fe3f8056d5bc3e0441e075a12759ceb0_JaffaCakes118

General

Target

fe3f8056d5bc3e0441e075a12759ceb0_JaffaCakes118
Size

97KB
MD5

fe3f8056d5bc3e0441e075a12759ceb0
SHA1

4978a39e832beca4d5b0adda6116cef6b868a1ae
SHA256

39c64e965a87468c75298b1921f030b2ae5bb94732ae0099ce2ca7dfdbfedba2
SHA512

b4cb5de65b6e6fc31983caa26392ccdc709388e37cda1c4c8cd5e3d0c2598450b409c9a98ffcfe103519161bfaefd9fdc95afba7387c0ce3e94df8efffb474a4
SSDEEP

3072:BVmRn4g9d3EY2YsX0TUbP5b5VVcn0NFUz:Bw9d3EYOETEP/g0Niz

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
fe3f8056d5bc3e0441e075a12759ceb0_JaffaCakes118

Files

fe3f8056d5bc3e0441e075a12759ceb0_JaffaCakes118
.exe windows:4 windows x86 arch:x86

a6e93f13551d8baeb017ee5b98a3f9bc

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetCPInfo
lstrcatA
lstrcpyA
HeapAlloc
GlobalFree
GetCommandLineA
Sleep
GetFileType
HeapFree
GetStdHandle
SetLastError
GlobalAlloc
GetLocalTime
DeleteFileA
GetStringTypeA
WideCharToMultiByte
GetFileSize
GetDateFormatA
GetLastError
GetStringTypeW

advapi32

RegLoadKeyA
RegCreateKeyW
RegEnumKeyExW
RegOpenKeyExA
RegEnumKeyW
RegGetKeySecurity
RegOpenKeyW
RegQueryInfoKeyA
RegFlushKey
RegQueryValueExA
RegQueryInfoKeyW
RegDeleteValueA
RegCreateKeyExW
RegDeleteKeyW
RegEnumKeyA
RegQueryValueExW
RegQueryValueA

comctl32

ImageList_GetImageRect
ImageList_DragShowNolock
ImageList_Draw
ImageList_DragEnter
ImageList_DrawEx
ImageList_Merge
ImageList_DrawIndirect
ImageList_DragMove
ImageList_LoadImageA
ImageList_GetImageInfo
ImageList_Remove
ImageList_GetIcon
ImageList_GetDragImage
ImageList_LoadImage
ImageList_Copy
ImageList_ReplaceIcon

user32

InsertMenuA
GetWindowTextA
CopyIcon
GetDC
LoadMenuA
LoadCursorA
AppendMenuW
CopyImage
CalcMenuBar
DrawIcon
CreateIcon
GetMenu
DialogBoxParamW
AlignRects
BlockInput
EndDialog

Sections

.text
Size: 14KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.pdata
Size: 68KB - Virtual size: 68KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.odata
Size: 7KB - Virtual size: 125KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tAIQJA
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a6e93f13551d8baeb017ee5b98a3f9bc

Headers

File Characteristics

Imports

kernel32

advapi32

comctl32

user32

Sections

.text Size: 14KB - Virtual size: 13KB

.pdata Size: 68KB - Virtual size: 68KB

.odata Size: 7KB - Virtual size: 125KB

.tAIQJA Size: 3KB - Virtual size: 2KB

.text
Size: 14KB - Virtual size: 13KB

.pdata
Size: 68KB - Virtual size: 68KB

.odata
Size: 7KB - Virtual size: 125KB

.tAIQJA
Size: 3KB - Virtual size: 2KB