2a6b57479140ec2414615ad4829b0cf7_JaffaCakes118

General

Target

2a6b57479140ec2414615ad4829b0cf7_JaffaCakes118
Size

89KB
MD5

2a6b57479140ec2414615ad4829b0cf7
SHA1

3d9adf66d521542525b6b45699fd61fdcf6d1a0b
SHA256

9e92505c0c9ec6edf8bc4fc36c9e30396d7934a214581a8e20c93fcd4918c72b
SHA512

77d1b3093fcc39036e2bc1f34274bcb8e04171dea5d5f147e16bb8153e6d02d3a685b98f865098cb760d4ba8b225f2f5c3f4dac47501e7b5ebda367829c1394a
SSDEEP

1536:i1yhGafPgBQFRwoMbJT9AFWk+9EIegoY9eVDxxkgbU/jq:iwGafAoMbJTG/8EDgUVckU/2

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2a6b57479140ec2414615ad4829b0cf7_JaffaCakes118

Files

2a6b57479140ec2414615ad4829b0cf7_JaffaCakes118
.exe windows:4 windows x86 arch:x86

293546e42753098fc3e2dca75dc26cdf

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetModuleHandleA
lstrcatA
GetCommandLineA
GetStdHandle
GetDateFormatA
lstrcpynA
DeleteFileA
FreeLibrary
GlobalFree
GetStringTypeA
lstrcmpA
lstrlenA
GetLocalTime
GetStringTypeW
lstrcpyA
CloseHandle
GetFileAttributesA
HeapAlloc
HeapFree

advapi32

RegOpenKeyW
RegReplaceKeyW
RegDeleteKeyA
RegFlushKey
RegQueryInfoKeyW
RegCreateKeyExW
RegQueryValueA
RegEnumKeyExA
RegEnumValueW
RegLoadKeyA
RegDeleteValueW
RegGetKeySecurity
RegOpenKeyExW
RegEnumKeyW
RegQueryValueExW
RegDeleteKeyW

user32

CloseWindow
GetWindowTextA
DrawTextW
EndDialog
AlignRects
GetWindowTextLengthA
CalcMenuBar
GetDC
InsertMenuA
DrawIcon
IsWindow
DrawIconEx
AppendMenuA
LoadCursorA
BlockInput
DrawTextA
CreateIcon
IsMenu

comctl32

ImageList_AddMasked
ImageList_DragMove
ImageList_GetIconSize
InitCommonControls
ImageList_Copy
ImageList_EndDrag
ImageList_LoadImageA
ImageList_Draw
ImageList_GetImageCount
ImageList_GetDragImage
ImageList_Create
ImageList_DrawEx
ImageList_DrawIndirect
ImageList_Destroy
ImageList_Read
ImageList_Replace
ImageList_GetImageInfo
ImageList_Merge
ImageList_DragEnter
ImageList_Remove

Sections

.PEypE
Size: 15KB - Virtual size: 14KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.BpRCX
Size: 67KB - Virtual size: 66KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.aLwnl
Size: 512B - Virtual size: 160KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.mXQX
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

293546e42753098fc3e2dca75dc26cdf

Headers

File Characteristics

Imports

kernel32

advapi32

user32

comctl32

Sections

.PEypE Size: 15KB - Virtual size: 14KB

.BpRCX Size: 67KB - Virtual size: 66KB

.aLwnl Size: 512B - Virtual size: 160KB

.mXQX Size: 2KB - Virtual size: 2KB

.PEypE
Size: 15KB - Virtual size: 14KB

.BpRCX
Size: 67KB - Virtual size: 66KB

.aLwnl
Size: 512B - Virtual size: 160KB

.mXQX
Size: 2KB - Virtual size: 2KB