faeb195da44472d6ff501be847643c9b_JaffaCakes118 | Triage

Sharing

General

Target

faeb195da44472d6ff501be847643c9b_JaffaCakes118
Size

171KB
MD5

faeb195da44472d6ff501be847643c9b
SHA1

c7a633b0d33e64144c664c433a26c40ecce35260
SHA256

fc11097eaf4e2cc3b36ff3e3ca399568219693623a3c85142dd6a3999404c7b4
SHA512

569b263b892ce1d24f67e75b0d3b7656c3635955e8b9180f59246ef06656fef51252ec6be59040221a45cbe27d0354bf4c041006303725f8a3d7fe408d34df4c
SSDEEP

3072:Aj9scCn801mSZ5nKv/MLaSlYr0T1sDq8SyVHw4eKmScIfb2w/nR6rmMz:9cuv1NZ5nKv/MLsk1susHqkfbVRomM

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
faeb195da44472d6ff501be847643c9b_JaffaCakes118

Files

faeb195da44472d6ff501be847643c9b_JaffaCakes118
.exe windows:5 windows x86 arch:x86

a5037179d09dcdd59981698158a076b9

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

J:\wlwozegkrVpndM\KvVbeqdhtFtm\gmtcpJrgsjan\iLVvXswspggo\nwytQbsg.pdb

Imports

gdi32

CreateRectRgn
CreateFontIndirectW
CreateRoundRectRgn
AddFontResourceW
GetObjectW

kernel32

GetModuleFileNameA
GetModuleHandleA
GetFileTime
SetPriorityClass
SetSystemTime
GetProcAddress
GetShortPathNameW
LoadLibraryA
GetSystemTimeAsFileTime
lstrlenA

user32

InsertMenuItemW
GetWindowDC
WaitForInputIdle
CharNextW
wsprintfW
IsWindowUnicode
IsCharUpperW
GetScrollPos
FrameRect

msvcrt

_controlfp
__set_app_type
__p__fmode
_wtoi
iswdigit
memset
__p__commode
_amsg_exit
_initterm
_ismbblead
_XcptFilter
_exit
_cexit
__setusermatherr
atoi
__getmainargs

shlwapi

ChrCmpIW
StrCmpIW
UrlGetLocationW

Exports

Exports

?CreateDlgMessage@@YGHPAXPADK|U

Sections

.text
Size: 26KB - Virtual size: 26KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.ort
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 140KB - Virtual size: 325KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE