ae98472ac1416c453d0317dfce986ad2_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

ae98472ac1416c453d0317dfce986ad2_JaffaCakes118
Size

61KB
MD5

ae98472ac1416c453d0317dfce986ad2
SHA1

f6a910beee0d5b7948f8edb11b5032f5d4953439
SHA256

11521347911af00d60d6cc34e1864f0d245d66dc6eceaeabe9efd3da6699185e
SHA512

469105064cd105371f291e84fc6bb67cfe67718451d2dfe52e79e987b7ee6e2ca6d3e7546877ca1dc5d8ae2e22447b64d38906884b0a7f1f13865e49a42a3a37
SSDEEP

1536:UdyQT88pJr0MY3cDmAOCOdAAlpvKXiK2pPoDORImU:0zT8IJQcedAUvKy79oDUI/

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ae98472ac1416c453d0317dfce986ad2_JaffaCakes118

Files

ae98472ac1416c453d0317dfce986ad2_JaffaCakes118
.exe windows:5 windows x86 arch:x86

a5ee9b5a8fd3ecc28a5cb9337efc9593

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

F:\nuwsj\scujm\tmogp\kpbMVTu\BdKyC.pdb

Imports

kernel32

PulseEvent
HeapAlloc
GetModuleFileNameW
FindNextChangeNotification
GlobalAddAtomA
SetSystemTimeAdjustment
GetModuleHandleW
GetCurrentThread
GetCommState
SetPriorityClass
InterlockedIncrement
QueryPerformanceCounter
ExitThread
GetModuleFileNameA

user32

ChildWindowFromPoint
WaitForInputIdle
EnumWindows
CopyRect
SetScrollRange
wsprintfW
AdjustWindowRectEx
GetMessageTime
RegisterClassExW
FindWindowExA
MonitorFromPoint
ScreenToClient

shlwapi

StrSpnW

gdi32

GetObjectA
ExcludeClipRect
StartPage
SetTextAlign
GetTextExtentPoint32W
SetPixel
ResizePalette
SetDIBitsToDevice

comdlg32

ChooseFontW
PrintDlgW
PrintDlgExW

Exports

Exports

?eJsugdnqimVzy@@YGXPAN@Z
?vTphyBcyHRoOpbwzuuf@@YGII@Z
?ezDypfKpgq@@YGX_N@Z
?swvlmmVAtOsil@@YGMI@Z
?IserpfevfRXahzuhlNx@@YGPAGFE@Z
?PgzwDmqEUknkihrmyxkr@@YGPAFD@Z
?RumoOwrqs@@YGKK_N@Z

Sections

.text
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.itext
Size: 512B - Virtual size: 172B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.import
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 2KB - Virtual size: 186KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 34KB - Virtual size: 34KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a5ee9b5a8fd3ecc28a5cb9337efc9593

Headers

File Characteristics

PDB Paths

Imports

kernel32

user32

shlwapi

gdi32

comdlg32

Exports

Exports

Sections

.text Size: 16KB - Virtual size: 15KB

.itext Size: 512B - Virtual size: 172B

.import Size: 2KB - Virtual size: 1KB

.rdata Size: 3KB - Virtual size: 3KB

.data Size: 2KB - Virtual size: 186KB

.rsrc Size: 34KB - Virtual size: 34KB

.reloc Size: 2KB - Virtual size: 1KB

.text
Size: 16KB - Virtual size: 15KB

.itext
Size: 512B - Virtual size: 172B

.import
Size: 2KB - Virtual size: 1KB

.rdata
Size: 3KB - Virtual size: 3KB

.data
Size: 2KB - Virtual size: 186KB

.rsrc
Size: 34KB - Virtual size: 34KB

.reloc
Size: 2KB - Virtual size: 1KB