3208c7aa7b6d7760f1991ffa3f0e9617_JaffaCakes118

General

Target

3208c7aa7b6d7760f1991ffa3f0e9617_JaffaCakes118
Size

82KB
MD5

3208c7aa7b6d7760f1991ffa3f0e9617
SHA1

eff7ccc58b8c18ad9bb1feb2dd3ba2656d5c15ac
SHA256

353eda640626866b41fbdf64598b7b619166ffe6860a547fb2aa3c14cd45e034
SHA512

1e1c6c46634f7dea85de5b61579402ccba34fba3543a287596934afc2b35f199067550752bccf0e62e8619a8ce7d429c5010b43f448596620959266dd24e46b7
SSDEEP

1536:d//cDSpOxA1iM3fpMSyWVQglk8br4yE2sh6BQpR:d//c3A1imflyWVPfMFR

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3208c7aa7b6d7760f1991ffa3f0e9617_JaffaCakes118

Files

3208c7aa7b6d7760f1991ffa3f0e9617_JaffaCakes118
.exe windows:4 windows x86 arch:x86

361d8b04be7f3e1610c52e999f8b4466

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

comctl32

ImageList_ReplaceIcon
ImageList_DragEnter
ImageList_AddMasked
ImageList_Destroy
ImageList_GetImageRect
ImageList_Remove
ImageList_DragLeave
ImageList_GetImageCount
ImageList_Read
ImageList_Merge
ImageList_DragMove
ImageList_DrawIndirect
ImageList_GetIcon
ImageList_GetIconSize
ImageList_BeginDrag
ImageList_Draw
ImageList_DragShowNolock
ImageList_GetDragImage

user32

DrawTextA
CopyImage
DrawIcon
InsertMenuA
GetWindowTextLengthA
DrawTextW
LoadMenuA
EndDialog
CloseWindow
CopyIcon
IsMenu
CalcMenuBar
GetMenu
GetDlgItem
CopyRect
GetCursor

advapi32

RegQueryValueW
RegCreateKeyExW
RegReplaceKeyW
RegEnumKeyExW
RegEnumValueW
RegCreateKeyW
RegDeleteValueW
RegQueryInfoKeyA
RegOpenKeyExW
RegOpenKeyW
RegFlushKey
RegDeleteKeyW
RegDeleteKeyA
RegEnumKeyExA
RegEnumKeyA
RegCreateKeyExA
RegQueryValueA
RegQueryValueExA
RegOpenKeyA
RegDeleteValueA

kernel32

CloseHandle
GetLocalTime
GetModuleFileNameA
GetFileSize
GetStringTypeW
FreeLibrary
lstrcmpA
GetFileType
lstrcpyA
GetFileAttributesA
HeapAlloc
GlobalFree
HeapFree
lstrlenA
SetLastError
GetStringTypeA

Sections

.text
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.idata
Size: 67KB - Virtual size: 67KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.qdata
Size: 1024B - Virtual size: 98KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.GhrgmJ
Size: - Virtual size: 1KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ

.lgKVvA
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

361d8b04be7f3e1610c52e999f8b4466

Headers

File Characteristics

Imports

comctl32

user32

advapi32

kernel32

Sections

.text Size: 6KB - Virtual size: 5KB

.idata Size: 67KB - Virtual size: 67KB

.qdata Size: 1024B - Virtual size: 98KB

.GhrgmJ Size: - Virtual size: 1KB

.lgKVvA Size: 3KB - Virtual size: 3KB

.text
Size: 6KB - Virtual size: 5KB

.idata
Size: 67KB - Virtual size: 67KB

.qdata
Size: 1024B - Virtual size: 98KB

.GhrgmJ
Size: - Virtual size: 1KB

.lgKVvA
Size: 3KB - Virtual size: 3KB