f639cd8d2c47eea34e16091aea523f8d_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

f639cd8d2c47eea34e16091aea523f8d_JaffaCakes118
Size

128KB
MD5

f639cd8d2c47eea34e16091aea523f8d
SHA1

4b5104ed11888c917c8328fda00858a9b8090f8b
SHA256

aca3f9beae30cc1cff072c9438e406bcd51aacd797e5824fc8f027ddd9467f9c
SHA512

f4c869a4a67431b0a0136d01a5456456bd191adfef3bfa4af92c235204a7980761b9f4292325dd988b4c1f33351e9369c9b8d84458e7278bb1953c191b6c2a9c
SSDEEP

3072:4vh5lwOqep1UIlUPBULSxTslsDWUJbco+:gh5lx1sPBULcMsDzJ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f639cd8d2c47eea34e16091aea523f8d_JaffaCakes118

Files

f639cd8d2c47eea34e16091aea523f8d_JaffaCakes118
.exe windows:4 windows x86 arch:x86

99a27cacad57845ba16a73b5f43aea1e

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FindAtomA
ReadConsoleW
GetFileTime
DeleteAtom
GlobalFree
ReadConsoleA
OpenFileMappingA
Sleep
GetCommandLineA
CopyFileExA
WriteFile
FindFirstFileA
GetFileSize
CopyFileExW
ExitThread
DeleteFileA
GetStdHandle
CopyFileW
SetLastError
GetConsoleMode
GetLastError
GetFileSize
ReadFile
GetLastError
CreateThread
Sleep
GetStdHandle
DeleteAtom
CopyFileA
SetLastError
GetComputerNameA
FindFirstFileA
CopyFileW
ReadConsoleW
GlobalFree
OpenFile
GetFileTime
CreateDirectoryA
CopyFileExA
FindFirstFileA
GetFileSize
ExitThread
GetConsoleMode
GetCommandLineA
ReadFile
DeleteAtom
GlobalFree
SetLastError
CreateDirectoryA
GetComputerNameA
GetCPInfo
OpenFile
Sleep
FindAtomA
DeleteFileA
GetLastError
GetFileTime
DeleteFileW

user32

GetDlgItem
CloseWindow
DrawIcon
CopyImage
GetMenu
CreateIcon
DialogBoxParamA
GetWindowTextLengthA
DrawTextA
GetFocus
IsWindow
GetWindowTextA
DialogBoxParamW
CopyIcon
AlignRects
BlockInput
CalcMenuBar
IsMenu
DrawIconEx
DrawTextW
CopyRect
GetDC
CreateIcon
LoadMenuA
IsWindow
GetDC
CopyImage
DrawIcon
DialogBoxParamW
CopyIcon
AlignRects
CopyRect
GetCursor
CalcMenuBar
GetFocus
BlockInput
AppendMenuW
InsertMenuA

advapi32

RegReplaceKeyW
RegDeleteKeyW
RegOpenKeyA
RegLoadKeyW
RegCreateKeyW
RegCreateKeyExA
RegEnumKeyA
RegOpenKeyExA
RegQueryValueExW
RegDeleteValueW
RegQueryValueA
RegQueryValueExA
RegQueryValueW
RegEnumKeyW
RegQueryInfoKeyW
RegEnumValueA
RegCreateKeyExW

Sections

.text
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 96KB - Virtual size: 2.3MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 4KB - Virtual size: 52B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 4KB - Virtual size: 24B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 495B

IMAGE_SCN_MEM_READ

.rsrc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

99a27cacad57845ba16a73b5f43aea1e

Headers

File Characteristics

Imports

kernel32

user32

advapi32

Sections

.text Size: 8KB - Virtual size: 5KB

.data Size: 96KB - Virtual size: 2.3MB

.tls Size: 4KB - Virtual size: 52B

.rdata Size: 4KB - Virtual size: 24B

.idata Size: 4KB - Virtual size: 3KB

.reloc Size: 4KB - Virtual size: 495B

.rsrc Size: 4KB - Virtual size: 3KB

.text
Size: 8KB - Virtual size: 5KB

.data
Size: 96KB - Virtual size: 2.3MB

.tls
Size: 4KB - Virtual size: 52B

.rdata
Size: 4KB - Virtual size: 24B

.idata
Size: 4KB - Virtual size: 3KB

.reloc
Size: 4KB - Virtual size: 495B

.rsrc
Size: 4KB - Virtual size: 3KB