1887a2d287ffd5b2ac00c7aa3b6d9474_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

1887a2d287ffd5b2ac00c7aa3b6d9474_JaffaCakes118
Size

59KB
MD5

1887a2d287ffd5b2ac00c7aa3b6d9474
SHA1

9013451de55464c2573aab0e953838dd05c78f4f
SHA256

9a40edd2ac2807c0bf038ed7be52b86b2c5678dc00899e2f28677d18cac1eff2
SHA512

d58277f7d5ff9720e55fe03df3c2e3d8555646f7d3fb6929f9cf5f64fe8925fbc1e474d6ae8b9b17edeee49e4eb9fa08aad914351335cc6226f6339ac3892d1d
SSDEEP

1536:AXMMMbR1Zkey9ARTWgxaXHKU8Ji5yzfLhQL7XiFLCu2GU4mEYg:AXMMM1v3PRZ4XP+SKl6GFL92Fg

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1887a2d287ffd5b2ac00c7aa3b6d9474_JaffaCakes118

Files

1887a2d287ffd5b2ac00c7aa3b6d9474_JaffaCakes118
.exe windows:4 windows x86 arch:x86

25d4a444137a9229bf42ff5c19193198

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetConsoleMode
WriteFile
CopyFileA
ReadConsoleA
DeleteFileW
DeleteFileA
CopyFileW
CopyFileExW
CopyFileExA
GetFileTime
GetFileSize
CreateThread
CreateProcessA
GetLastError
GetCommandLineA
OpenFileMappingA
ReadFile
GetComputerNameA
DeleteAtom
SetLastError
CreateDirectoryA
OpenFile
FindFirstFileA
FindAtomA

advapi32

RegOpenKeyA
RegReplaceKeyA
RegQueryValueW
RegDeleteKeyA
RegEnumKeyExW
RegReplaceKeyW
RegOpenKeyExA
RegEnumValueW
RegCreateKeyW
RegQueryValueA
RegOpenKeyExW
RegOpenKeyW
RegCreateKeyExW
RegLoadKeyW
RegDeleteKeyW
RegEnumKeyA
RegFlushKey
RegGetKeySecurity
RegQueryValueExW
RegDeleteValueW
RegCreateKeyExA
RegEnumKeyW
RegDeleteValueA
RegLoadKeyA

gdi32

CloseMetaFile
ExcludeClipRect
AddFontResourceW
CloseFigure
DeleteObject
SetTextColor
GetBitmapBits
AddFontResourceExW
DeleteDC
CancelDC
CreateSolidBrush
BeginPath
ClearBitmapAttributes
GetBrushOrgEx
ClearBrushAttributes
AddFontMemResourceEx
AddFontResourceA

user32

DialogBoxParamA
InsertMenuA
BlockInput
DrawIconEx
IsMenu
GetWindowTextA
AppendMenuA
CopyImage
CopyIcon
IsWindow
DrawTextW
AlignRects
GetCursor
AppendMenuW
EndDialog
LoadCursorA
CloseWindow
GetFocus

comctl32

ImageList_AddMasked
ImageList_Destroy
ImageList_GetImageInfo
ImageList_DragMove
ImageList_DragEnter
ImageList_GetIcon
ImageList_Draw
ImageList_EndDrag
ImageList_LoadImageW
ImageList_AddIcon
ImageList_GetIconSize
ImageList_LoadImage
ImageList_DrawEx
ImageList_DragLeave
ImageList_Create
ImageList_Merge
ImageList_Replace

Sections

.text
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 50KB - Virtual size: 149KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 287B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: - Virtual size: 453B

IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

25d4a444137a9229bf42ff5c19193198

Headers

File Characteristics

Imports

kernel32

advapi32

gdi32

user32

comctl32

Sections

.text Size: 5KB - Virtual size: 4KB

.rdata Size: 3KB - Virtual size: 2KB

.data Size: 50KB - Virtual size: 149KB

.rsrc Size: 512B - Virtual size: 287B

.reloc Size: - Virtual size: 453B

.text
Size: 5KB - Virtual size: 4KB

.rdata
Size: 3KB - Virtual size: 2KB

.data
Size: 50KB - Virtual size: 149KB

.rsrc
Size: 512B - Virtual size: 287B

.reloc
Size: - Virtual size: 453B