2e605faf232e5ae29a50b993cbaab9ef_JaffaCakes118

General

Target

2e605faf232e5ae29a50b993cbaab9ef_JaffaCakes118
Size

98KB
MD5

2e605faf232e5ae29a50b993cbaab9ef
SHA1

a6fff116729f33e788cef81097a93664f64c2679
SHA256

e2286763be9796608704187c93bcff51d2a36fe863247460b9119a35aeac05b5
SHA512

1b396703898e89f8585d64eca681c00c805d8371631363083b731694ca2b674e512806e8683ee43c2aef58607bd54f30908998cb98beb7b40520ef5b981520e1
SSDEEP

1536:v3+VMCpMdooE5jsbJqXyI1vjqgaY+4zddCaRE4l0Ugg/ozxqoiR2VmtY:v3aDMdA5jsbcXlX+0dCay4l6Aoww

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2e605faf232e5ae29a50b993cbaab9ef_JaffaCakes118

Files

2e605faf232e5ae29a50b993cbaab9ef_JaffaCakes118
.exe windows:5 windows x86 arch:x86

4f26e8bc890a950899bcd5fba801bd72

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

U:\FirmWork\Studio\Common\Bin.exe

Imports

user32

GetKeyState
IsCharAlphaW
GetQueueStatus
GetMessageTime

kernel32

GetProcessHeap

Exports

Exports

?FancyBack@@YGGPAUHKEY__@@PAUHPALETTE__@@@Z
?OptimusIO@@YGGPAUHKEY__@@PAUHPALETTE__@@@Z
?OptionWindowGear@@YGGPAUHKEY__@@PAUHPALETTE__@@@Z
?RegardSeven@@YGGPAUHKEY__@@PAUHPALETTE__@@@Z
?RightApocoloptus@@YGGPAUHKEY__@@PAUHPALETTE__@@@Z
?SecureCheck@@YGGPAUHKEY__@@PAUHPALETTE__@@@Z
?SignSetupUp@@YGGPAUHKEY__@@PAUHPALETTE__@@@Z
?SmeltIron@@YGGPAUHKEY__@@PAUHPALETTE__@@@Z
?StrongFontW@@YGGPAUHKEY__@@PAUHPALETTE__@@@Z
?TaleRevert@@YGGPAUHKEY__@@PAUHPALETTE__@@@Z

Sections

.text
Size: 75KB - Virtual size: 74KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.iat
Size: 1024B - Virtual size: 282KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.data1
Size: 13KB - Virtual size: 37KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

sprlgwf
Size: - Virtual size: 4KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

4f26e8bc890a950899bcd5fba801bd72

Headers

File Characteristics

PDB Paths

Imports

user32

kernel32

Exports

Exports

Sections

.text Size: 75KB - Virtual size: 74KB

.data Size: 3KB - Virtual size: 2KB

.rsrc Size: 2KB - Virtual size: 2KB

.iat Size: 1024B - Virtual size: 282KB

.reloc Size: 2KB - Virtual size: 1KB

.data1 Size: 13KB - Virtual size: 37KB

sprlgwf Size: - Virtual size: 4KB

.text
Size: 75KB - Virtual size: 74KB

.data
Size: 3KB - Virtual size: 2KB

.rsrc
Size: 2KB - Virtual size: 2KB

.iat
Size: 1024B - Virtual size: 282KB

.reloc
Size: 2KB - Virtual size: 1KB

.data1
Size: 13KB - Virtual size: 37KB

sprlgwf
Size: - Virtual size: 4KB