fe3fcb342dde7f6ebfbc85ff343c93cf_JaffaCakes118

General

Target

fe3fcb342dde7f6ebfbc85ff343c93cf_JaffaCakes118
Size

95KB
MD5

fe3fcb342dde7f6ebfbc85ff343c93cf
SHA1

99c12e82a7b28b9493ac40843db87d3faff65b3e
SHA256

409a1c97e09238ea6dc9ade638f5e4dc41bba629ca5bfd2325f6894a9834e79b
SHA512

d327f4d9b3fe9b7ba60fc85b8816ca8813931f79c838866f7bdb4f97e781cb56daf0712f9e2fc380a6614812dcae811c25b02f88ad185b230c8021c2213175d5
SSDEEP

1536:hs6aW0I5G5ud2T9GhMk2ldckedn9GSV1A7GaPabzDh+82j:LTA80pGGldcJdn9GMaPiJg

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
fe3fcb342dde7f6ebfbc85ff343c93cf_JaffaCakes118

Files

fe3fcb342dde7f6ebfbc85ff343c93cf_JaffaCakes118
.exe windows:4 windows x86 arch:x86

3268631b076e261d56a76ea996ab7fa5

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RegDeleteValueW
RegDeleteKeyA
RegEnumValueA
RegEnumKeyExW
RegCreateKeyExA
RegOpenKeyExA
RegOpenKeyExW
RegOpenKeyW
RegDeleteValueA
RegFlushKey
RegEnumValueW
RegGetKeySecurity
RegOpenKeyA
RegQueryValueExW
RegCreateKeyExW
RegQueryValueA
RegQueryValueExA
RegDeleteKeyW
RegReplaceKeyW

user32

CopyRect
CopyIcon
DrawTextW
DialogBoxParamW
IsWindow
GetMenu
CalcMenuBar
InsertMenuA
AlignRects
DrawTextA
AppendMenuW
GetFocus
IsMenu
GetDlgItem
GetCursor
BlockInput
GetWindowTextLengthA
DrawIcon
GetDC
GetDlgItem
GetWindowTextA
LoadMenuA
GetMenu
DialogBoxParamW
DrawIcon
CalcMenuBar
InsertMenuA
CopyRect
IsMenu
AppendMenuW
CopyIcon
DrawIconEx
CloseWindow
LoadCursorA
AlignRects
DialogBoxParamA
AppendMenuA

kernel32

GetCPInfo
GetStringTypeA
GetStdHandle
lstrlenA
GetLastError
GetModuleFileNameA
Sleep
lstrcmpA
GetFileType
lstrcpynA
lstrcpyA
lstrcatA
CloseHandle
GetLocalTime
WideCharToMultiByte
lstrcmpiA
GlobalAlloc
GetDateFormatA
GetFileSize
GlobalFree

comctl32

InitCommonControls
ImageList_GetIcon
ImageList_BeginDrag
ImageList_LoadImageW
ImageList_DragLeave
ImageList_Destroy
ImageList_GetImageInfo
ImageList_Remove
ImageList_Replace
ImageList_AddMasked
ImageList_GetImageCount
ImageList_GetIconSize
ImageList_DragEnter
ImageList_AddIcon
ImageList_LoadImageA
ImageList_DragMove

Sections

.text
Size: 14KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.tdata
Size: 69KB - Virtual size: 68KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.ndata
Size: 5KB - Virtual size: 72KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.mQDacC
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

3268631b076e261d56a76ea996ab7fa5

Headers

File Characteristics

Imports

advapi32

user32

kernel32

comctl32

Sections

.text Size: 14KB - Virtual size: 13KB

.tdata Size: 69KB - Virtual size: 68KB

.ndata Size: 5KB - Virtual size: 72KB

.mQDacC Size: 2KB - Virtual size: 2KB

.text
Size: 14KB - Virtual size: 13KB

.tdata
Size: 69KB - Virtual size: 68KB

.ndata
Size: 5KB - Virtual size: 72KB

.mQDacC
Size: 2KB - Virtual size: 2KB