCakes118
.exe windows:5 windows x86 arch:x86

3bfe0a68f3f5ca4b6eaff535aa77cbc2

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

G:\vnLr\NrFc\iudnsfq\jSkmhl\mnwc.pdb

Imports

comctl32

ImageList_Draw
ImageList_Read
ImageList_GetImageCount
ImageList_Destroy
CreateToolbarEx

kernel32

IsBadCodePtr
FindNextChangeNotification
SetFileApisToOEM
GetFileTime
DisconnectNamedPipe
lstrcatW
GetCommConfig
SetCurrentDirectoryA
GetLocaleInfoA
FindResourceW
EnumSystemLocalesA
AddAtomW
GetExitCodeThread
SetThreadPriority
GetStdHandle
OpenEventA

user32

RegisterWindowMessageW
IsWindowVisible
GetMenuItemID
CallWindowProcA
CharNextW
CharLowerA
GetClassInfoW
EqualRect
GetCapture
GetSysColorBrush
CheckMenuRadioItem
DrawMenuBar
DeferWindowPos
GetSystemMetrics
GetMenuItemRect
GetForegroundWindow
SystemParametersInfoW
ClientToScreen
GetMenuItemCount
GetDlgItemTextW
DialogBoxParamW
AllowSetForegroundWindow
GetMenuState
SetMenuItemInfoW
SetTimer
GetClassLongA
CharLowerBuffW
SetLastErrorEx
InternalGetWindowText
GetCaretPos
BringWindowToTop
SetWindowLongW

gdi32

CreateBitmapIndirect
DeleteDC
ScaleViewportExtEx
ResizePalette
GetObjectW
CreateHatchBrush
RestoreDC
SetWindowExtEx
PtInRegion
CreatePalette
ExtFloodFill
LineDDA
GetClipBox
DeleteObject

comdlg32

CommDlgExtendedError
GetSaveFileNameA
GetOpenFileNameW

Exports

Exports

?_OpenDesktopA@@YGXEHPAD@Z

Sections

.text
Size: 65KB - Virtual size: 65KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: - Virtual size: 132KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 25KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 23KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

3bfe0a68f3f5ca4b6eaff535aa77cbc2

Headers

File Characteristics

PDB Paths

Imports

comctl32

kernel32

user32

gdi32

comdlg32

Exports

Exports

Sections

.text Size: 65KB - Virtual size: 65KB

.rdata Size: - Virtual size: 132KB

.data Size: 25KB - Virtual size: 24KB

.pdata Size: 23KB - Virtual size: 22KB

.rsrc Size: 512B - Virtual size: 16B

.reloc Size: 1KB - Virtual size: 1KB

.text
Size: 65KB - Virtual size: 65KB

.rdata
Size: - Virtual size: 132KB

.data
Size: 25KB - Virtual size: 24KB

.pdata
Size: 23KB - Virtual size: 22KB

.rsrc
Size: 512B - Virtual size: 16B

.reloc
Size: 1KB - Virtual size: 1KB