f05805bf1ca861b55988f0a7db62e6d2_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

f05805bf1ca861b55988f0a7db62e6d2_JaffaCakes118
Size

87KB
MD5

f05805bf1ca861b55988f0a7db62e6d2
SHA1

87ea24b853fe6c0a6b237aba6fe1d85b5724322c
SHA256

77e72d82f552c081c96e2bd006d298039c337ae7792fe19c688b1e5124a88579
SHA512

c3004d8302f843c4eebb45760f4ebd7bce465ba8f1255dee4a93070f75285272b0459ea4477554fc164d1aeca297c68e421b8da0168ac7916abed09034be5732
SSDEEP

1536:vxTePoMsQ/Q/k7iwMBy0GN8Zpm/VXVdErzTlPm:vp4obo0VpoVDEvTE

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f05805bf1ca861b55988f0a7db62e6d2_JaffaCakes118

Files

f05805bf1ca861b55988f0a7db62e6d2_JaffaCakes118
.exe windows:4 windows x86 arch:x86

9516c748dd3070d94d1e8963603ed75e

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

Sleep
GetLogicalDrives
GetFileAttributesA
WideCharToMultiByte
GlobalFree
GetFileSize
GetLastError
DeleteFileA
HeapFree
GetOEMCP
GetFileType
GetModuleFileNameA
GetCommandLineA
lstrcmpiA
GetCPInfo
lstrcmpA
HeapAlloc
FreeLibrary
lstrcpyA
lstrcatA
GetModuleHandleA
FreeConsole
GetLocalTime
FreeConsole
GetStringTypeA
FreeConsole
GetLastError
FreeConsole
lstrcatA
FreeConsole
GlobalAlloc
FreeConsole
GetLogicalDrives
FreeConsole
GetCPInfo
FreeConsole
GetFileSize
FreeConsole
GetCommandLineW
FreeConsole

user32

BlockInput
GetFocus
CloseWindow
IsMenu
DialogBoxParamW
AppendMenuA
AlignRects
GetDlgItem
DialogBoxParamA
CopyRect
GetMenu
DrawIcon
IsWindow
CalcMenuBar
LoadMenuA
CopyIcon
CopyImage
DrawIconEx

advapi32

RegOpenKeyW
RegDeleteKeyA
RegOpenKeyExA
RegOpenKeyExW
RegDeleteKeyW
RegEnumValueA
RegCreateKeyExW
RegOpenKeyA
RegEnumKeyExW
RegDeleteValueA
RegGetKeySecurity
RegEnumKeyW
RegEnumValueW
RegQueryInfoKeyW
RegQueryValueExA
RegQueryValueExW
RegQueryInfoKeyA
RegDeleteValueW

Sections

.tdxt
Size: 18KB - Virtual size: 18KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdaaa
Size: 45KB - Virtual size: 45KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 11KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.raaoc
Size: 4KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idaaa
Size: 3KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

9516c748dd3070d94d1e8963603ed75e

Headers

File Characteristics

Imports

kernel32

user32

advapi32

Sections

.tdxt Size: 18KB - Virtual size: 18KB

.rdaaa Size: 45KB - Virtual size: 45KB

.edata Size: 11KB - Virtual size: 26KB

.raaoc Size: 4KB - Virtual size: 7KB

.idaaa Size: 3KB - Virtual size: 1KB

.rsrc Size: 1024B - Virtual size: 4KB

.tdxt
Size: 18KB - Virtual size: 18KB

.rdaaa
Size: 45KB - Virtual size: 45KB

.edata
Size: 11KB - Virtual size: 26KB

.raaoc
Size: 4KB - Virtual size: 7KB

.idaaa
Size: 3KB - Virtual size: 1KB

.rsrc
Size: 1024B - Virtual size: 4KB