0d468ab020f71970f71684e227d5b7fc_JaffaCakes118

General

Target

0d468ab020f71970f71684e227d5b7fc_JaffaCakes118
Size

48KB
MD5

0d468ab020f71970f71684e227d5b7fc
SHA1

6d01ab2c6c92c04f7d205083a759bb8f32edfd44
SHA256

993c809f4e4dc65903710f44c8b414c048e164ccaccd5fd6a8ca2eb577d17660
SHA512

fc9e2ff5b2f38b814798503d72143c4aa6acf572a6eb014aacb95525323a96bc19bf1e5c6645af98522a617c3fc9ce4b5bcfdc672c49d991f4f6c0f7f5d9d4d0
SSDEEP

768:IRVosbzL2hBy2B3DTR16tERYOvXwVI4flF4VAH:2XXsZB3nRWE2VI4f7GAH

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0d468ab020f71970f71684e227d5b7fc_JaffaCakes118

Files

0d468ab020f71970f71684e227d5b7fc_JaffaCakes118
.exe windows:4 windows x86 arch:x86

82273c7ef85618c79fabf76bd22ebcba

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RegLoadKeyA
RegQueryValueW
RegEnumKeyExA
RegReplaceKeyA
RegReplaceKeyW
RegQueryValueExA
RegEnumKeyA
RegDeleteKeyA
RegEnumValueW
RegCreateKeyExW
RegEnumValueA
RegDeleteValueA
RegFlushKey
RegQueryInfoKeyA
RegGetKeySecurity
RegQueryValueExW
RegOpenKeyA
RegCreateKeyExA

user32

IsMenu
CreateIcon
GetDlgItem
BlockInput
LoadCursorA
DialogBoxParamW
GetFocus
GetWindowTextLengthA
DrawTextW
InsertMenuA
LoadMenuA
GetMenu
DialogBoxParamA
DrawIcon
GetCursor
AppendMenuW
EndDialog
GetDC
CloseWindow

kernel32

CreateDirectoryA
ReadFile
GlobalFree
FindAtomA
SetLastError
CopyFileW
DeleteFileW
ExitThread
CopyFileExA
GetStdHandle
GetLastError
FindFirstFileA
GetCPInfo
GetFileTime
GetFileSize
DeleteAtom
ReadConsoleA
OpenFile
GetComputerNameA

comctl32

ImageList_Create
ImageList_Replace
ImageList_DrawIndirect
ImageList_LoadImageW
ImageList_GetImageRect
ImageList_GetDragImage
ImageList_Destroy
ImageList_DragShowNolock
ImageList_GetIcon
ImageList_GetIconSize
ImageList_GetImageCount
ImageList_DragEnter
ImageList_GetImageInfo
ImageList_LoadImageA
ImageList_Read
InitCommonControls
ImageList_Remove
ImageList_Copy

Sections

.text
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 28KB - Virtual size: 37KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

82273c7ef85618c79fabf76bd22ebcba

Headers

File Characteristics

Imports

advapi32

user32

kernel32

comctl32

Sections

.text Size: 8KB - Virtual size: 4KB

.rdata Size: 4KB - Virtual size: 2KB

.data Size: 28KB - Virtual size: 37KB

.rsrc Size: 4KB - Virtual size: 2KB

.text
Size: 8KB - Virtual size: 4KB

.rdata
Size: 4KB - Virtual size: 2KB

.data
Size: 28KB - Virtual size: 37KB

.rsrc
Size: 4KB - Virtual size: 2KB