56378b8e73b38e2a106158066a702d47_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

56378b8e73b38e2a106158066a702d47_JaffaCakes118
Size

110KB
MD5

56378b8e73b38e2a106158066a702d47
SHA1

e636b7ce12273bc95ab419574b53b8ac809525e7
SHA256

61a5cac529960d31824b179a6640a75b1ae7c4fb30423ccb585aafb81cd6ae5f
SHA512

83ef406416868ec5473074bd22c1ee758073fe4b1ac18eb79b0ed5754332ef0a416304ab48f2a53024a0a4403ed02dd3819606aae5616e2bc12b0c5ec65e0a6a
SSDEEP

1536:x/fg92+dEGoObC4siz2Az3tQ2rX108bQfpP62tVKx3WplARAgoCCt:xA92aKOGxAz9D08Ef1628WplAnoRt

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
56378b8e73b38e2a106158066a702d47_JaffaCakes118

Files

56378b8e73b38e2a106158066a702d47_JaffaCakes118
.exe windows:5 windows x86 arch:x86

79d24b543c874eeeb6138cd3c0146437

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

B:\cirZ\tiNjYgi\pfYLhr\lvoelq.pdb

Imports

kernel32

ExitThread
EnumResourceLanguagesA
PulseEvent
GlobalSize
FindResourceExA
VirtualAlloc
lstrcmpiW
GlobalFindAtomW
SetTimerQueueTimer
LoadLibraryW
WriteFile
GetOverlappedResult
lstrlenW
GetProcAddress

user32

LoadImageA
GetPropW
DestroyAcceleratorTable
IsCharUpperA
LoadStringW
SetForegroundWindow
CheckMenuItem
BeginPaint
IsIconic
ScrollWindow
GetWindowLongW
ShowScrollBar
GetScrollInfo

comctl32

ImageList_Write
ImageList_Draw
ImageList_Create
CreatePropertySheetPageA

gdi32

TranslateCharsetInfo
CreateHatchBrush
WidenPath
SetViewportOrgEx
EndPath
SetBkColor
SelectPalette

shlwapi

StrCmpNW

Exports

Exports

?kmfelLpjwjQ@@YGHG@Z
?uaxqfpc@@YGID@Z
?deniTvZrjKbrd@@YGIPAJPAD@Z
?ECcRmqzxmvJwmskpiR@@YGXPAKM@Z

Sections

.text
Size: 18KB - Virtual size: 18KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.idata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.edata
Size: 512B - Virtual size: 194B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.temp
Size: 75KB - Virtual size: 75KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.crt
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

79d24b543c874eeeb6138cd3c0146437

Headers

File Characteristics

PDB Paths

Imports

kernel32

user32

comctl32

gdi32

shlwapi

Exports

Exports

Sections

.text Size: 18KB - Virtual size: 18KB

.idata Size: 1KB - Virtual size: 1KB

.edata Size: 512B - Virtual size: 194B

.temp Size: 75KB - Virtual size: 75KB

.data Size: 5KB - Virtual size: 17KB

.crt Size: 4KB - Virtual size: 4KB

.rsrc Size: 2KB - Virtual size: 2KB

.reloc Size: 2KB - Virtual size: 2KB

.text
Size: 18KB - Virtual size: 18KB

.idata
Size: 1KB - Virtual size: 1KB

.edata
Size: 512B - Virtual size: 194B

.temp
Size: 75KB - Virtual size: 75KB

.data
Size: 5KB - Virtual size: 17KB

.crt
Size: 4KB - Virtual size: 4KB

.rsrc
Size: 2KB - Virtual size: 2KB

.reloc
Size: 2KB - Virtual size: 2KB