fb51231ca6803635917bd9025f25cfac_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

fb51231ca6803635917bd9025f25cfac_JaffaCakes118
Size

88KB
MD5

fb51231ca6803635917bd9025f25cfac
SHA1

0456b81c6ab10e7735314c0672d333a4655e0a9d
SHA256

2ce367cb1f5f4ba76ed1521804925f9765103490be5b476bd016d2e596ee31eb
SHA512

2699cd3f7e81a1c016ba5298ac11eecd556ff5c9eeb0fc3eb96b2eda973b987f35d951c595180e8f2d4533e8b6705e00aa500ea38f27bf972183c966c1b43a50
SSDEEP

1536:zyH5XYh0xab1owe+MFBAsGcR6FiS5jr1cf2f3tYM9tREAwEKXuFZ:WoEeowuusGyKxRef2PKM9E1yZ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
fb51231ca6803635917bd9025f25cfac_JaffaCakes118

Files

fb51231ca6803635917bd9025f25cfac_JaffaCakes118
.exe windows:5 windows x86 arch:x86

384f5e67efa2407f2519ef7f327a8f59

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

R:\UOCooler10\Release\UOCooler.pdb

Imports

kernel32

GetModuleHandleW
GetModuleFileNameW
WritePrivateProfileStringW
GetPrivateProfileIntW
lstrcatW
lstrcpyW
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
IsDebuggerPresent

user32

IsDialogMessageW
TranslateMessage
ShowWindow
SetForegroundWindow
GetSubMenu
LoadIconW
RegisterWindowMessageW
TrackPopupMenu
PostQuitMessage
GetMessageW
DestroyWindow
LoadMenuW
SetWindowLongW
SendDlgItemMessageW
PostMessageW
GetCursorPos
CreateDialogParamW
SendMessageW
DestroyMenu
DispatchMessageW
wsprintfW

shell32

Shell_NotifyIconW

shlwapi

PathRemoveFileSpecW
PathAddBackslashW

Sections

.text
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 7KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

hbglwfme
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

7turj210
Size: 71KB - Virtual size: 72KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

jlryb5.2
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

384f5e67efa2407f2519ef7f327a8f59

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

user32

shell32

shlwapi

Sections

.text Size: 1KB - Virtual size: 4KB

.rdata Size: 1KB - Virtual size: 4KB

.data Size: 512B - Virtual size: 4KB

.rsrc Size: 7KB - Virtual size: 8KB

hbglwfme Size: 512B - Virtual size: 4KB

7turj210 Size: 71KB - Virtual size: 72KB

jlryb5.2 Size: 4KB - Virtual size: 4KB

.text
Size: 1KB - Virtual size: 4KB

.rdata
Size: 1KB - Virtual size: 4KB

.data
Size: 512B - Virtual size: 4KB

.rsrc
Size: 7KB - Virtual size: 8KB

hbglwfme
Size: 512B - Virtual size: 4KB

7turj210
Size: 71KB - Virtual size: 72KB

jlryb5.2
Size: 4KB - Virtual size: 4KB