f043793bf1615bb4d2698023a9aa991b_JaffaCakes118

General

Target

f043793bf1615bb4d2698023a9aa991b_JaffaCakes118
Size

177KB
MD5

f043793bf1615bb4d2698023a9aa991b
SHA1

8f4720c626335308c13ecd783123c0369ae7b12d
SHA256

13874dde09792163e27f9c36f196865ce668f6c2f86fe6de04e41db530863e3c
SHA512

aff3c27963228f32add60bf7ffa5b8df777fac8497260bf8318605fd8ca3d507156be311e431f6c6cc97855a77b06b5050d4d16e8713f004d4c7b141fd720dfd
SSDEEP

3072:buLzeeWjGppcPllqjS8g0sCa+tC0//lp3P4jKsaAi:b0KAcPlbn+a+cE/lBetfi

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f043793bf1615bb4d2698023a9aa991b_JaffaCakes118

Files

f043793bf1615bb4d2698023a9aa991b_JaffaCakes118
.exe windows:5 windows x86 arch:x86

75fc4828a77e0a14e621a6aea98d90a1

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

B:\dAClpUAe\twuwWgj\soVvZ\spSemd\kKrqglz.pdb

Imports

gdi32

RestoreDC
SetTextAlign
GetDeviceCaps
CreateDIBSection
CreatePen
Polygon
GetTextColor
CreateHatchBrush

user32

SendInput
InsertMenuItemW
MessageBoxExA
LoadBitmapW
GetProcessDefaultLayout
IsCharAlphaW
DeleteMenu
CopyImage
GetForegroundWindow
DrawTextExW
LoadCursorW
DialogBoxParamW
SetWindowPlacement
GetClassInfoExA

kernel32

GetCurrentThreadId
GetTickCount
LocalFree
GetSystemDirectoryA
OpenSemaphoreW
SetCommState
GetFileSize
lstrcmpW
GetSystemDefaultLCID
GetModuleHandleW
GetProcAddress
GlobalReAlloc
lstrlenW
CompareStringA

Exports

Exports

?aotUvODqzqwjNxtMh@@YGXFPAH@Z
?qdkJscctLIx@@YGPAXEPAG@Z
?PskHxoK@@YGXPAD@Z
?ewtvEnPzdhzRMl@@YGJHPAM@Z
?ytxQxuewwwUd@@YGXEPAJ@Z

Sections

.text
Size: 17KB - Virtual size: 16KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 76KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.crt
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 234B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 148KB - Virtual size: 148KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

75fc4828a77e0a14e621a6aea98d90a1

Headers

File Characteristics

PDB Paths

Imports

gdi32

user32

kernel32

Exports

Exports

Sections

.text Size: 17KB - Virtual size: 16KB

.data Size: 4KB - Virtual size: 76KB

.crt Size: 3KB - Virtual size: 3KB

.edata Size: 512B - Virtual size: 234B

.rsrc Size: 148KB - Virtual size: 148KB

.reloc Size: 2KB - Virtual size: 1KB

.text
Size: 17KB - Virtual size: 16KB

.data
Size: 4KB - Virtual size: 76KB

.crt
Size: 3KB - Virtual size: 3KB

.edata
Size: 512B - Virtual size: 234B

.rsrc
Size: 148KB - Virtual size: 148KB

.reloc
Size: 2KB - Virtual size: 1KB