2f4fdd9acf807be1d299f08671076dd9_JaffaCakes118

General

Target

2f4fdd9acf807be1d299f08671076dd9_JaffaCakes118
Size

48KB
MD5

2f4fdd9acf807be1d299f08671076dd9
SHA1

6875aef45bdcb4f1919a2ee2168babd3f25d8da2
SHA256

af5fb8ba777045d989ea7655790670542a3542a59a18c44e57befe16d327bfa9
SHA512

68054fb27db69e9e229fb184b349141f37ea3f16765d68d6d22472582579ef08ce58525939a1996044aebc71b7d622990f41afd9b55995d2ee8a49094b33549f
SSDEEP

1536:kBPmMHcRStcT7Ua1mDPWdSgZqaJ/wyqHS:c7HcwyPU5rgZ5J/qHS

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2f4fdd9acf807be1d299f08671076dd9_JaffaCakes118

Files

2f4fdd9acf807be1d299f08671076dd9_JaffaCakes118
.exe windows:4 windows x86 arch:x86

35c2295b61de5cab69c64f13f95e42ff

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetStartupInfoA
CreateFileA
GetStringTypeW
lstrcatA
SetHandleCount
lstrcpynA
GetACP
LCMapStringA
WriteFile
TerminateProcess
GetCurrentProcess
LCMapStringW
GetStringTypeA
GetOEMCP
GetVersion
GetCPInfo
MultiByteToWideChar
SetFilePointer
GetCommandLineA
GetModuleFileNameA
GetStdHandle
lstrcpyA
GetFileType
lstrcpynW

user32

CopyRect
DrawIcon
DrawIconEx
IsMenu
DrawTextW
GetFocus
InsertMenuA
CopyImage
IsWindow
GetMenu
CloseWindow
CopyIcon
GetWindowTextA
LoadCursorA
GetDlgItem
CreateIcon
EndDialog
GetCursor
DrawTextA
DialogBoxParamA
LoadMenuA
GetDC
GetWindowTextLengthA
DialogBoxParamW

comctl32

MenuHelp
InitCommonControls
DrawStatusText
ImageList_DragEnter
ImageList_GetIcon
ImageList_EndDrag
ImageList_GetIconSize
DllGetVersion
ImageList_Create
CreateToolbar

advapi32

RegEnumKeyW
RegSetValueW
RegCreateKeyExW
RegEnumKeyExA
RegQueryValueExW
RegEnumValueA
RegDeleteKeyW
RegQueryValueExA
RegQueryValueA
RegDeleteValueW

Sections

.text
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 42KB - Virtual size: 16.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

35c2295b61de5cab69c64f13f95e42ff

Headers

File Characteristics

Imports

kernel32

user32

comctl32

advapi32

Sections

.text Size: 2KB - Virtual size: 2KB

.rdata Size: 2KB - Virtual size: 1KB

.data Size: 42KB - Virtual size: 16.6MB

.text
Size: 2KB - Virtual size: 2KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 42KB - Virtual size: 16.6MB