326fc9e5e658d353f220ce3d02521c8b_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

326fc9e5e658d353f220ce3d02521c8b_JaffaCakes118
Size

72KB
MD5

326fc9e5e658d353f220ce3d02521c8b
SHA1

51508c55d2ba09e110f410c03b80c552baa13219
SHA256

5572cfe571ac8dfeeeb062afccd0e65423aa0a840cdd024659d7e263851824bb
SHA512

97f64570b9d8f0e904b72565a334eba24cae943ec5a7cc6039eabd5699e65b61aa550629da5338e8376886345c1a9e80c5a72e8cd8bb924c4d927c0f8a9fafec
SSDEEP

1536:/2smFs/8abxWMXfUoRAGzOMp0VtwZLQ3vJHu:mGNHRAGb0wZLQ3vVu

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
326fc9e5e658d353f220ce3d02521c8b_JaffaCakes118

Files

326fc9e5e658d353f220ce3d02521c8b_JaffaCakes118
.exe windows:4 windows x86 arch:x86

609a7c80d0cdaa27b7cf9a8a8ba800a3

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ReadConsoleA
DeleteFileW
ExitThread
GetLastError
ReadFile
DeleteAtom
CreateDirectoryA
GetCommandLineA
GetCPInfo
Sleep
GetFileTime
DeleteFileA
SetLastError
CopyFileA
OpenFileMappingA
OpenFile
CopyFileW
GetComputerNameA
WriteFile
FindAtomA

advapi32

RegCreateKeyExW
RegQueryInfoKeyW
RegLoadKeyA
RegQueryValueA
RegEnumKeyA
RegEnumKeyExA
RegQueryValueExA
RegDeleteKeyA
RegEnumValueW
RegDeleteValueA
RegQueryValueW
RegDeleteKeyW
RegDeleteValueW
RegEnumKeyW
RegOpenKeyExA
RegEnumKeyExW
RegLoadKeyW
RegFlushKey
RegQueryInfoKeyA

gdi32

AddFontMemResourceEx
CreateSolidBrush
GetPixel
GetPixel
ExcludeClipRect
CloseMetaFile
ClearBrushAttributes
CloseFigure
SetTextColor
AddFontResourceExW
GetBrushOrgEx
RestoreDC
CopyMetaFileA
DeleteObject
ClearBitmapAttributes
AddFontResourceExA
CancelDC
AbortPath
GetClipBox
BitBlt
AddFontResourceTracking

user32

GetDlgItem
EndDialog
CopyRect
GetCursor
DrawIconEx
GetWindowTextLengthA
GetDC
AlignRects
InsertMenuA
LoadCursorA
DialogBoxParamW
DialogBoxParamA
CopyIcon
AppendMenuW
GetMenu
CreateIcon
DrawTextA
CloseWindow
DrawTextW

comctl32

ImageList_Merge
ImageList_GetImageRect
ImageList_LoadImageA
ImageList_GetDragImage
ImageList_DragLeave
ImageList_LoadImage
ImageList_GetImageCount
ImageList_Destroy
ImageList_Read
ImageList_AddIcon
ImageList_DragEnter
ImageList_BeginDrag
ImageList_GetIcon
InitCommonControls
ImageList_GetImageInfo
ImageList_DragShowNolock
ImageList_DrawIndirect
ImageList_DragMove
ImageList_LoadImageW
ImageList_Copy
ImageList_Draw

Sections

.text
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 62KB - Virtual size: 142KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 274B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

609a7c80d0cdaa27b7cf9a8a8ba800a3

Headers

File Characteristics

Imports

kernel32

advapi32

gdi32

user32

comctl32

Sections

.text Size: 5KB - Virtual size: 4KB

.rdata Size: 3KB - Virtual size: 2KB

.data Size: 62KB - Virtual size: 142KB

.reloc Size: - Virtual size: 1KB

.rsrc Size: 512B - Virtual size: 274B

.text
Size: 5KB - Virtual size: 4KB

.rdata
Size: 3KB - Virtual size: 2KB

.data
Size: 62KB - Virtual size: 142KB

.reloc
Size: - Virtual size: 1KB

.rsrc
Size: 512B - Virtual size: 274B