ff46a92ab17c977ec9a2dc4956f5a5f1_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

ff46a92ab17c977ec9a2dc4956f5a5f1_JaffaCakes118
Size

143KB
MD5

ff46a92ab17c977ec9a2dc4956f5a5f1
SHA1

37fac79e6b2ecf1e62806a26eea6f729caa6c58e
SHA256

6ccbe517612618790bcb949021282adf0892b51c3777d450c892004b7863613a
SHA512

0923f4cdd0acbfa85984a1dcdd293d15f1f416b2e2571cca03c28649236bff1863a6f5e44c479ce298eb85afba5d87145c0ae99cda84a103016b67f431a00f55
SSDEEP

3072:DZDe8SsVRFozIobQPfOtu0LIUtviCAhff9Dps1nLIGzngTD9jiIa4:DZD/VYzIUeKumtv5Ahn9D8nLIon+D9R

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ff46a92ab17c977ec9a2dc4956f5a5f1_JaffaCakes118

Files

ff46a92ab17c977ec9a2dc4956f5a5f1_JaffaCakes118
.exe windows:5 windows x86 arch:x86

0296166346fd41fb80938ce4058887c8

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

C:\uBcvfDoh\kWab\eWabT.pdb

Imports

user32

DefDlgProcA
SetWindowPlacement
CopyImage
AdjustWindowRectEx
LoadIconW
OpenIcon
SystemParametersInfoA
SetActiveWindow
wsprintfW
OpenInputDesktop
IsDialogMessageW
GetDesktopWindow

ntdll

_stricmp

shlwapi

PathMakePrettyW

gdi32

SelectPalette
Polygon
StartPage
ScaleViewportExtEx
CreateCompatibleDC

kernel32

LoadLibraryExA
HeapCreate
lstrcmpiW
ExitProcess
GetCommModemStatus
lstrlenA
LockResource
lstrcpynA
GetCurrentProcessId
GetPriorityClass

comdlg32

GetOpenFileNameW
PageSetupDlgW
GetFileTitleW
ReplaceTextW

Exports

Exports

?uvzC_KNZ__yvav_qy@@YGPAIDPAE@Z
?wvn__OB@@YGPAGIG@Z
?sysuQ_o_r@@YGXPAEG@Z
?NL_RLxz__mvs_@@YGPAEFJ@Z
?ckauxgOclnf@@YGGPAFJ@Z
?_fhmqiB@@YGXPAN@Z
?__ktZRXQ_Ujzy_t_lyG@@YGPAHFPAJ@Z
?lkztPRmaok_d@@YGEGPAG@Z
?LP_PD_X@@YGXN@Z
?FPYGZJK@@YGPAFMPAH@Z
?uz__u___lsrfweztmc_yV@@YGFM@Z
?R_YMT_Y_TBXUoTWD@@YGPAKPAJ@Z

Sections

.code
Size: 23KB - Virtual size: 23KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.import
Size: 1024B - Virtual size: 918B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 67KB - Virtual size: 439KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 47KB - Virtual size: 47KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 491B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

0296166346fd41fb80938ce4058887c8

Headers

File Characteristics

PDB Paths

Imports

user32

ntdll

shlwapi

gdi32

kernel32

comdlg32

Exports

Exports

Sections

.code Size: 23KB - Virtual size: 23KB

.import Size: 1024B - Virtual size: 918B

.data Size: 67KB - Virtual size: 439KB

.rdata Size: 47KB - Virtual size: 47KB

.edata Size: 512B - Virtual size: 491B

.rsrc Size: 2KB - Virtual size: 1KB

.reloc Size: 1KB - Virtual size: 1KB

.code
Size: 23KB - Virtual size: 23KB

.import
Size: 1024B - Virtual size: 918B

.data
Size: 67KB - Virtual size: 439KB

.rdata
Size: 47KB - Virtual size: 47KB

.edata
Size: 512B - Virtual size: 491B

.rsrc
Size: 2KB - Virtual size: 1KB

.reloc
Size: 1KB - Virtual size: 1KB