56345813d41f4358a59d5fd897fb2bd1_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

56345813d41f4358a59d5fd897fb2bd1_JaffaCakes118
Size

38KB
MD5

56345813d41f4358a59d5fd897fb2bd1
SHA1

60d26fb13cea318d09be46ecc57a30a318cffabd
SHA256

a6c8292051d8741c1d0f2895ce5b64ad851049553cbebe18f6ffa60cc9102bfe
SHA512

5a4fbe2deb36078e593c93a0654a3c039f827c740254d6c6862d6767c87eee58bffb56aa82d5ee5787beafe3682bbb575e1ca92d1f3aa31ae6459c9cb13b7459
SSDEEP

768:pZLw6CzdNt/bhwButtrM4yjRx1HXMdhNNutEg5iy5leVO8bs4UX:pZwDzJbsut9kp8dTNutEkiMyRY

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/1003813461.malware.sample

Files

56345813d41f4358a59d5fd897fb2bd1_JaffaCakes118
.zip
1003813461.malware.sample
.exe windows:5 windows x86 arch:x86

7d74c44297bb3a66c2c7bf15d4d5aad3

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

E:\yKdfdbm\lGknijrS\lJpjtU.pdb

Imports

user32

InternalGetWindowText
wsprintfW
DefDlgProcW
DestroyCursor
AdjustWindowRect
InSendMessage
ClientToScreen
DefFrameProcA
GetMenu
MapDialogRect
GetActiveWindow
LoadIconA
GetPropW
SetRectEmpty

gdi32

GetFontData
EnumFontsW
PathToRegion
CreateHatchBrush
CreateRectRgnIndirect
GetTextExtentPoint32A

shlwapi

StrSpnW
PathGetArgsW

kernel32

SetStdHandle
SuspendThread
GetModuleFileNameW
GetFileType
FindResourceExW
GetLocaleInfoW
LocalAlloc
EnumResourceTypesA
InterlockedExchangeAdd
MoveFileExW
GetFileAttributesExW
LCMapStringA
GetCommConfig
GlobalHandle

comctl32

DestroyPropertySheetPage
ImageList_Create
ImageList_Write
CreateStatusWindowW

Exports

Exports

?pgeZhCHkQjsoQnbjmn@@YGPAKPADPAH@Z
?bcAwXgiLanpsyciddTu@@YGPAMPAM@Z
?eiGlrvjnYspchwczsSevou@@YGPAIPAM@Z
?yxjJzjOFox@@YGGD@Z
?fKuiTfvh@@YGPAFPAH@Z

Sections

.text
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.itext
Size: 512B - Virtual size: 180B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.import
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 190KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 31KB - Virtual size: 31KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

7d74c44297bb3a66c2c7bf15d4d5aad3

Headers

File Characteristics

PDB Paths

Imports

user32

gdi32

shlwapi

kernel32

comctl32

Exports

Exports

Sections

.text Size: 11KB - Virtual size: 11KB

.itext Size: 512B - Virtual size: 180B

.import Size: 2KB - Virtual size: 1KB

.data Size: 2KB - Virtual size: 190KB

.rdata Size: 3KB - Virtual size: 3KB

.rsrc Size: 31KB - Virtual size: 31KB

.reloc Size: 2KB - Virtual size: 1KB

.text
Size: 11KB - Virtual size: 11KB

.itext
Size: 512B - Virtual size: 180B

.import
Size: 2KB - Virtual size: 1KB

.data
Size: 2KB - Virtual size: 190KB

.rdata
Size: 3KB - Virtual size: 3KB

.rsrc
Size: 31KB - Virtual size: 31KB

.reloc
Size: 2KB - Virtual size: 1KB