0398be0331ae05f28f9673f776f67bae_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

0398be0331ae05f28f9673f776f67bae_JaffaCakes118
Size

108KB
MD5

0398be0331ae05f28f9673f776f67bae
SHA1

65a2d65f9dbdadc7a19e5262567361678a7e4427
SHA256

16129d06cbfbe3f07d977f28b1b5cbe6e507a0ac21fa0f4cefa7556eaa01fac9
SHA512

8cded3381b7f375e8a5bb21f62312e450b4ad0d31a197272a4b6adb023b18996606f0f99ea6f25a7d05cd53d5fe8b3d43cf024b74d6ccb9fd688f3e2119ec909
SSDEEP

1536:OmQEeYbVeYKFmKQnhSvUPOwK5JqIKiwEdXcSDsuSgwf:rQPYboYsmKQhVmnd3AXgw

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0398be0331ae05f28f9673f776f67bae_JaffaCakes118

Files

0398be0331ae05f28f9673f776f67bae_JaffaCakes118
.exe windows:4 windows x86 arch:x86

99a8c920d34ec7cefeb6f04b342af165

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

DeleteAtom
ReadConsoleA
DeleteFileA
CreateProcessA
GetCommandLineA
CopyFileA
WriteFile
ExitThread
FindAtomA
CopyFileW
GetCPInfo
OpenFileMappingA
GlobalFree
CreateThread
GetLastError
CopyFileExW
ReadFile
OpenFileMappingA
DeleteFileA
GetCommandLineA
OpenFile
CreateProcessA
Sleep
GetCPInfo
GetFileSize
DeleteFileW
CopyFileExA
FindFirstFileA
GetStdHandle
FindAtomA
GetLastError
ReadConsoleA
SetLastError
OpenFile
CopyFileW
CreateProcessA
GetCPInfo
FindAtomA
GetConsoleMode
SetLastError
OpenFileMappingA
GetComputerNameA
CopyFileExW
WriteFile
OpenFileMappingA
GlobalFree
CreateThread
ExitThread
GetFileSize
GetStdHandle
WriteFile
CopyFileExA
CopyFileExW
FindAtomA
DeleteFileA
GetLastError
DeleteFileW

user32

GetWindowTextLengthA
InsertMenuA
GetDlgItem
DrawTextW
IsMenu
BlockInput
DrawIcon
CreateIcon
DrawTextA
CopyIcon
AlignRects
GetDC
IsWindow
LoadMenuA
DialogBoxParamW
GetMenu
IsWindow
DrawTextA
GetDC
CopyIcon
AlignRects
DialogBoxParamA
CopyImage
GetWindowTextLengthA
CreateIcon
AppendMenuW
CloseWindow
DrawIcon
DrawTextW
IsMenu
GetWindowTextA
GetCursor

advapi32

RegQueryInfoKeyA
RegEnumKeyExW
RegCreateKeyW
RegLoadKeyW
RegQueryValueExA
RegQueryValueW
RegFlushKey
RegCreateKeyExW
RegOpenKeyA
RegDeleteKeyW
RegEnumKeyW
RegDeleteValueW
RegEnumKeyA
RegOpenKeyExW
RegDeleteValueA

Sections

.text
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.xgdata
Size: 80KB - Virtual size: 76KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.edata
Size: 4KB - Virtual size: 48KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

99a8c920d34ec7cefeb6f04b342af165

Headers

File Characteristics

Imports

kernel32

user32

advapi32

Sections

.text Size: 4KB - Virtual size: 3KB

.xgdata Size: 80KB - Virtual size: 76KB

.tls Size: 4KB - Virtual size: 4KB

.rdata Size: 8KB - Virtual size: 5KB

.idata Size: 4KB - Virtual size: 3KB

.edata Size: 4KB - Virtual size: 48KB

.text
Size: 4KB - Virtual size: 3KB

.xgdata
Size: 80KB - Virtual size: 76KB

.tls
Size: 4KB - Virtual size: 4KB

.rdata
Size: 8KB - Virtual size: 5KB

.idata
Size: 4KB - Virtual size: 3KB

.edata
Size: 4KB - Virtual size: 48KB