2ecab180d01f214390598508e86e1620_JaffaCakes118

General

Target

2ecab180d01f214390598508e86e1620_JaffaCakes118
Size

84KB
MD5

2ecab180d01f214390598508e86e1620
SHA1

dd98f4ab5cfb826c4791ff519754224e420f0fcf
SHA256

adc1121b453807455f0e571384dcfc2ea5ce388e39bb99924d1053037d46cb0e
SHA512

222fe9460645617bb2531380deb7c741b1bcdb1fbffda39433cc976477a5b7e5ca50f450f7681d44175cb77a428997b158c2112bc3d93e29d9a875f82d1a25ce
SSDEEP

1536:rukFnkjJa6q14sgiO3HVXGO8LZLoGjxK8:qi9Jgio14Lhv

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2ecab180d01f214390598508e86e1620_JaffaCakes118

Files

2ecab180d01f214390598508e86e1620_JaffaCakes118
.exe windows:4 windows x86 arch:x86

2ba27f20e93ace63aec2158b5ffdfa99

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RegEnumKeyA
RegGetKeySecurity
RegLoadKeyA
RegEnumValueW
RegReplaceKeyW
RegDeleteKeyW
RegEnumKeyExW
RegDeleteValueA
RegDeleteKeyA
RegOpenKeyA
RegLoadKeyW
RegEnumValueA
RegOpenKeyW
RegReplaceKeyA
RegQueryInfoKeyW
RegEnumKeyExA
RegEnumKeyW

kernel32

GetStringTypeW
GlobalAlloc
lstrcmpA
HeapFree
GetFullPathNameA
GetModuleHandleA
lstrlenA
GetFileAttributesA
SetLastError
GetLocalTime
GetStdHandle
lstrcatA
Sleep
GlobalFree
GetCPInfo
GetLastError
DeleteFileA
lstrcmpiA
GetCommandLineA

comctl32

ImageList_LoadImageA
ImageList_Remove
ImageList_GetImageCount
ImageList_AddMasked
ImageList_Destroy
ImageList_EndDrag
ImageList_BeginDrag
InitCommonControls
ImageList_GetDragImage
ImageList_GetImageInfo
ImageList_ReplaceIcon
ImageList_Copy
ImageList_Create
ImageList_GetIconSize
ImageList_DrawEx
ImageList_DragMove
ImageList_Replace

user32

BlockInput
DrawTextW
AppendMenuW
EndDialog
DialogBoxParamA
CopyIcon
AppendMenuA
DrawIconEx
GetCursor
GetWindowTextA
CloseWindow
CopyRect
AlignRects
GetMenu
DialogBoxParamW
InsertMenuA
LoadCursorA
DrawIcon

Sections

.text
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 64KB - Virtual size: 60KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 4KB - Virtual size: 66KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 561B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

2ba27f20e93ace63aec2158b5ffdfa99

Headers

File Characteristics

Imports

advapi32

kernel32

comctl32

user32

Sections

.text Size: 8KB - Virtual size: 4KB

.data Size: 64KB - Virtual size: 60KB

.rdata Size: 4KB - Virtual size: 66KB

.rsrc Size: 4KB - Virtual size: 561B

.text
Size: 8KB - Virtual size: 4KB

.data
Size: 64KB - Virtual size: 60KB

.rdata
Size: 4KB - Virtual size: 66KB

.rsrc
Size: 4KB - Virtual size: 561B