00582dded6d8b19c0463d4f9072668e9_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

00582dded6d8b19c0463d4f9072668e9_JaffaCakes118
Size

105KB
MD5

00582dded6d8b19c0463d4f9072668e9
SHA1

7bd54c516415f2f243bf690126750d3390ea385b
SHA256

d3f00769507fe4c70939254aa22919aca7a09ae09420984983fffd3fc86856e2
SHA512

c5532131d91f1e3f9bb29cec5f999c147975d3a775a7f852d0d96ff572c784f2915a7d8e9535e07a6f304446782646c5a7c529a9b89eba8613f066fafc7cff3a
SSDEEP

1536:p3M6QMihr0q/YAsBWpv11iw+Q3cLsQgO2OrCiNl1Wp5EfwI:p3zDgryAsQt1iw+Q3vQIOrCaWpGfr

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
00582dded6d8b19c0463d4f9072668e9_JaffaCakes118

Files

00582dded6d8b19c0463d4f9072668e9_JaffaCakes118
.exe windows:4 windows x86 arch:x86

b54aff762cbdbc8f86ad1d5f9f0fb349

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

advapi32

RegEnumKeyA
RegOpenKeyExA
RegLoadKeyA
RegReplaceKeyW
RegQueryValueA
RegQueryValueW
RegEnumValueW
RegReplaceKeyA
RegCreateKeyExA
RegLoadKeyA
RegQueryInfoKeyW
RegReplaceKeyA
RegEnumKeyA
RegOpenKeyW
RegGetKeySecurity
RegOpenKeyA
RegQueryValueExW
RegQueryInfoKeyA
RegLoadKeyW
RegQueryValueW
RegQueryValueA
RegEnumKeyExA
RegEnumValueA
RegQueryValueExA
RegDeleteKeyW
RegCreateKeyW
RegCreateKeyExW

kernel32

GetCPInfo
SetLastError
CreateThread
OpenFile
ReadConsoleA
GetStdHandle
GetConsoleMode
WriteFile
GetComputerNameA
FindAtomA
GlobalFree
CopyFileA
GetFileSize

user32

GetWindowTextLengthA
DialogBoxParamA
GetDC
AppendMenuA
GetDlgItem
CloseWindow
CopyImage
GetMenu
DrawIcon
AppendMenuW
CalcMenuBar
DrawTextA

comctl32

ImageList_Draw
ImageList_EndDrag
ImageList_Destroy
ImageList_LoadImage
ImageList_Create
ImageList_DragMove
ImageList_LoadImageA
ImageList_GetImageInfo
ImageList_Remove
ImageList_GetImageCount
ImageList_Read
ImageList_DragLeave
InitCommonControls
ImageList_DrawIndirect
ImageList_GetIcon
ImageList_Copy
ImageList_GetImageRect
ImageList_GetDragImage
ImageList_DragShowNolock

shell32

FreeIconList
ExtractIconExA
DragQueryFileA
FindExeDlgProc
SHUpdateImageA
DragQueryFile
CheckEscapesA
DragQueryFileAorW
DragFinish
ExtractIconResInfoA

gdi32

SetTextColor
AddFontMemResourceEx
CloseFigure
GetPixel
AddFontResourceA
DeleteDC
BeginPath
CreateSolidBrush
ClearBitmapAttributes
GetCurrentPositionEx
CopyMetaFileA
CancelDC
ClearBrushAttributes
AbortPath
DeleteObject
GetBrushOrgEx

Sections

.text
Size: 26KB - Virtual size: 26KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 72KB - Virtual size: 72KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bbs
Size: - Virtual size: 58KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tls
Size: - Virtual size: 50B

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 516B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b54aff762cbdbc8f86ad1d5f9f0fb349

Headers

File Characteristics

Imports

advapi32

kernel32

user32

comctl32

shell32

gdi32

Sections

.text Size: 26KB - Virtual size: 26KB

.data Size: 72KB - Virtual size: 72KB

.bbs Size: - Virtual size: 58KB

.idata Size: 3KB - Virtual size: 3KB

.tls Size: - Virtual size: 50B

.rdata Size: 512B - Virtual size: 1KB

.rsrc Size: 1024B - Virtual size: 516B

.text
Size: 26KB - Virtual size: 26KB

.data
Size: 72KB - Virtual size: 72KB

.bbs
Size: - Virtual size: 58KB

.idata
Size: 3KB - Virtual size: 3KB

.tls
Size: - Virtual size: 50B

.rdata
Size: 512B - Virtual size: 1KB

.rsrc
Size: 1024B - Virtual size: 516B