fc56efb4fe04400a3542a34a35160ec8_JaffaCakes118

General

Target

fc56efb4fe04400a3542a34a35160ec8_JaffaCakes118
Size

41KB
MD5

fc56efb4fe04400a3542a34a35160ec8
SHA1

3b1bb7951ef768a2339fc3db1a90d17d96fb0c32
SHA256

36ce9ed243744124516213dfc5b7c4ffc16d7eaf85a33ffe9c02ea226769d721
SHA512

9c25218a27ad77d57d954ffaafe9309d2b622ffcc1a639cc4be8d90487af434f430f3d0fc6eef56aa4d22bdad796763f08a68e91324cb542dface08f12b4132f
SSDEEP

768:2CRa5PwPG7O4PjHM4x1+1BvhEj/vC/Htt69z7a:dQwObPjHDx121hOHyNt69z7

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
fc56efb4fe04400a3542a34a35160ec8_JaffaCakes118

Files

fc56efb4fe04400a3542a34a35160ec8_JaffaCakes118
.exe windows:4 windows x86 arch:x86

eb43e4199960a06a0fa49e70e3c43873

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ReadFile
OpenFile
CreateProcessA
GetFileSize
CreateThread
GetComputerNameA
CopyFileExW
ReadConsoleA
DeleteAtom
ExitThread
GlobalFree
DeleteFileW
FindAtomA
GetStdHandle
GetCommandLineA
GetConsoleMode
CopyFileW
SetLastError
FindFirstFileA
CopyFileExA

comctl32

ImageList_DrawIndirect
ImageList_AddIcon
ImageList_DragShowNolock
ImageList_GetImageCount
ImageList_EndDrag
InitCommonControls
ImageList_DragLeave
ImageList_Copy
ImageList_Destroy
ImageList_Replace
ImageList_DragMove
ImageList_GetImageRect
ImageList_Create
ImageList_LoadImageW
ImageList_Remove
ImageList_LoadImage
ImageList_DragEnter
ImageList_Draw
ImageList_AddMasked
ImageList_LoadImageA
ImageList_ReplaceIcon
ImageList_Read
ImageList_GetIcon
ImageList_Merge

advapi32

RegEnumValueA
RegOpenKeyExW
RegOpenKeyA
RegOpenKeyW
RegDeleteKeyW
RegEnumKeyA
RegReplaceKeyW
RegDeleteKeyA
RegReplaceKeyA
RegEnumKeyExW
RegQueryInfoKeyW
RegQueryValueA
RegQueryValueW
RegOpenKeyExA
RegEnumKeyW
RegCreateKeyExW
RegEnumValueW
RegQueryValueExA

gdi32

AbortPath
GetCurrentPositionEx
GetPixel
AddFontResourceW
AddFontResourceExW
CancelDC
SetTextColor
BeginPath
GetBrushOrgEx
BitBlt
ExtTextOutA
CopyMetaFileA
ClearBitmapAttributes
GetClipBox
AddFontResourceTracking
CloseFigure
AddFontResourceExA
AddFontMemResourceEx
RestoreDC
GetDCOrgEx

Sections

.text
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 32KB - Virtual size: 270KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 418B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

eb43e4199960a06a0fa49e70e3c43873

Headers

File Characteristics

Imports

kernel32

comctl32

advapi32

gdi32

Sections

.text Size: 5KB - Virtual size: 5KB

.rdata Size: 2KB - Virtual size: 2KB

.data Size: 32KB - Virtual size: 270KB

.rsrc Size: 512B - Virtual size: 418B

.text
Size: 5KB - Virtual size: 5KB

.rdata
Size: 2KB - Virtual size: 2KB

.data
Size: 32KB - Virtual size: 270KB

.rsrc
Size: 512B - Virtual size: 418B