fa2dddf253abf204ea17fb818996748c_JaffaCakes118

General

Target

fa2dddf253abf204ea17fb818996748c_JaffaCakes118
Size

72KB
MD5

fa2dddf253abf204ea17fb818996748c
SHA1

9fc09994ddb041d1dac6a952ecf0912404b5d3ee
SHA256

5a6a385674b19753b0daa54a66dc0eaf04993adefd8f558f563d5f75f9d7a745
SHA512

6b4b4a3b6e3890fd9c73db4f0af63db0c7b9f409a155c27fd5b597ff0d9881a4e59d113a8243383d56a8d356dc1c0d82d418044f0d07d3b4abde7b5ce39ed652
SSDEEP

1536:3Tp8G8p8EG1S6TVcB79da3pDvC6izhzCSL67BWm/EmFO:3TCTUVl3pDvtigSiW2EmFO

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
fa2dddf253abf204ea17fb818996748c_JaffaCakes118

Files

fa2dddf253abf204ea17fb818996748c_JaffaCakes118
.exe windows:5 windows x86 arch:x86

2ad99a79f58aa5c4d2d08e68deb93e3c

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

comctl32

PropertySheetW
InitCommonControlsEx
ImageList_Remove
CreateToolbarEx

shlwapi

PathBuildRootW
StrCatW
PathFindFileNameW

gdi32

GetSystemPaletteUse
GetObjectW
DeleteObject
TextOutA
GetCurrentObject
CreateRectRgn
EnumFontFamiliesExW
LPtoDP
EndPage

kernel32

GetExitCodeProcess
lstrcpyA
GlobalHandle
MoveFileExW
SizeofResource
SetErrorMode
GetOEMCP
GetModuleHandleA
GlobalCompact
LoadLibraryA
ResetEvent
ResumeThread
GetUserDefaultLangID
SetConsoleCP
SetHandleInformation

user32

FindWindowW
HideCaret
GetMenu
AdjustWindowRect
SetPropW
DestroyWindow
GetWindowDC
SetWindowPos
GetCaretBlinkTime
KillTimer
DestroyMenu
LoadStringW
CascadeChildWindows

Exports

Exports

_RftxHivd_oxaBweq_mdYnb
_GIxtNsft_mylaebn_pv
_Milzxaeu_rouwvW
_WvqubywA_vnhwoBfphv
_IWdEnxKdt_Ftnmt
_Dyowsohp_Nfgrtb
_Hacjguvv_twwyhp

Sections

.text
Size: 44KB - Virtual size: 48KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.tlc
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 12KB - Virtual size: 84KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

2ad99a79f58aa5c4d2d08e68deb93e3c

Headers

File Characteristics

Imports

comctl32

shlwapi

gdi32

kernel32

user32

Exports

Exports

Sections

.text Size: 44KB - Virtual size: 48KB

.tlc Size: 7KB - Virtual size: 7KB

.data Size: 12KB - Virtual size: 84KB

.rsrc Size: 4KB - Virtual size: 3KB

.reloc Size: 4KB - Virtual size: 3KB

.text
Size: 44KB - Virtual size: 48KB

.tlc
Size: 7KB - Virtual size: 7KB

.data
Size: 12KB - Virtual size: 84KB

.rsrc
Size: 4KB - Virtual size: 3KB

.reloc
Size: 4KB - Virtual size: 3KB