097427b67ce45ec2eb4340bc693c0b21_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

097427b67ce45ec2eb4340bc693c0b21_JaffaCakes118
Size

55KB
MD5

097427b67ce45ec2eb4340bc693c0b21
SHA1

3043f6c574310d4e2751ca6c43a18d97c63494e8
SHA256

f59ef120dd7953d0d0cbaaec3d64a84806f18e0addd34651a97dc3f4c6ff4519
SHA512

8f1559ca043082428d2cba7df5bbb72a13caceccc3ba4ed7f2ff1c39ad29a36f899e6fb00a7d84e503c5d45f700efd400e2a012a9b757bd79f63d447494441a3
SSDEEP

768:uMcmmZCAWgcg4QGZk4XAgyr2/qDWghtNyn6SEZwwuVbW1+Kx9Y6p83vX7JX2ifC3:ummZCAWg94Q2k4XYxlSo+/LJ8F

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
097427b67ce45ec2eb4340bc693c0b21_JaffaCakes118

Files

097427b67ce45ec2eb4340bc693c0b21_JaffaCakes118
.exe windows:5 windows x86 arch:x86

8cffefbb004bc64a01747883bf6f4d0b

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

Q:\kFgz\OwwRQZbzZ\dtDahMR\vjqFCuqSof.dlU

Imports

user32

GetPropW
AppendMenuA
GetWindowTextLengthW
MonitorFromRect
SetDlgItemTextA
GetAsyncKeyState
GetMessageTime
SetDlgItemTextW
CharUpperA
MessageBoxExA
IsCharAlphaA
LoadImageW
CallWindowProcA
RemoveMenu

shlwapi

StrCmpNIA

comctl32

ImageList_GetImageCount
CreatePropertySheetPageW
ImageList_LoadImageW
ImageList_Destroy

gdi32

CreateDIBSection
RectVisible
GetSystemPaletteUse
GetRgnBox
GetViewportOrgEx
CreateRoundRectRgn
OffsetRgn
SetBrushOrgEx

kernel32

GetFileTime
SetupComm
GetCompressedFileSizeW
SetCommTimeouts
CompareStringW
GlobalFree
DuplicateHandle
CreateNamedPipeA
SetThreadPriority
GetTimeZoneInformation
GetShortPathNameW
CreateEventW
GetSystemTimeAdjustment

ntdll

memset

Exports

Exports

?DulnqzdrjNpquucdmnvvw@@YGPAMPAG@Z
?IviujEioeGfvlzue@@YGJJPAF@Z
?SoNqzkrsts@@YGPAIK@Z
?MzyjzerWHdojatingwhcgm@@YGXPAG@Z
?Yvxlvii@@YGNFE@Z
?JzrneMngzhazmhjzzvcnh@@YGGPAE@Z

Sections

.itext
Size: 22KB - Virtual size: 21KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.text
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 20KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

8cffefbb004bc64a01747883bf6f4d0b

Headers

File Characteristics

PDB Paths

Imports

user32

shlwapi

comctl32

gdi32

kernel32

ntdll

Exports

Exports

Sections

.itext Size: 22KB - Virtual size: 21KB

.text Size: 5KB - Virtual size: 4KB

.data Size: 4KB - Virtual size: 4KB

.rsrc Size: 20KB - Virtual size: 20KB

.reloc Size: 2KB - Virtual size: 2KB

.itext
Size: 22KB - Virtual size: 21KB

.text
Size: 5KB - Virtual size: 4KB

.data
Size: 4KB - Virtual size: 4KB

.rsrc
Size: 20KB - Virtual size: 20KB

.reloc
Size: 2KB - Virtual size: 2KB