f04629cc773f8b50b2386d6e0ae7518f_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

f04629cc773f8b50b2386d6e0ae7518f_JaffaCakes118
Size

63KB
MD5

f04629cc773f8b50b2386d6e0ae7518f
SHA1

ed9a673bd981209d0b7335e82181d28dca3b6fd9
SHA256

4ae9bffdcf15dcc2823dcf154a3c63c98909114ad35c57041d065d94fe6d8601
SHA512

f4ee943df774035e927e86c6b8563f6e1845492b9be02cc654f1719b8f2e3f3a8237735bca659de88ca62739ffc551c3dd66cc3851d2009d1fc7c52ad7f29997
SSDEEP

1536:gHodfNO5L56b6AS199E0QGNbB44FgrvQndcy:g+oIbnk95/n

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f04629cc773f8b50b2386d6e0ae7518f_JaffaCakes118

Files

f04629cc773f8b50b2386d6e0ae7518f_JaffaCakes118
.exe windows:5 windows x86 arch:x86

5987eb978419bd7683c78c0feed4b84c

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

I:\jjaBqKu\kfkdmXo\tsJqgIuw\Nypmzt\kkVFBb.pdb

Imports

user32

GetWindow
GetParent
PeekMessageA
DialogBoxParamW
DestroyCaret
InSendMessage
GetDesktopWindow
GetWindowContextHelpId
InSendMessageEx
GetClassInfoA
GetTopWindow
LoadImageW
MapWindowPoints
RegisterClassA

ntdll

memset

gdi32

GetBkMode
GetPaletteEntries
GetFontData
StretchDIBits
ResizePalette

comctl32

CreatePropertySheetPageA
CreateToolbarEx
ImageList_Create

kernel32

ExitProcess
DisconnectNamedPipe
RemoveDirectoryA
AreFileApisANSI
SetHandleInformation
GetTempFileNameA
FindResourceW

shlwapi

StrCSpnIA
ord155
PathCanonicalizeW
PathRemoveFileSpecW
PathCommonPrefixW

Exports

Exports

?okfqwXaws@@YGXPAHPAD@Z
?rvtwqJFciPUyCaewn@@YGXPAG@Z
?sWYuOaoyCjBhvxeumwiEs@@YGKPAN@Z

Sections

.text
Size: 512B - Virtual size: 164B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.code
Size: 23KB - Virtual size: 23KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 13KB - Virtual size: 72KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 19KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 169B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 4KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

5987eb978419bd7683c78c0feed4b84c

Headers

File Characteristics

PDB Paths

Imports

user32

ntdll

gdi32

comctl32

kernel32

shlwapi

Exports

Exports

Sections

.text Size: 512B - Virtual size: 164B

.code Size: 23KB - Virtual size: 23KB

.data Size: 13KB - Virtual size: 72KB

.rdata Size: 19KB - Virtual size: 19KB

.edata Size: 512B - Virtual size: 169B

.rsrc Size: 4KB - Virtual size: 8KB

.reloc Size: 1KB - Virtual size: 1KB

.text
Size: 512B - Virtual size: 164B

.code
Size: 23KB - Virtual size: 23KB

.data
Size: 13KB - Virtual size: 72KB

.rdata
Size: 19KB - Virtual size: 19KB

.edata
Size: 512B - Virtual size: 169B

.rsrc
Size: 4KB - Virtual size: 8KB

.reloc
Size: 1KB - Virtual size: 1KB