f9a00dc4a9637fa216630f4d5e2c8b37_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

f9a00dc4a9637fa216630f4d5e2c8b37_JaffaCakes118
Size

98KB
MD5

f9a00dc4a9637fa216630f4d5e2c8b37
SHA1

58c2ea15ecab7eb1674fb3a29f0b72b222da826b
SHA256

120c24760fff974d67ae75bfbc2dba7cf583170cdf2a8c31adf9691cc77a0ef5
SHA512

15edf799761216a564d4872811a02dc3c269a2dc7a66f5fe399624e1524df16323c66434527a2f39be4784c85143dc57632f94e87afe640862eaef3186edb33a
SSDEEP

1536:9AuxfK6DOHpn2+3wc+TBsYu1fOc7kOi1mkCzzT/sX083Mkd3cklj:9AeAJ2+3YvyfOAsmkC3T/K5MEP

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f9a00dc4a9637fa216630f4d5e2c8b37_JaffaCakes118

Files

f9a00dc4a9637fa216630f4d5e2c8b37_JaffaCakes118
.exe windows:5 windows x86 arch:x86

5515669a2a42d9b405bb24821990a07e

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

O:\jaESs\qltIQjxC\odsxLqp.pdb

Imports

user32

InvalidateRgn
LoadIconA
HiliteMenuItem
RegisterHotKey
GetCaretBlinkTime
CloseDesktop
EndPaint
GetKeyboardLayout
LoadStringW
DefDlgProcW
CharUpperW
ChildWindowFromPointEx
CharUpperBuffA
SendMessageW

shlwapi

StrToIntA
PathFindFileNameW

gdi32

GetSystemPaletteUse
GetTextMetricsW
GetTextFaceW
GetBitmapBits
GetViewportOrgEx

kernel32

SetFileApisToOEM
GetFullPathNameW
GetCurrentProcessId
IsBadReadPtr
lstrcmpA
CancelIo
GlobalAddAtomW
GetTempFileNameA
ExitThread

Exports

Exports

?_WFD_NGn_xkwhLVU_MOK@@YGPAGJ@Z
?__jpe__T__V@@YGPAXPAD@Z
?vFMS_Ybr_w_@@YG_NGG@Z
?j__s_afkv@@YGPAMPAMPAK@Z
?q_wW_L_FO__E_RArzpc_z@@YGPAXPAGPAG@Z
?h_lmokjzks_b__Z@@YGXK@Z
?_h_bjum__b@@YGEIPAI@Z
?VppLslNb_t_gcul@@YG_NPAKJ@Z
?mgxpIX__EAM@@YGPAGE@Z
?gsnD_MKW@@YGEPAEPAD@Z

Sections

.text
Size: 512B - Virtual size: 136B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.code
Size: 24KB - Virtual size: 23KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 48KB - Virtual size: 172KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 17KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

5515669a2a42d9b405bb24821990a07e

Headers

File Characteristics

PDB Paths

Imports

user32

shlwapi

gdi32

kernel32

Exports

Exports

Sections

.text Size: 512B - Virtual size: 136B

.code Size: 24KB - Virtual size: 23KB

.data Size: 48KB - Virtual size: 172KB

.rdata Size: 17KB - Virtual size: 17KB

.edata Size: 1KB - Virtual size: 1KB

.rsrc Size: 3KB - Virtual size: 3KB

.reloc Size: 1KB - Virtual size: 1KB

.text
Size: 512B - Virtual size: 136B

.code
Size: 24KB - Virtual size: 23KB

.data
Size: 48KB - Virtual size: 172KB

.rdata
Size: 17KB - Virtual size: 17KB

.edata
Size: 1KB - Virtual size: 1KB

.rsrc
Size: 3KB - Virtual size: 3KB

.reloc
Size: 1KB - Virtual size: 1KB