0ede8327bcb476283e689965ef2f4032_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

0ede8327bcb476283e689965ef2f4032_JaffaCakes118
Size

119KB
MD5

0ede8327bcb476283e689965ef2f4032
SHA1

3ef913cf59c939533aff6dff1410ab3f54d08eb3
SHA256

a8b0dcfbb2b9569817c56b294dea3b4133f604c731394699978c087887a68caf
SHA512

9fbbb5771e3c7cd3b19117457e5cef528329e8ce29029f6c302297cf6ebfaf8b3a66bc1b99ad25fc9391e78bd1c3fc598b10b0ebca69e6385665539e2ff443b2
SSDEEP

1536:FD3IQqxdm4CGUtl2PgkSxrm/c4bMMeS/nVjWyCmc5SGVkm4Xxfpj+NreMp:d38xd7Cfl2PDamJb3eS/AJovPE

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0ede8327bcb476283e689965ef2f4032_JaffaCakes118

Files

0ede8327bcb476283e689965ef2f4032_JaffaCakes118
.exe windows:5 windows x86 arch:x86

689420b1e1573bca33f8779da28f2870

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

E:\ekCaXOb\aXQe\fdUwNW\ENvHlfM.pdb

Imports

ntdll

_aullrem

kernel32

CancelWaitableTimer
GetDateFormatW
lstrlenW
GlobalFindAtomW
WaitForMultipleObjects
MulDiv
LoadLibraryW
VerifyVersionInfoW
GetTempPathA
LoadLibraryExA
FileTimeToSystemTime
GetSystemDirectoryA

gdi32

GetTextExtentPointW
GetRgnBox
DeleteObject
ExtTextOutA
RemoveFontResourceW
SelectObject
CombineRgn

shlwapi

StrCmpNIW
PathIsUNCW
StrIsIntlEqualW

user32

GetWindowTextLengthA
GetMenuItemInfoW
IsCharAlphaW
GetWindowTextLengthW
LookupIconIdFromDirectory
CreateDialogIndirectParamW
GetClassInfoW
TrackPopupMenuEx
wsprintfW
PostThreadMessageW
GetClassLongA
SetPropW
RegisterClassExW

Exports

Exports

?BdrZNjHhCzpheshrPjmash@@YGPAXPADPAD@Z
?opPWhxhi@@YGPAEEM@Z
?cwxYtldZltkxorQtnnjyd@@YGJG@Z

Sections

.text
Size: 13KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 59KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.xdata
Size: 63KB - Virtual size: 63KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 30KB - Virtual size: 30KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

689420b1e1573bca33f8779da28f2870

Headers

File Characteristics

PDB Paths

Imports

ntdll

kernel32

gdi32

shlwapi

user32

Exports

Exports

Sections

.text Size: 13KB - Virtual size: 12KB

.data Size: 3KB - Virtual size: 59KB

.pdata Size: 4KB - Virtual size: 4KB

.idata Size: 1KB - Virtual size: 1KB

.xdata Size: 63KB - Virtual size: 63KB

.rsrc Size: 30KB - Virtual size: 30KB

.reloc Size: 2KB - Virtual size: 2KB

.text
Size: 13KB - Virtual size: 12KB

.data
Size: 3KB - Virtual size: 59KB

.pdata
Size: 4KB - Virtual size: 4KB

.idata
Size: 1KB - Virtual size: 1KB

.xdata
Size: 63KB - Virtual size: 63KB

.rsrc
Size: 30KB - Virtual size: 30KB

.reloc
Size: 2KB - Virtual size: 2KB