edeea2b8b2a6e9de437cf05e4039bbbe_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

edeea2b8b2a6e9de437cf05e4039bbbe_JaffaCakes118
Size

80KB
MD5

edeea2b8b2a6e9de437cf05e4039bbbe
SHA1

0b8e62cceb74576b0e7ec9a60e83be9118112d05
SHA256

f40626226443f3909682a8409588803a7f3ff962359fe4a0ada6fdef508b0a4a
SHA512

0904410a32ef781139a0cdb4d4ddaa2d09f9a0a07a14e4de54678e779cd665f720f8536ac3dbbfc2d6c1b774d9e6fcd0fcf88d7d1cdff05739fa11568ee453b5
SSDEEP

1536:xxow+E1Y4/6+dEkkentiJwd73Ci+YI+7:fjztERetiw7p+W

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
edeea2b8b2a6e9de437cf05e4039bbbe_JaffaCakes118

Files

edeea2b8b2a6e9de437cf05e4039bbbe_JaffaCakes118
.exe windows:4 windows x86 arch:x86

989afb8fc8407f0094e92d56bb5cdae7

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RegOpenKeyW
RegEnumKeyA
RegOpenKeyExA
RegReplaceKeyA
RegEnumKeyExW
RegCreateKeyExW
RegDeleteKeyA
RegEnumValueA
RegQueryInfoKeyW
RegCreateKeyExA
RegQueryValueA
RegDeleteKeyW
RegQueryInfoKeyA
RegGetKeySecurity
RegEnumValueW
RegLoadKeyW
RegQueryValueW
RegOpenKeyExW
RegQueryValueExW

user32

AppendMenuA
DrawTextW
DialogBoxParamW
EndDialog
GetMenu
AppendMenuW
InsertMenuA
DrawIcon
BlockInput
GetDC
CopyImage
CopyIcon
CreateIcon
IsMenu
GetFocus
GetWindowTextLengthA

kernel32

SetLastError
GetFileTime
GetCPInfo
GetComputerNameA
OpenFile
GetCommandLineA
FindFirstFileA
DeleteFileA
GetConsoleMode
CopyFileW
OpenFileMappingA
DeleteFileW
GetFileSize
CopyFileExA
GetStdHandle
ExitThread
GetLastError
CreateThread
GlobalFree
CopyFileA

gdi32

AbortPath
GetClipBox
AddFontResourceExA
GetPixel
BeginPath
ExtTextOutA
GetBitmapBits
DeleteDC
GetPixel
AddFontResourceTracking
BitBlt
AddFontMemResourceEx
SetTextColor
AddFontResourceExW
AddFontResourceW
ClearBitmapAttributes

comctl32

ImageList_Draw
ImageList_LoadImageA
ImageList_DragMove
ImageList_Copy
ImageList_Destroy
ImageList_Replace
InitCommonControls
ImageList_GetImageRect
ImageList_GetIcon
ImageList_GetDragImage
ImageList_DrawIndirect
ImageList_AddMasked
ImageList_ReplaceIcon
ImageList_AddIcon
ImageList_DragShowNolock
ImageList_LoadImageW
ImageList_DragLeave

Sections

.text
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 60KB - Virtual size: 196KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

989afb8fc8407f0094e92d56bb5cdae7

Headers

File Characteristics

Imports

advapi32

user32

kernel32

gdi32

comctl32

Sections

.text Size: 8KB - Virtual size: 4KB

.rdata Size: 4KB - Virtual size: 2KB

.data Size: 60KB - Virtual size: 196KB

.rsrc Size: 4KB - Virtual size: 2KB

.text
Size: 8KB - Virtual size: 4KB

.rdata
Size: 4KB - Virtual size: 2KB

.data
Size: 60KB - Virtual size: 196KB

.rsrc
Size: 4KB - Virtual size: 2KB