2611bd590212d78898964faed560a035_JaffaCakes118

General

Target

2611bd590212d78898964faed560a035_JaffaCakes118
Size

57KB
MD5

2611bd590212d78898964faed560a035
SHA1

5295af466feb02d6462a87150d34bd30643cb294
SHA256

41ed004f049e4a6f9698f33826b63f4a60ea3837ec3c9fee87c739fa4cb7848b
SHA512

e79c0925ba93e5f42bdb6188dafbd8ba150c59399ede7b967de0118eec751cf1ae9c3e8a8936a3227d89a4de6a761cd0fd66c6d7abc41764f90d2d7886704151
SSDEEP

1536:O/b6lTXifq3YS+L952gFY22zUAb0aXjLWw:O/sTXiiYSm952MY2jQuw

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2611bd590212d78898964faed560a035_JaffaCakes118

Files

2611bd590212d78898964faed560a035_JaffaCakes118
.exe windows:5 windows x86 arch:x86

8400da3b8060a6b0245a280b36fe6239

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

J:\jeMprv\hgieVaN\Vymt\KYzzfofT.pdb

Imports

gdi32

GetRgnBox
SetBoundsRect
Escape
GetTextExtentExPointW
SetBkMode
UnrealizeObject
GetDeviceCaps
CreateFontIndirectW
GetTextMetricsA

comdlg32

ChooseFontW
ChooseColorW

user32

FindWindowExA
GetMenu
ClipCursor
CharLowerW
RegisterWindowMessageA
IsWindowUnicode
GetActiveWindow
CreateWindowExA
TabbedTextOutW
ShowWindowAsync
CharUpperW
CharToOemBuffW

kernel32

GetPriorityClass
GetSystemDirectoryW
CreateWaitableTimerW
MultiByteToWideChar
GetLocaleInfoA
GetLastError
CreateFileW
SetFileTime
GetFullPathNameW
HeapDestroy
lstrcmpW
GetCommConfig
SetThreadPriority
SetEndOfFile

Exports

Exports

?RqpjpXaflslpdt@@YG_NJPAG@Z
?XemvQjadfdbxbqgwawI@@YGPAHJ@Z
?Pvjfpebunrj@@YGFK@Z
?WrkfqamxGfJwKm@@YGPAHGPAI@Z
?Birtxwnvlpbhaq@@YGPAKPAD@Z
?EtgzvMatmsvptWuk@@YGF_N@Z
?Eikpdapfvxktsuvpsheov@@YGHJM@Z

Sections

.text
Size: 20KB - Virtual size: 19KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 17KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 76KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

8400da3b8060a6b0245a280b36fe6239

Headers

File Characteristics

PDB Paths

Imports

gdi32

comdlg32

user32

kernel32

Exports

Exports

Sections

.text Size: 20KB - Virtual size: 19KB

.rdata Size: 17KB - Virtual size: 17KB

.data Size: 12KB - Virtual size: 76KB

.rsrc Size: 4KB - Virtual size: 4KB

.reloc Size: 2KB - Virtual size: 1KB

.text
Size: 20KB - Virtual size: 19KB

.rdata
Size: 17KB - Virtual size: 17KB

.data
Size: 12KB - Virtual size: 76KB

.rsrc
Size: 4KB - Virtual size: 4KB

.reloc
Size: 2KB - Virtual size: 1KB