5776ff84d473ce3d5b17810e4072d511_JaffaCakes118

General

Target

5776ff84d473ce3d5b17810e4072d511_JaffaCakes118
Size

219KB
MD5

5776ff84d473ce3d5b17810e4072d511
SHA1

5430e38a056e5495ef9c4f01401e836a44403597
SHA256

ad3f1daa7f60386aa15d88ecb98ebff16537099e905aabb890d5ed031e012203
SHA512

cba94874ebf74229d6e39fc3395dc748a8d38350d2e05fca91ed211bd13fddd59231292e02a3f77b8c204a8b3b89eb87136fbc3eb0db3a6d9a49a1b2fefb79e1
SSDEEP

6144:AlS/LBcDfmAZi0zdJpxgIJy84oraw1qTE6:LdcDeAItVmW

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5776ff84d473ce3d5b17810e4072d511_JaffaCakes118

Files

5776ff84d473ce3d5b17810e4072d511_JaffaCakes118
.exe windows:5 windows x86 arch:x86

f2d88349ff04ddefeb304cdc4a40ff68

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

S:\lrecsG\hqnIqdnu\ozhxN\nGrVpkqd\sDDQud.pdb

Imports

msvcrt

exit

gdi32

SetTextColor
CreateRectRgn
GetTextAlign
BitBlt
CreatePalette

kernel32

lstrlenW
SetWaitableTimer
ExitProcess
WaitCommEvent
CreatePipe
SetNamedPipeHandleState
CreateMutexA

user32

ExitWindowsEx
GetDlgItemTextW
GetWindowLongW
SetWindowLongW
PostThreadMessageA
CreatePopupMenu
wsprintfW
SwitchToThisWindow
LoadStringW
GetWindowTextW
wsprintfA
GetWindowTextLengthW
SetDlgItemTextA

shlwapi

StrRStrIA
ChrCmpIA
StrToInt64ExA

comdlg32

GetOpenFileNameW
ChooseFontW
GetOpenFileNameA

comctl32

CreateStatusWindowW
ImageList_Draw
ImageList_Destroy
PropertySheetA

Exports

Exports

?vJ_s__upf@@YGXMPAJ@Z
?VJAATQJGwR_DE_N_ECS@@YGXPAFPAD@Z
?DVugDTVR_TB@@YGFF@Z
?_jzYODZ_ta_OQszwh@@YGGPAJPAI@Z
?QUQTaeuGJQtk_yq_jFL_@@YGDJ@Z
?_UVIJW_FFJ_@@YGMPAIJ@Z
?__DCF___CMNR@@YGHPAN@Z
?LXD_MLUx__@@YGJPAG@Z

Sections

.text
Size: 63KB - Virtual size: 62KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 140KB - Virtual size: 300KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 1024B - Virtual size: 602B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f2d88349ff04ddefeb304cdc4a40ff68

Headers

File Characteristics

PDB Paths

Imports

msvcrt

gdi32

kernel32

user32

shlwapi

comdlg32

comctl32

Exports

Exports

Sections

.text Size: 63KB - Virtual size: 62KB

.data Size: 140KB - Virtual size: 300KB

.edata Size: 1024B - Virtual size: 602B

.rsrc Size: 12KB - Virtual size: 12KB

.reloc Size: 2KB - Virtual size: 1KB

.text
Size: 63KB - Virtual size: 62KB

.data
Size: 140KB - Virtual size: 300KB

.edata
Size: 1024B - Virtual size: 602B

.rsrc
Size: 12KB - Virtual size: 12KB

.reloc
Size: 2KB - Virtual size: 1KB