fcb1cfc8a8d0c796e1f454acfbe105dc_JaffaCakes118

General

Target

fcb1cfc8a8d0c796e1f454acfbe105dc_JaffaCakes118
Size

77KB
MD5

fcb1cfc8a8d0c796e1f454acfbe105dc
SHA1

fc4fdfbec42e2ce3cd038e8ec54b6f84eba5f6b3
SHA256

859206cd2b591a13bd530e8e1054fe47a413ad8693d5f6d897543dc96a64e0d7
SHA512

0126cc00a911c7666aaf58fcd548506d31292b0b883d7811aa0c2a4f8c05dfff290110f17e43bd8d10ae4c25c40d27f07f7cb1c9684d8097b8c8526f649969b7
SSDEEP

1536:vFwi1ZsINXY8ixQE2TPnV0FYew/fw8J/pfaTFIg1PmWgnCQLfnnnv9WXclw:vFwi1ZY8lVPew/fw8bfaCEQLfnvsslw

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
fcb1cfc8a8d0c796e1f454acfbe105dc_JaffaCakes118

Files

fcb1cfc8a8d0c796e1f454acfbe105dc_JaffaCakes118
.exe windows:5 windows x86 arch:x86

c57ae81d5e4c248fd0ba04264f00f0d5

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

N:\SRov\fPcxC\OzKabveS\zYlp\kiuXLNFm.pdb

Imports

user32

DrawStateW
UnionRect
WindowFromPoint
wsprintfW
CopyRect
GetWindowContextHelpId
ClipCursor
TabbedTextOutW
SetWindowTextW
EnableMenuItem
InvalidateRgn
RemovePropW
DrawFrameControl

kernel32

CallNamedPipeW
SetLastError
GetCurrentThread
LocalFileTimeToFileTime
WaitCommEvent
CreateThread
CancelIo
AddAtomW
InterlockedIncrement
WaitForMultipleObjectsEx
GetAtomNameW
GetComputerNameA
GetStartupInfoA

gdi32

PolyBezier
CreateCompatibleDC
SetWindowOrgEx
LineDDA
DeleteDC
SelectObject
GetObjectW
CreateBitmap
SetWindowExtEx

Exports

Exports

?jSqYemPFcUrgoswr@@YGXPAGI@Z
?chrzAGdkpRbOsjAP@@YGXPAFPAE@Z
?CFZCrpwTnTxn@@YGDGD@Z
?KycZdzisNVqQatlzsQ@@YGFPAI@Z
?GygKpcbkcjpcyqCk@@YGPAMPAF@Z
?tecLJshsoZV@@YGPAHPAMN@Z
?cPqoPFuqsYZr@@YGPA_NEPAJ@Z

Sections

.text
Size: 32KB - Virtual size: 32KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.itext
Size: 512B - Virtual size: 152B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 31KB - Virtual size: 31KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rdata
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 3KB - Virtual size: 99KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

c57ae81d5e4c248fd0ba04264f00f0d5

Headers

File Characteristics

PDB Paths

Imports

user32

kernel32

gdi32

Exports

Exports

Sections

.text Size: 32KB - Virtual size: 32KB

.itext Size: 512B - Virtual size: 152B

.rsrc Size: 31KB - Virtual size: 31KB

.rdata Size: 5KB - Virtual size: 5KB

.data Size: 3KB - Virtual size: 99KB

.reloc Size: 4KB - Virtual size: 3KB

.text
Size: 32KB - Virtual size: 32KB

.itext
Size: 512B - Virtual size: 152B

.rsrc
Size: 31KB - Virtual size: 31KB

.rdata
Size: 5KB - Virtual size: 5KB

.data
Size: 3KB - Virtual size: 99KB

.reloc
Size: 4KB - Virtual size: 3KB