f6698e9003850e55dc05d3c2ec4091b6_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

f6698e9003850e55dc05d3c2ec4091b6_JaffaCakes118
Size

138KB
MD5

f6698e9003850e55dc05d3c2ec4091b6
SHA1

9d03732d1517e973ecac97652419e2af1de41f46
SHA256

c3b6509c659ca0d909480b529afdac16f4f384fd1a1aa4dbfafe923315d6b4e5
SHA512

13c863a81f373ea0511c978c84235b5017058df138d73e327faef263542694e0400c1120a5fa7e4f599e325769e6a87eb53ad622fcdb7386f31d3440dd8a0a11
SSDEEP

3072:U8O3aGb9IgbuVheBvWIBuGuvJyCI7aoH+eeBbCYum+jBLz28b:U8kbigCVheBvWIneyNVeN+I8b

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f6698e9003850e55dc05d3c2ec4091b6_JaffaCakes118

Files

f6698e9003850e55dc05d3c2ec4091b6_JaffaCakes118
.exe windows:5 windows x86 arch:x86

7c4f13a2c87b94a296b0ad4ff792193c

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

J:\tccrk\dYAaeMpe\wbzWiykh\RHXu\gemnbl.pdb

Imports

gdi32

CreateDCW
AddFontResourceW
CreateCompatibleDC
CreateDIBitmap
GetTextExtentPoint32A
RestoreDC

msvcrt

exit

comctl32

CreatePropertySheetPageW
ImageList_Remove
ImageList_GetIconSize

kernel32

LocalFree
GetFileAttributesExA
ExitProcess
GetSystemTimeAdjustment
GlobalGetAtomNameA
LoadLibraryW
GetUserDefaultLangID
HeapReAlloc

shlwapi

PathMakePrettyA
PathCanonicalizeW
StrSpnA

user32

DestroyCursor
OpenInputDesktop
SetMenuItemInfoW
SetScrollRange
SetScrollPos
GetClassLongA
MapVirtualKeyExW
GetMenuState
SetParent
GetUpdateRect
EnableMenuItem
LookupIconIdFromDirectory
TranslateMessage

Exports

Exports

?QU_B_DBNHem_ibyA@@YGMH@Z
?Imehkjff_w_ktomoi__@@YGXEF@Z
?ptkzk_f_cqxbp@@YGXMK@Z
?_soul_iFSfk@@YGKJ@Z
?_inkz_KHTUFicwdsYNB_A_@@YGG_N@Z

Sections

.text
Size: 46KB - Virtual size: 46KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.r_dat
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 161KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 25KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.pdata
Size: 14KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 41KB - Virtual size: 44KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 29KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

7c4f13a2c87b94a296b0ad4ff792193c

Headers

File Characteristics

PDB Paths

Imports

gdi32

msvcrt

comctl32

kernel32

shlwapi

user32

Exports

Exports

Sections

.text Size: 46KB - Virtual size: 46KB

.r_dat Size: 3KB - Virtual size: 3KB

.data Size: 5KB - Virtual size: 161KB

.rdata Size: 25KB - Virtual size: 25KB

.pdata Size: 14KB - Virtual size: 13KB

.rsrc Size: 41KB - Virtual size: 44KB

.reloc Size: 2KB - Virtual size: 29KB

.text
Size: 46KB - Virtual size: 46KB

.r_dat
Size: 3KB - Virtual size: 3KB

.data
Size: 5KB - Virtual size: 161KB

.rdata
Size: 25KB - Virtual size: 25KB

.pdata
Size: 14KB - Virtual size: 13KB

.rsrc
Size: 41KB - Virtual size: 44KB

.reloc
Size: 2KB - Virtual size: 29KB