f06afb57e1c0de2576995d7b83ee3fbd_JaffaCakes118

General

Target

f06afb57e1c0de2576995d7b83ee3fbd_JaffaCakes118
Size

81KB
MD5

f06afb57e1c0de2576995d7b83ee3fbd
SHA1

096a0fa164d0a321eee7d16566a1910f20131fa5
SHA256

d4622f4182ec36ba182b6188fb2db2734d1afd306c68f83931a4ce017e6ab844
SHA512

7135b7de0f897ce6c0f506192fb0d7f082969128ea860f24ad00a969e0d35321b6edd14df2871992f3c9dd27225c0904096aeb951f1b6065d2cd0bf6de5e5895
SSDEEP

1536:apbwiYUEsH1CT4JE89exS0Xin0o2AteJbIzTsFdW:QbwD+1AU9e0kW0oPWbIzTsFdW

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f06afb57e1c0de2576995d7b83ee3fbd_JaffaCakes118

Files

f06afb57e1c0de2576995d7b83ee3fbd_JaffaCakes118
.exe windows:4 windows x86 arch:x86

5eed596fd945af7b264d791fe02635ea

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetACP
lstrcpyA
GetACP
FreeLibrary
GetACP
lstrcatA
GetACP
ExitProcess
GetACP
GetCommandLineA
GetACP
lstrcpynA
GetACP
GetLastError
GetACP
GetStdHandle
GetACP
GetCPInfo
GetACP
GetConsoleCP
GetModuleFileNameA
lstrcmpA
GetDateFormatA
lstrcpyA
GetLocalTime
lstrlenA
lstrcmpiA
GlobalFree
GetStringTypeA
GetFileAttributesA
GetLastError
GetModuleHandleA
lstrcatA
GetCPInfo
Sleep
GetStringTypeW
lstrcpynA
GetFileSize
WideCharToMultiByte

advapi32

RegLoadKeyA
RegReplaceKeyA
RegCreateKeyExA
RegEnumValueW
RegEnumValueA
RegEnumKeyExW
RegOpenKeyA
RegDeleteKeyW
RegQueryValueExA
RegEnumKeyA
RegDeleteValueW
RegOpenKeyExW
RegQueryValueA
RegQueryValueW
RegDeleteValueA
RegQueryInfoKeyW
RegQueryValueExW
RegEnumKeyW
RegFlushKey

user32

DialogBoxParamA
EndDialog
GetWindowTextLengthA
LoadMenuA
DrawIcon
CalcMenuBar
GetMenu
AppendMenuA
LoadCursorA
CopyImage
CopyRect
CopyIcon
CreateIcon
IsWindow
DrawIconEx
AppendMenuW
DrawTextW
AlignRects
GetFocus
InsertMenuA

Sections

.tadt
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.raata
Size: 46KB - Virtual size: 45KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.eddaa
Size: 10KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bas
Size: - Virtual size: 3KB

IMAGE_SCN_MEM_READ

.rddc
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

5eed596fd945af7b264d791fe02635ea

Headers

File Characteristics

Imports

kernel32

advapi32

user32

Sections

.tadt Size: 10KB - Virtual size: 10KB

.raata Size: 46KB - Virtual size: 45KB

.eddaa Size: 10KB - Virtual size: 14KB

.bas Size: - Virtual size: 3KB

.rddc Size: 9KB - Virtual size: 9KB

.rsrc Size: 1024B - Virtual size: 4KB

.tadt
Size: 10KB - Virtual size: 10KB

.raata
Size: 46KB - Virtual size: 45KB

.eddaa
Size: 10KB - Virtual size: 14KB

.bas
Size: - Virtual size: 3KB

.rddc
Size: 9KB - Virtual size: 9KB

.rsrc
Size: 1024B - Virtual size: 4KB