f33c76337a9bd7544e9af5b467890e35_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

f33c76337a9bd7544e9af5b467890e35_JaffaCakes118
Size

57KB
MD5

f33c76337a9bd7544e9af5b467890e35
SHA1

2a5029c91809cf3989136dc33b47363c8932ec5f
SHA256

6dcbb6e8253b1e74fc873bc47b59abfcdc9e48ba7347d48c47a9e2f1be048d80
SHA512

ab7178f1d2801b482504935e99ecc58aa024f2e34a82fd9077cdc61959f1845c37264c955d4eb5ce1106bf055e6cfa819ce4ebe35006f67e502ad3656a87242e
SSDEEP

1536:zTD0KH5pSaQl8fQsOm35+tFQhzgEK6aNVXIX19UeW:zTb5zQcQ25OopaN9fe

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f33c76337a9bd7544e9af5b467890e35_JaffaCakes118

Files

f33c76337a9bd7544e9af5b467890e35_JaffaCakes118
.exe windows:4 windows x86 arch:x86

0fe1ed9680b46f8ad29cd27cc033e0f2

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

comctl32

ImageList_DrawIndirect
ImageList_LoadImageW
ImageList_Create
ImageList_DragLeave
InitCommonControls
ImageList_EndDrag
ImageList_LoadImageA
ImageList_DragShowNolock
ImageList_GetImageRect
ImageList_DragMove
ImageList_GetIconSize
ImageList_GetImageInfo
ImageList_AddMasked
ImageList_Replace
ImageList_Draw
ImageList_AddIcon
ImageList_LoadImage
ImageList_GetDragImage

kernel32

CopyFileExA
CreateProcessA
DeleteFileW
CreateDirectoryA
OpenFileMappingA
ExitThread
Sleep
DeleteFileA
OpenFile
GetStdHandle
CreateThread
WriteFile
CopyFileA
GetComputerNameA
GetCommandLineA
SetLastError
GetFileTime
GetCPInfo
GlobalFree
FindFirstFileA
ReadConsoleA
FindAtomA
CopyFileExW
ReadFile

user32

DrawIconEx
CopyRect
AppendMenuW
LoadMenuA
DrawTextW
LoadCursorA
InsertMenuA
BlockInput
DialogBoxParamW
CreateIcon
AlignRects
CopyIcon
CopyImage
GetDlgItem
AppendMenuA
GetCursor
GetFocus
IsWindow
GetMenu
GetDC
CalcMenuBar
EndDialog
GetWindowTextA
DrawTextA
DialogBoxParamA

advapi32

RegCreateKeyExW
RegDeleteValueW
RegDeleteKeyA
RegQueryValueExA
RegLoadKeyA
RegQueryInfoKeyA
RegOpenKeyW
RegQueryInfoKeyW
RegOpenKeyA
RegCreateKeyW
RegOpenKeyExW
RegDeleteValueA
RegEnumValueW
RegEnumKeyExW
RegQueryValueExW
RegReplaceKeyW
RegEnumKeyA
RegGetKeySecurity
RegReplaceKeyA
RegCreateKeyExA
RegOpenKeyExA
RegEnumKeyExA
RegFlushKey
RegEnumValueA

gdi32

GetDCOrgEx
AddFontMemResourceEx
ExtTextOutA
RestoreDC
GetPixel
CloseFigure
GetCurrentPositionEx
AddFontResourceA
AddFontResourceExW
GetClipBox
CancelDC
CloseMetaFile
SetTextColor
AbortPath
DeleteDC
DeleteObject
ClearBitmapAttributes
GetPixel

Sections

.text
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 49KB - Virtual size: 126KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 440B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

0fe1ed9680b46f8ad29cd27cc033e0f2

Headers

File Characteristics

Imports

comctl32

kernel32

user32

advapi32

gdi32

Sections

.text Size: 3KB - Virtual size: 3KB

.rdata Size: 3KB - Virtual size: 2KB

.data Size: 49KB - Virtual size: 126KB

.rsrc Size: 512B - Virtual size: 440B

.text
Size: 3KB - Virtual size: 3KB

.rdata
Size: 3KB - Virtual size: 2KB

.data
Size: 49KB - Virtual size: 126KB

.rsrc
Size: 512B - Virtual size: 440B