JaffaCakes118_8af1d340b454a1be3badaca66cbe8b2b

General

Target

JaffaCakes118_8af1d340b454a1be3badaca66cbe8b2b
Size

182KB
MD5

8af1d340b454a1be3badaca66cbe8b2b
SHA1

be3bf8fe4de5cba24c3ed16e02dbd8c721db26a9
SHA256

e6be7b1924d058804c0a7bfc5183a5fdc99acf1df65d36102889eab28ef5fcc2
SHA512

ef9b1ab17a2f0e002e45fb701fed82a155c2b49d2e22730c07a5f301d7145bde5d7a94b4e1e3938ce5ae7bb10987af0ffa1591988972ecd4a9ac50dad384a0cb
SSDEEP

3072:ODo/CKXbDkeyQhR248wB90FCIre9d8Xp2vd1bI/HcqiEY:ODo/Cleyc44Z07re9wpEd1c/bC

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
JaffaCakes118_8af1d340b454a1be3badaca66cbe8b2b

Files

JaffaCakes118_8af1d340b454a1be3badaca66cbe8b2b
.exe windows:5 windows x86 arch:x86

250219bc1e9ca76dd852f09c23e6643f

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

Y:\eqrYi\DvGoj\ygaqw.pdb

Imports

gdi32

RectInRegion
CreateDCW
GetObjectA
RectVisible
GetROP2

shlwapi

ChrCmpIW
PathGetArgsA

msvcrt

strcpy
fread
time
islower
strcoll
mktime

kernel32

GetTempPathA
HeapValidate
OpenEventW
GetTickCount
GetThreadTimes
TerminateThread
WaitForSingleObject

user32

PostMessageW
ChildWindowFromPoint
GetActiveWindow
ShowWindowAsync
GetCaretBlinkTime
IsChild
DrawTextA
GetForegroundWindow
wvsprintfW
SetClassLongW
GetAsyncKeyState
SetFocus
GetKBCodePage
GetWindowLongW

comctl32

ImageList_Remove
ImageList_GetIconSize
CreateStatusWindowW

Exports

Exports

?OwYPwutky@@YGKGPAF@Z
?aOuRuQjnp@@YGMF@Z
?SeunOQHTipwTgvotas@@YGEE_N@Z
?ffuwrrKhKb@@YGXDPAM@Z

Sections

.itext
Size: 512B - Virtual size: 512B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

DATA
Size: 152KB - Virtual size: 232KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

CODE
Size: 17KB - Virtual size: 17KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 1024B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

250219bc1e9ca76dd852f09c23e6643f

Headers

File Characteristics

PDB Paths

Imports

gdi32

shlwapi

msvcrt

kernel32

user32

comctl32

Exports

Exports

Sections

.itext Size: 512B - Virtual size: 512B

DATA Size: 152KB - Virtual size: 232KB

CODE Size: 17KB - Virtual size: 17KB

.rdata Size: 1024B - Virtual size: 1024B

.rsrc Size: 8KB - Virtual size: 8KB

.reloc Size: 2KB - Virtual size: 1KB

.itext
Size: 512B - Virtual size: 512B

DATA
Size: 152KB - Virtual size: 232KB

CODE
Size: 17KB - Virtual size: 17KB

.rdata
Size: 1024B - Virtual size: 1024B

.rsrc
Size: 8KB - Virtual size: 8KB

.reloc
Size: 2KB - Virtual size: 1KB