297fa604414020bd9e7dece2e759b2f3_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

297fa604414020bd9e7dece2e759b2f3_JaffaCakes118
Size

1.4MB
MD5

297fa604414020bd9e7dece2e759b2f3
SHA1

c7b32ef6d6622e656b0517cbe0ad178e7198b0d5
SHA256

84c5d7c5d86e2c08f31028d777717a0b4c76cd8adfedb50745d49323943362a9
SHA512

6b25772345fd3ca68be45c04b6c1de079cdbfa4ede15a49d6163f01b8ab40551d514d90d4991da7d0b513f8ea79b0a48a0731643d2f66ffbd1033825354de66d
SSDEEP

24576:iAe5yPaGeI1x7pyaldinqeG8AADlEr3JAwgLtnkyWmk45nux/UQ0qdnegcL:v5aGeIvpyMdiqebxEr3JAwgLtkyWmk4b

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
297fa604414020bd9e7dece2e759b2f3_JaffaCakes118

Files

297fa604414020bd9e7dece2e759b2f3_JaffaCakes118
.exe windows:4 windows x86 arch:x86

cce7d65b3fffb0497dbfaf6368b10569

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

comctl32

ImageList_GetImageCount
ImageList_Replace
ImageList_DragEnter
ImageList_DragShowNolock
ImageList_Remove
ImageList_GetIcon
ImageList_LoadImage
ImageList_ReplaceIcon
ImageList_Copy
ImageList_DragLeave
ImageList_BeginDrag
ImageList_AddIcon
ImageList_GetDragImage
ImageList_DragMove
ImageList_Merge
ImageList_DrawEx
ImageList_Draw
ImageList_Read
ImageList_EndDrag
ImageList_DrawIndirect
ImageList_DragShowNolock
ImageList_Remove
ImageList_GetIcon
ImageList_Destroy
ImageList_DragMove
InitCommonControls
ImageList_DragLeave
ImageList_Create
ImageList_ReplaceIcon
ImageList_EndDrag
ImageList_GetIconSize
ImageList_LoadImage
ImageList_Merge
ImageList_LoadImageA
ImageList_DragEnter

user32

GetFocus
IsWindow
GetWindowTextLengthA
LoadCursorA
AppendMenuW
DrawIcon
DrawTextW
CopyRect
GetWindowTextA
DialogBoxParamW
AppendMenuA
BlockInput
CalcMenuBar
GetCursor
CopyImage
DrawIconEx
LoadMenuA

kernel32

GlobalFree
FindAtomA
FindFirstFileA
SetLastError
GetLastError
OpenFileMappingA
CopyFileExW
GetCommandLineA
ReadConsoleA
GetFileTime
DeleteFileA
ExitThread
CreateDirectoryA
GetComputerNameA
WriteFile
CreateThread
DeleteFileA
CreateProcessA
ReadConsoleA
FindAtomA
GetCommandLineA
CreateDirectoryA
OpenFile
CopyFileA
GetComputerNameA
DeleteAtom
ExitThread
GetLastError
SetLastError
Sleep
GetConsoleMode
WriteFile
CopyFileExW
DeleteAtom
CopyFileExW
DeleteFileA
CreateProcessA
ReadFile
CreateThread
GetComputerNameA
GlobalFree
WriteFile
DeleteFileW
GetStdHandle
GetLastError
CopyFileW
GetFileSize
GetCPInfo
ExitThread
CopyFileExA
OpenFile
GetFileTime

Sections

.text
Size: 196KB - Virtual size: 194KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1.2MB - Virtual size: 4.5MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 4KB - Virtual size: 87B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 4KB - Virtual size: 24B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 871B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 24KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

cce7d65b3fffb0497dbfaf6368b10569

Headers

File Characteristics

Imports

comctl32

user32

kernel32

Sections

.text Size: 196KB - Virtual size: 194KB

.rdata Size: 8KB - Virtual size: 6KB

.data Size: 1.2MB - Virtual size: 4.5MB

.tls Size: 4KB - Virtual size: 87B

.rdata Size: 4KB - Virtual size: 24B

.idata Size: 4KB - Virtual size: 3KB

.reloc Size: 4KB - Virtual size: 871B

.rsrc Size: 24KB - Virtual size: 23KB

.text
Size: 196KB - Virtual size: 194KB

.rdata
Size: 8KB - Virtual size: 6KB

.data
Size: 1.2MB - Virtual size: 4.5MB

.tls
Size: 4KB - Virtual size: 87B

.rdata
Size: 4KB - Virtual size: 24B

.idata
Size: 4KB - Virtual size: 3KB

.reloc
Size: 4KB - Virtual size: 871B

.rsrc
Size: 24KB - Virtual size: 23KB