96247e0abc27b8dfcd68bd93b8ec8838_JaffaCakes118

General

Target

96247e0abc27b8dfcd68bd93b8ec8838_JaffaCakes118
Size

78KB
MD5

96247e0abc27b8dfcd68bd93b8ec8838
SHA1

87d39f379279a007ee1d80797bef8818422ab2bd
SHA256

fac63840d14aa1b12615dff9ff6b125984f300cc1fdeede80b17b4be7c4f0de1
SHA512

e9e4c529d8a8aa8492b02c7bef1664fcf491fe259a4bf984ed3754cabff724f896172901171d8e0496c8694653e792c043b3abdb07471539f4abf8c02bffcf3d
SSDEEP

1536:s8NmWji1eQFC0bVs+nIypfaTFIqWgaKREgmZlTzYnnnvfaa:s8Nri1eabVDIKfaCqnaJfTEnvj

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
96247e0abc27b8dfcd68bd93b8ec8838_JaffaCakes118

Files

96247e0abc27b8dfcd68bd93b8ec8838_JaffaCakes118
.exe windows:5 windows x86 arch:x86

6b4bacf7c951151a94afcf5b968a7926

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

R:\vnyH\EnCYti\agHsyvgc.pdb

Imports

user32

WindowFromPoint
TranslateMessage
PostThreadMessageW
wsprintfW
CopyRect
GetShellWindow
LoadAcceleratorsW
ShowScrollBar
AdjustWindowRect
IsCharAlphaNumericW
IsWindowEnabled
GetWindowContextHelpId

gdi32

WidenPath
ExtFloodFill
GetObjectW
SetWindowOrgEx
Escape
CombineRgn
SetPixel
UnrealizeObject

kernel32

GlobalDeleteAtom
SearchPathW
LockFile
RemoveDirectoryW
CreateWaitableTimerA
GetSystemDefaultUILanguage
InterlockedIncrement
GlobalFindAtomW
LoadResource
GlobalAddAtomA
GetStdHandle
GetCurrentThread
SetStdHandle

Exports

Exports

?mWKZsLyyiSfokHkqeKp@@YGXK@Z
?gkfhKyTsyLpmlucixDq@@YGKHI@Z
?yPNnXzOk@@YGJDPAF@Z
?jFwkqhVWfOUYogRgjcznr@@YGPANPAN@Z
?cntZjGxdkiyfJstymcb@@YGFF@Z
?kTtkqbbyCZcSJzfvUoucq@@YGPAXE@Z
?vsabSidFcuncE@@YGPAJPAD@Z

Sections

.text
Size: 33KB - Virtual size: 33KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.itext
Size: 512B - Virtual size: 144B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 31KB - Virtual size: 31KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rdata
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 3KB - Virtual size: 95KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

6b4bacf7c951151a94afcf5b968a7926

Headers

File Characteristics

PDB Paths

Imports

user32

gdi32

kernel32

Exports

Exports

Sections

.text Size: 33KB - Virtual size: 33KB

.itext Size: 512B - Virtual size: 144B

.rsrc Size: 31KB - Virtual size: 31KB

.rdata Size: 5KB - Virtual size: 5KB

.data Size: 3KB - Virtual size: 95KB

.reloc Size: 4KB - Virtual size: 4KB

.text
Size: 33KB - Virtual size: 33KB

.itext
Size: 512B - Virtual size: 144B

.rsrc
Size: 31KB - Virtual size: 31KB

.rdata
Size: 5KB - Virtual size: 5KB

.data
Size: 3KB - Virtual size: 95KB

.reloc
Size: 4KB - Virtual size: 4KB