fd8cde4fce2e930573f6b3370ce2dcd9_JaffaCakes118 | Triage

Sharing

General

Target

fd8cde4fce2e930573f6b3370ce2dcd9_JaffaCakes118
Size

55KB
MD5

fd8cde4fce2e930573f6b3370ce2dcd9
SHA1

a45eb2361c193aa767999451f8b8c12816e84755
SHA256

48c3962d596f544bb81ca9611ae05ff43dfd3ec75c25a14893bd8046bf65dde1
SHA512

4b025af9f8163f18cec4945a9fe3fef41952c22ce2b0c5c6e0f9ceaead8c2a1311441b647ba187f07aa4dce87f3198228df1be1ed517f1e11e96ecf18d57609d
SSDEEP

768:0mLo7/XN+cajNfgFBUTQ/vP5fLSNPRwWG4YCvV2PiD7CXuxXcX1Sh0wNl1W5NEkn:0jDd+f5fgHCMvhfuPnGgU6DMuxm1S4n

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
fd8cde4fce2e930573f6b3370ce2dcd9_JaffaCakes118

Files

fd8cde4fce2e930573f6b3370ce2dcd9_JaffaCakes118
.exe windows:5 windows x86 arch:x86

d181ad176c934b41b6ad212499bfc3b6

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

X:\Cwgw\xgovLrf\piffflue\zaktP.pdb

Imports

user32

DrawIcon
FindWindowW
MapDialogRect
FindWindowA
wsprintfA
SetTimer
GetDlgItem
ChildWindowFromPoint
GetQueueStatus
DefWindowProcW
IsCharAlphaW
EnumWindows
SetDlgItemTextW

kernel32

lstrcpynW
LocalLock
GetSystemDirectoryA
FoldStringW
HeapReAlloc
SetLocalTime
lstrlenA
SetCurrentDirectoryW
lstrlenW
GetModuleHandleW
ResumeThread
lstrcatA

gdi32

EnumFontFamiliesExW
CreateRoundRectRgn
CreateCompatibleBitmap
SetLayout
CreatePalette
SetViewportOrgEx
StretchBlt

Exports

Exports

?vdPiylfKhrjjmPWb@@YGPA_NH@Z
?BtkoTibrwANw@@YGXPADN@Z
?dpraPdDkoq@@YGMPAK@Z
?gatwhwVzTt@@YGMPAG@Z
?llssBYb@@YGPANPA_NPAK@Z
?wnGGbkKbeaJInfhrt@@YGPAGEK@Z

Sections

.text
Size: 15KB - Virtual size: 14KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 19KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 14KB - Virtual size: 202KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ