102429d30a979550f112776905df6203_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

102429d30a979550f112776905df6203_JaffaCakes118
Size

132KB
MD5

102429d30a979550f112776905df6203
SHA1

2a44b323cf13590180a328cfab61f985cb3574c1
SHA256

bb6ff81f3aea4cc9d31f468065ab5f55a3c4983e78169afa28c42fe339e814d8
SHA512

9ccd46188839d89b12b11bfd943d6ba0f1c7c88de42058f48ee0b0715c0091c02f8e5e34c33875c0ae5ac2b935a219c818ec59d7e63c167f40e2049f23d279b0
SSDEEP

1536:Y4+1EFUDmhR8Amf7GlzooYR2oQ8Qu92l4Pt6XWsWC3q7VoagHJ:YvFDohmjGlzJoQru92lNXBDa7Voa

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
102429d30a979550f112776905df6203_JaffaCakes118

Files

102429d30a979550f112776905df6203_JaffaCakes118
.exe windows:4 windows x86 arch:x86

37cd2f9040c6b90bd6275389fde78bd4

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

comctl32

ImageList_Copy
ImageList_GetImageRect
ImageList_GetImageCount
ImageList_LoadImageA
ImageList_DrawIndirect
ImageList_BeginDrag
ImageList_GetImageInfo
ImageList_GetDragImage
ImageList_GetIcon
ImageList_ReplaceIcon
ImageList_LoadImageW
ImageList_AddIcon
ImageList_Create
ImageList_DragLeave
ImageList_Read
ImageList_LoadImage
ImageList_AddMasked
ImageList_GetIconSize
ImageList_Remove
ImageList_Replace
ImageList_Destroy
ImageList_DrawEx
ImageList_DragEnter

kernel32

DeleteFileW
OpenFileMappingA
GetConsoleMode
FindFirstFileA
CreateProcessA
FindAtomA
SetLastError
GetComputerNameA
ExitThread
DeleteFileA
GetCPInfo
CopyFileExW
GetFileTime
CreateThread
ReadConsoleA
GlobalFree
CopyFileExA
GetLastError
GetStdHandle
ReadFile
CopyFileW

gdi32

CancelDC
AddFontResourceExW
ClearBrushAttributes
CopyMetaFileA
DeleteDC
AddFontResourceTracking
DeleteObject
GetPixel
AddFontResourceW
CloseMetaFile
ClearBitmapAttributes
GetBrushOrgEx
SetTextColor
BitBlt
AddFontResourceExA
BeginPath
AddFontResourceA
GetPixel

advapi32

RegGetKeySecurity
RegQueryInfoKeyW
RegOpenKeyExW
RegEnumValueW
RegQueryValueA
RegOpenKeyA
RegQueryValueExA
RegOpenKeyExA
RegDeleteKeyW
RegEnumKeyA
RegEnumKeyExA
RegDeleteValueA
RegOpenKeyW
RegCreateKeyW
RegReplaceKeyW
RegQueryValueW
RegEnumKeyW
RegCreateKeyExA
RegQueryValueExW
RegFlushKey
RegReplaceKeyW
RegQueryValueW
RegOpenKeyExA
RegGetKeySecurity
RegEnumKeyExA
RegCreateKeyW
RegQueryInfoKeyA
RegReplaceKeyA
RegLoadKeyW
RegOpenKeyW
RegCreateKeyExW
RegQueryValueA
RegDeleteValueA
RegEnumKeyExW
RegOpenKeyA
RegQueryInfoKeyW

Sections

.text
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 76KB - Virtual size: 2.5MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 4KB - Virtual size: 115B

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 4KB - Virtual size: 24B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_MEM_READ

.rsrc
Size: 20KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

37cd2f9040c6b90bd6275389fde78bd4

Headers

File Characteristics

Imports

comctl32

kernel32

gdi32

advapi32

Sections

.text Size: 8KB - Virtual size: 5KB

.rdata Size: 8KB - Virtual size: 5KB

.data Size: 76KB - Virtual size: 2.5MB

.tls Size: 4KB - Virtual size: 115B

.rdata Size: 4KB - Virtual size: 24B

.idata Size: 4KB - Virtual size: 3KB

.reloc Size: 4KB - Virtual size: 1KB

.rsrc Size: 20KB - Virtual size: 19KB

.text
Size: 8KB - Virtual size: 5KB

.rdata
Size: 8KB - Virtual size: 5KB

.data
Size: 76KB - Virtual size: 2.5MB

.tls
Size: 4KB - Virtual size: 115B

.rdata
Size: 4KB - Virtual size: 24B

.idata
Size: 4KB - Virtual size: 3KB

.reloc
Size: 4KB - Virtual size: 1KB

.rsrc
Size: 20KB - Virtual size: 19KB