1a4425e47032c09f4322633d46f86768_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

1a4425e47032c09f4322633d46f86768_JaffaCakes118
Size

80KB
MD5

1a4425e47032c09f4322633d46f86768
SHA1

1ece0e534d0227e29375228615ff135924d9afe2
SHA256

3de177a5f654f23bcff45694989c6f3287d58a22af98ab3034610c1b5010818a
SHA512

5457a82ee2dbf6070e10873716d6efbe1379261ba8d48010dc1469a555ce39f955d6123cd65786d044e1612a277305880559119e203b3ee911e273dec56c81cd
SSDEEP

768:xd6F6I+0FdllwkBryuPuf8cYDJfPFNmYKC63ZCPwBL+GusbF+CoYUC71P:x1ud7wZuaGJfPyGq+wB7sgTt

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1a4425e47032c09f4322633d46f86768_JaffaCakes118

Files

1a4425e47032c09f4322633d46f86768_JaffaCakes118
.exe windows:4 windows x86 arch:x86

8a7c4e5c0bb22f9d471c940ce5a79ccb

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RegQueryValueA
RegQueryValueW
RegEnumKeyExA
RegDeleteKeyW
RegGetKeySecurity
RegDeleteKeyA
RegLoadKeyA
RegEnumKeyExW
RegEnumKeyW
RegQueryInfoKeyW
RegOpenKeyW
RegOpenKeyExA
RegEnumKeyA
RegReplaceKeyW
RegCreateKeyExA
RegDeleteValueW
RegOpenKeyExA
RegFlushKey
RegCreateKeyW
RegEnumKeyW
RegOpenKeyA
RegOpenKeyExW
RegLoadKeyA
RegDeleteKeyW
RegLoadKeyW
RegQueryValueA

kernel32

CopyFileA
CopyFileExA
ReadConsoleA
DeleteAtom
FindAtomA
Sleep
ExitThread
GetCommandLineA
GetComputerNameA
DeleteFileW
GetStdHandle
GetConsoleMode
CreateProcessA
GetConsoleMode
CopyFileExA
Sleep
OpenFile
DeleteFileW
GetFileSize
DeleteAtom
GetComputerNameA
DeleteFileA
WriteFile
CopyFileExW
GetLastError
GetStdHandle
DeleteFileA
WriteFile
CreateThread
OpenFileMappingA
Sleep
CopyFileExW
DeleteAtom
ReadFile
OpenFile
SetLastError
CopyFileW
CreateDirectoryA
GetFileTime
WriteFile
DeleteFileW
Sleep
CopyFileExA
CopyFileA
ReadFile
CopyFileW
ExitThread
CreateDirectoryA
ReadConsoleA

user32

IsMenu
DrawTextA
EndDialog
GetFocus
CopyRect
BlockInput
GetMenu
GetDC
AlignRects
LoadMenuA

Sections

.text
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.sndata
Size: 52KB - Virtual size: 50KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.edata
Size: 4KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

8a7c4e5c0bb22f9d471c940ce5a79ccb

Headers

File Characteristics

Imports

advapi32

kernel32

user32

Sections

.text Size: 4KB - Virtual size: 2KB

.sndata Size: 52KB - Virtual size: 50KB

.tls Size: 4KB - Virtual size: 4KB

.rdata Size: 8KB - Virtual size: 5KB

.idata Size: 4KB - Virtual size: 2KB

.edata Size: 4KB - Virtual size: 28KB

.text
Size: 4KB - Virtual size: 2KB

.sndata
Size: 52KB - Virtual size: 50KB

.tls
Size: 4KB - Virtual size: 4KB

.rdata
Size: 8KB - Virtual size: 5KB

.idata
Size: 4KB - Virtual size: 2KB

.edata
Size: 4KB - Virtual size: 28KB