ebb1b8a0b302f5682e87a9670fafa4d1_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

ebb1b8a0b302f5682e87a9670fafa4d1_JaffaCakes118
Size

126KB
MD5

ebb1b8a0b302f5682e87a9670fafa4d1
SHA1

5d0ff1d49e45862f2ede07040811552c5c5c8fa6
SHA256

2033d3fcb6f35ad7043795a52dcbac648bef3a00427a662293bc21b377fb8781
SHA512

24f0a9d84ed78bbbc6f4902ac77b2bb4cdddc09ce1bb90c39b28d23e1564c3a866b8cb60614e76c88f1506a4986cea27ff51ab56375f2eed21277b856ba9c028
SSDEEP

3072:728ojus4YIZZeHdLKa6lFuYCnHtAOzLk6s8XbrNWfkQ2uqTl6:C8oKsaO9LujkbzLk0XnN+kQ2zl

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ebb1b8a0b302f5682e87a9670fafa4d1_JaffaCakes118

Files

ebb1b8a0b302f5682e87a9670fafa4d1_JaffaCakes118
.exe windows:5 windows x86 arch:x86

b28d2b613d8096deb389e3ceb697a782

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

O:\uaklim\ybxza\vhWmngom.pdb

Imports

kernel32

GetStartupInfoW
lstrlenA
GetTempPathA
SetFileAttributesW
LockFile
SetEvent
lstrcatA
GetLastError
CreateWaitableTimerA
SetCommState
ClearCommBreak
IsValidLocale
lstrlenW

user32

RegisterClassExW
wsprintfA
FindWindowA
SetWindowLongA
GetClassInfoA
LockWindowUpdate
EndPaint
RegisterClassExA
GetCaretBlinkTime
DeferWindowPos
InvertRect
GetActiveWindow
SetScrollRange
SetWindowRgn

gdi32

PtInRegion
SetBitmapBits
GetTextExtentPointW
GetTextFaceW
SetTextAlign
PtVisible
GetROP2
CreateCompatibleBitmap
GetBkMode

Exports

Exports

?ysAmnzjsVLdl@@YGIGPAG@Z
?waqbXmjynr@@YGGPAFPAF@Z
?VqrmemvWyhDmbc@@YGEH@Z
?BPrGepQidSqutLyzjeuUyw@@YGMPAF@Z
?DpYQuqZxXvtdku@@YGPANI@Z
?mSgxiqxju@@YGXNH@Z
?ZzadkwwemakTrKPZpqvMk@@YGGI@Z

Sections

.text
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 13KB - Virtual size: 289KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 99KB - Virtual size: 99KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ