180feef97ae48347b41e4f5e008c5445_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

180feef97ae48347b41e4f5e008c5445_JaffaCakes118
Size

107KB
MD5

180feef97ae48347b41e4f5e008c5445
SHA1

235d90b70da2b2dd06377d7347e99bbcd4bbed3d
SHA256

70497da1a550a4bf656ff8cc3f4ed3ab366dcdfbf25be86cef461d5e966b2734
SHA512

1cbc702da048f9a1f62257b7edaa4d272710492a5203def6c1b1e9bc5c7ba2a6e1e237fe10f3ea8d8bca868e6c29a2b6db90518319731c70aa2c060f222305fa
SSDEEP

3072:qbKat1VBTAEsO+mynsRuxGGFHh7GXpNuq5bC:qbKavDsO7ZulJVGXXr5bC

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
180feef97ae48347b41e4f5e008c5445_JaffaCakes118

Files

180feef97ae48347b41e4f5e008c5445_JaffaCakes118
.exe windows:5 windows x86 arch:x86

dfe26415c6ba6007036931fde9b45391

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

H:\ipZihdry\Ytjr\qfbxrAir\kFlwr.pdb

Imports

user32

GetClipCursor
CharUpperBuffW
UnionRect
GetProcessDefaultLayout
GetWindowTextA
MonitorFromPoint
LoadCursorW
GetMenuStringW
IsWindowUnicode
CharPrevW
MapDialogRect
AllowSetForegroundWindow
CreateDialogParamW
GetForegroundWindow

gdi32

AddFontResourceW
GetTextExtentPointW
CreatePen
PathToRegion
SetBkColor
SetMapMode
GetViewportOrgEx
UnrealizeObject

comdlg32

ChooseColorW
PageSetupDlgW
GetOpenFileNameW
ChooseFontW

comctl32

CreatePropertySheetPageW
ImageList_Create
PropertySheetW

kernel32

OpenFile
TransactNamedPipe
lstrcmpW
SetupComm
UnhandledExceptionFilter
FlushFileBuffers
GetModuleHandleW
GetSystemDefaultLCID
lstrlenW
GetProcAddress
CreateNamedPipeW
GlobalReAlloc
GetTickCount
WaitForMultipleObjectsEx
WinExec

Exports

Exports

?brAfRna@@YGEPA_NH@Z
?zsmqzwqmit@@YGMHI@Z
?mcrroOXytjVwSkAnzl@@YGPAEPAF@Z
?veYkyWwivRxua@@YGEIH@Z
?namhAOibqPoWagTQuuiRfV@@YGPAXPAD@Z

Sections

.text
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.crt
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 241B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 79KB - Virtual size: 79KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

dfe26415c6ba6007036931fde9b45391

Headers

File Characteristics

PDB Paths

Imports

user32

gdi32

comdlg32

comctl32

kernel32

Exports

Exports

Sections

.text Size: 16KB - Virtual size: 15KB

.data Size: 4KB - Virtual size: 12KB

.crt Size: 4KB - Virtual size: 4KB

.edata Size: 512B - Virtual size: 241B

.rsrc Size: 79KB - Virtual size: 79KB

.reloc Size: 2KB - Virtual size: 1KB

.text
Size: 16KB - Virtual size: 15KB

.data
Size: 4KB - Virtual size: 12KB

.crt
Size: 4KB - Virtual size: 4KB

.edata
Size: 512B - Virtual size: 241B

.rsrc
Size: 79KB - Virtual size: 79KB

.reloc
Size: 2KB - Virtual size: 1KB