f69fc1f8cbff7ecd225fb8fdee675d73_JaffaCakes118

General

Target

f69fc1f8cbff7ecd225fb8fdee675d73_JaffaCakes118
Size

182KB
MD5

f69fc1f8cbff7ecd225fb8fdee675d73
SHA1

f1adc7cc88d56f435879760e007f19c6b9d2e7e5
SHA256

2757ab041774354ca26fc4e74a9642201951b755343a44b4c57dd014b8e3541a
SHA512

e49a2be0aba40f3ece6028263c26a52a47374be8e3c3bcc286d36c92ca5a948e095997af3c4691d3263841deb5bb5b000d4cb60cefb2ea4557fd6f7da3248af1
SSDEEP

3072:nZiNckygw6yDSmf9DMvKrqIAA9PBmU9JN2hLZmPYn60iyuU5VuyEJcE6cb6cS:nv57lDKR3U7whLZmPY60ZuU5VuyEytw0

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f69fc1f8cbff7ecd225fb8fdee675d73_JaffaCakes118

Files

f69fc1f8cbff7ecd225fb8fdee675d73_JaffaCakes118
.exe windows:5 windows x86 arch:x86

114222350465a9948c61581d2bdce3d4

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

U:\RQsm\TEhDUk\ovwXsYmb.pdb

Imports

ntdll

_aullrem

kernel32

GetSystemWindowsDirectoryA
GetModuleFileNameA
GlobalFlags
GetProcAddress
GetModuleHandleW
LoadLibraryExA
FileTimeToDosDateTime
LCMapStringW
GetAtomNameW
lstrcmpiW
CreateSemaphoreW
RemoveDirectoryA
GlobalUnlock
lstrlenW

user32

OpenIcon
GetWindow
DrawTextA
SetCursor
AllowSetForegroundWindow
SendMessageW
AdjustWindowRect
LoadIconW
LoadMenuW
GetScrollPos
FindWindowA
LoadMenuA
WindowFromPoint

gdi32

GetTextColor
SaveDC
ResizePalette
EnumFontFamiliesW
RemoveFontResourceW
SelectClipRgn
GetMapMode
LPtoDP

comctl32

CreatePropertySheetPageW
ImageList_GetIconSize

Exports

Exports

?glplldvbzyfNRsRxNq@@YGNNPAG@Z
?YMgtfwriwumsGymujpwH@@YGHH@Z

Sections

.text
Size: 26KB - Virtual size: 26KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.edata
Size: 512B - Virtual size: 138B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 141KB - Virtual size: 205KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.crt
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

114222350465a9948c61581d2bdce3d4

Headers

File Characteristics

PDB Paths

Imports

ntdll

kernel32

user32

gdi32

comctl32

Exports

Exports

Sections

.text Size: 26KB - Virtual size: 26KB

.edata Size: 512B - Virtual size: 138B

.data Size: 141KB - Virtual size: 205KB

.crt Size: 4KB - Virtual size: 4KB

.rsrc Size: 4KB - Virtual size: 4KB

.reloc Size: 4KB - Virtual size: 3KB

.text
Size: 26KB - Virtual size: 26KB

.edata
Size: 512B - Virtual size: 138B

.data
Size: 141KB - Virtual size: 205KB

.crt
Size: 4KB - Virtual size: 4KB

.rsrc
Size: 4KB - Virtual size: 4KB

.reloc
Size: 4KB - Virtual size: 3KB