2c1afdad5d574621871d7456a8f77845_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

2c1afdad5d574621871d7456a8f77845_JaffaCakes118
Size

184KB
MD5

2c1afdad5d574621871d7456a8f77845
SHA1

15dec81c0b4d94cc15daa0dc8a7b4d31ee48c521
SHA256

9c5058b8c4adb3b66393acffa4fc383cf36a548c771b38efe0aaa893c53d6b6f
SHA512

e1339b2ba0237faee78d3d6e1aaeec8d746e73a8b0ac9a2d3e61637d383827ab064f00c8e5a6c86ce1b651db800f98ce73f9e714c725c695654376f63d2463b6
SSDEEP

3072:5P1tPZkmK/kygw6yDMWC0H1onjaIzOFN6gpxz/W38SczO86cwyRv6:5P1tRpE5MZAWZaFrVWtcwS

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2c1afdad5d574621871d7456a8f77845_JaffaCakes118

Files

2c1afdad5d574621871d7456a8f77845_JaffaCakes118
.exe windows:5 windows x86 arch:x86

edf86314fcadf13e7bd32e5ce0de776f

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

S:\ddTrIwws\Qwnwag\hxzpig\bcctHf\fkxSNnr.pdb

Imports

comctl32

ImageList_GetImageCount
ImageList_Draw

comdlg32

GetOpenFileNameW
PageSetupDlgW
GetOpenFileNameA

user32

RegisterClassExW
ToUnicodeEx
DispatchMessageA
DestroyWindow
TranslateAcceleratorW
GetScrollPos
GetWindow
IsDlgButtonChecked
CharNextExA
UnloadKeyboardLayout
ChildWindowFromPointEx
TabbedTextOutW
LoadIconW
SendNotifyMessageW

kernel32

LockResource
GetLocalTime
GetProcAddress
lstrlenW
GetCommModemStatus
GetModuleHandleW
GetCurrentThreadId
GetSystemTimeAdjustment
ReleaseSemaphore
FreeLibrary
lstrcmpiW
FlushViewOfFile

gdi32

Ellipse
GetWindowOrgEx
RealizePalette
SetPaletteEntries
GetDeviceCaps
FillRgn
SetViewportExtEx
SetDIBColorTable

ntdll

_aullrem

Exports

Exports

?egxyowprWcUc@@YGHPAI@Z
?arBPvjoobxEgomr@@YGGK@Z
?lJuvhxhutlUdAwmk@@YGPAHJ@Z
?blWzecQjlCq@@YGPAJJ@Z
?gwMolmqrKxQm@@YGPAMM@Z

Sections

.text
Size: 28KB - Virtual size: 27KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.edata
Size: 512B - Virtual size: 231B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 142KB - Virtual size: 210KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.crt
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

edf86314fcadf13e7bd32e5ce0de776f

Headers

File Characteristics

PDB Paths

Imports

comctl32

comdlg32

user32

kernel32

gdi32

ntdll

Exports

Exports

Sections

.text Size: 28KB - Virtual size: 27KB

.edata Size: 512B - Virtual size: 231B

.data Size: 142KB - Virtual size: 210KB

.crt Size: 4KB - Virtual size: 4KB

.rsrc Size: 4KB - Virtual size: 4KB

.reloc Size: 4KB - Virtual size: 3KB

.text
Size: 28KB - Virtual size: 27KB

.edata
Size: 512B - Virtual size: 231B

.data
Size: 142KB - Virtual size: 210KB

.crt
Size: 4KB - Virtual size: 4KB

.rsrc
Size: 4KB - Virtual size: 4KB

.reloc
Size: 4KB - Virtual size: 3KB