f3b8261e7b45594fc95edbb128c03767_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

f3b8261e7b45594fc95edbb128c03767_JaffaCakes118
Size

165KB
MD5

f3b8261e7b45594fc95edbb128c03767
SHA1

4238d9efc121435de35613329e9ba5453a86d900
SHA256

7152201233fd830708fc3f78f06534fe3f63acf58e1619da31b6a5ce80714285
SHA512

5ad0490e44565b4ecbdc2cd448806ea5745ce2601e89caeb601c0be971a103e4849d2a5f63b790cf1ec177527cb083f043925304c608aaab000158d281d9affd
SSDEEP

3072:hstqlDOl97O29ztFp+0WH9HQ3Zz8tjWgf1KNWMIU38ziZ:cnhO2FtDAHshgjW0cWMI2

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f3b8261e7b45594fc95edbb128c03767_JaffaCakes118

Files

f3b8261e7b45594fc95edbb128c03767_JaffaCakes118
.exe windows:4 windows x86 arch:x86

df2160bed26f96c62bf4208ed6d3aa66

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetLastError
GetDateFormatA
GetLastError
HeapAlloc
GetLastError
GetStdHandle
GetLastError
lstrcmpA
GetLastError
GetModuleHandleA
GetLastError
HeapFree
GetLastError
GlobalAlloc
GetLastError
lstrcmpiA
GetLastError
lstrcpynA
GetLastError
GetStringTypeW

advapi32

RegQueryInfoKeyW
RegDeleteKeyW
RegReplaceKeyA
RegDeleteValueW
RegEnumValueW
RegGetKeySecurity
RegReplaceKeyW
RegEnumKeyW
RegLoadKeyW
RegQueryInfoKeyA
RegOpenKeyW
RegCreateKeyExW
RegQueryValueExA
RegDeleteValueA
RegQueryValueA
RegEnumKeyExW
RegFlushKey
RegCreateKeyExA
RegDeleteKeyA
RegEnumKeyExA
RegLoadKeyA
RegQueryValueExW
RegOpenKeyExW
RegOpenKeyA
RegEnumValueA
RegEnumKeyA
RegQueryValueW
RegCreateKeyW
RegOpenKeyExA
RegLoadKeyA
RegQueryInfoKeyA
RegLoadKeyW
RegQueryValueW
RegDeleteValueW
RegOpenKeyExA
RegEnumKeyExA
RegQueryInfoKeyW
RegDeleteValueA
RegCreateKeyExA
RegQueryValueA
RegOpenKeyExW
RegCreateKeyW
RegCreateKeyExW
RegEnumKeyExW
RegOpenKeyA
RegDeleteKeyA
RegEnumValueA
RegOpenKeyW
RegDeleteKeyW
RegEnumValueW
RegReplaceKeyW
RegFlushKey
RegEnumKeyW
RegQueryValueExW
RegGetKeySecurity
RegReplaceKeyA
RegQueryValueExA
RegEnumKeyA

user32

DrawTextA
GetWindowTextA
LoadCursorA
DrawIconEx
GetDC
CopyImage
AppendMenuA
LoadMenuA
IsMenu
AlignRects
BlockInput
CopyRect
DrawTextW
CopyIcon
GetDlgItem
CloseWindow
CreateIcon
GetWindowTextLengthA
GetFocus
GetCursor
DialogBoxParamA
AppendMenuW
EndDialog
CalcMenuBar
InsertMenuA
DrawIcon
DialogBoxParamW
IsWindow
GetMenu

Sections

.te9t
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rda8a
Size: 130KB - Virtual size: 130KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.eda9a
Size: 11KB - Virtual size: 205KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.i25ta
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

df2160bed26f96c62bf4208ed6d3aa66

Headers

File Characteristics

Imports

kernel32

advapi32

user32

Sections

.te9t Size: 10KB - Virtual size: 10KB

.rda8a Size: 130KB - Virtual size: 130KB

.eda9a Size: 11KB - Virtual size: 205KB

.i25ta Size: 9KB - Virtual size: 8KB

.te9t
Size: 10KB - Virtual size: 10KB

.rda8a
Size: 130KB - Virtual size: 130KB

.eda9a
Size: 11KB - Virtual size: 205KB

.i25ta
Size: 9KB - Virtual size: 8KB