2d3898681bb1655eae078ab297aa8b51_JaffaCakes118

General

Target

2d3898681bb1655eae078ab297aa8b51_JaffaCakes118
Size

89KB
MD5

2d3898681bb1655eae078ab297aa8b51
SHA1

54c79161820813ac1b86a2ef091a8599c5c2fdb0
SHA256

2ce366192b3b03e3c14939159bc18042b96199a1e4ad287ad785dbb398e3f91b
SHA512

ba1a654ac52ee188dc677f3ad99918cc9a402990d44c3688c4de0fb11b6d8bc854a1c6c383718e02ce80b1c1a024042d672600f2a045da3fffad61fc5f3d9769
SSDEEP

1536:i1yhGafPgBQFRwoMbJT9AFWk+9EIegoY9eVDxxkgbU/jF:iwGafAoMbJTG/8EDgUVckU/x

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2d3898681bb1655eae078ab297aa8b51_JaffaCakes118

Files

2d3898681bb1655eae078ab297aa8b51_JaffaCakes118
.exe windows:4 windows x86 arch:x86

293546e42753098fc3e2dca75dc26cdf

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetModuleHandleA
lstrcatA
GetCommandLineA
GetStdHandle
GetDateFormatA
lstrcpynA
DeleteFileA
FreeLibrary
GlobalFree
GetStringTypeA
lstrcmpA
lstrlenA
GetLocalTime
GetStringTypeW
lstrcpyA
CloseHandle
GetFileAttributesA
HeapAlloc
HeapFree

advapi32

RegOpenKeyW
RegReplaceKeyW
RegDeleteKeyA
RegFlushKey
RegQueryInfoKeyW
RegCreateKeyExW
RegQueryValueA
RegEnumKeyExA
RegEnumValueW
RegLoadKeyA
RegDeleteValueW
RegGetKeySecurity
RegOpenKeyExW
RegEnumKeyW
RegQueryValueExW
RegDeleteKeyW

user32

CloseWindow
GetWindowTextA
DrawTextW
EndDialog
AlignRects
GetWindowTextLengthA
CalcMenuBar
GetDC
InsertMenuA
DrawIcon
IsWindow
DrawIconEx
AppendMenuA
LoadCursorA
BlockInput
DrawTextA
CreateIcon
IsMenu

comctl32

ImageList_AddMasked
ImageList_DragMove
ImageList_GetIconSize
InitCommonControls
ImageList_Copy
ImageList_EndDrag
ImageList_LoadImageA
ImageList_Draw
ImageList_GetImageCount
ImageList_GetDragImage
ImageList_Create
ImageList_DrawEx
ImageList_DrawIndirect
ImageList_Destroy
ImageList_Read
ImageList_Replace
ImageList_GetImageInfo
ImageList_Merge
ImageList_DragEnter
ImageList_Remove

Sections

.PEypE
Size: 15KB - Virtual size: 14KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.BpRCX
Size: 67KB - Virtual size: 66KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.aLwnl
Size: 512B - Virtual size: 160KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.mXQX
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

293546e42753098fc3e2dca75dc26cdf

Headers

File Characteristics

Imports

kernel32

advapi32

user32

comctl32

Sections

.PEypE Size: 15KB - Virtual size: 14KB

.BpRCX Size: 67KB - Virtual size: 66KB

.aLwnl Size: 512B - Virtual size: 160KB

.mXQX Size: 2KB - Virtual size: 2KB

.PEypE
Size: 15KB - Virtual size: 14KB

.BpRCX
Size: 67KB - Virtual size: 66KB

.aLwnl
Size: 512B - Virtual size: 160KB

.mXQX
Size: 2KB - Virtual size: 2KB