ebc978529ca612744951864e687132bf_JaffaCakes118 | Triage

Sharing

General

Target

ebc978529ca612744951864e687132bf_JaffaCakes118
Size

55KB
MD5

ebc978529ca612744951864e687132bf
SHA1

1431f47f9887416c4767ca24fcc4acf6100e64e0
SHA256

6e92ac54163604f61507c1d816dac368e2195555517ac70f380b7d8d1a317a9f
SHA512

140ab1119c9d6a60a1dd50aa44984c355f44a3b7720a6e823b1fbcccefe5b04dcd2916a9765cc1b62fd0af07fddbf1defc7e15943a04bc4594f626ea97866833
SSDEEP

768:0Rviavs7+c+H9mQYqzP637Hruh7ne2fWeqptXuxXcX1bT4AIUSh:0RqavVc+H9fY137HrlKWfuxm1bT40u

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ebc978529ca612744951864e687132bf_JaffaCakes118

Files

ebc978529ca612744951864e687132bf_JaffaCakes118
.exe windows:5 windows x86 arch:x86

8a617f7c4956d14bce8fa5740b30c0bd

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

J:\DiYjSo\ehgpDDQe\XmzjoU\exqWcs.pdb

Imports

gdi32

GetTextAlign
CreateFontW
RoundRect
CreateRoundRectRgn
PtVisible
GetTextFaceW
WidenPath
EndDoc

kernel32

lstrlenW
lstrcpynA
GetVersionExA
GetTimeZoneInformation
GetFileInformationByHandle
GlobalReAlloc
SetHandleCount
lstrlenA
GetTempFileNameA
GlobalGetAtomNameA
CloseHandle
GetThreadPriority
HeapDestroy

user32

CharToOemBuffA
GetNextDlgGroupItem
GetQueueStatus
InSendMessage
wsprintfA
InternalGetWindowText
DispatchMessageW
SetScrollPos
FindWindowW
SetCaretPos
CreateDialogParamA
FindWindowA

Exports

Exports

?bocwSqntczzHA@@YGKPAEM@Z
?vzqynErnkepwjdfQye@@YGMJ@Z
?cjlkjFnZnrriAvAuwk@@YGMPAM@Z
?arBPArXsKtrmWYp@@YGJM@Z
?byXclYripxmGud@@YGGKD@Z

Sections

.text
Size: 14KB - Virtual size: 14KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 18KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 14KB - Virtual size: 202KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 6KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ