354482fd41b1f46d8229a1d24b9e8318_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

354482fd41b1f46d8229a1d24b9e8318_JaffaCakes118
Size

72KB
MD5

354482fd41b1f46d8229a1d24b9e8318
SHA1

fcbbcb0e74c14437e6a498071d7f8bfc11a5d9de
SHA256

c841702f81b58be0b8c29944d694991a9dd150b304b9bb331dc03d77f2e80470
SHA512

4d49bb234eafaf6cf80ccd1bf17a57db82654af7fae8aa10a5bdcf2b2883b6e1648136104e8d73f94f8b6079cccd6275f4b9d7a9277e9f60abea780acffaee86
SSDEEP

1536:Ny2cle/n3kx8Ju8YVp0f3UDsej4kqt0oVFObQA7La7hPnam:PRneYvY63UDs4DqK/7La7hz

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
354482fd41b1f46d8229a1d24b9e8318_JaffaCakes118

Files

354482fd41b1f46d8229a1d24b9e8318_JaffaCakes118
.exe windows:4 windows x86 arch:x86

5f786cc0f9dd3cfaf4eb223a37973e05

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

comctl32

ImageList_Read
ImageList_Destroy
ImageList_Create
ImageList_AddMasked
ImageList_GetDragImage
ImageList_DragShowNolock
ImageList_GetImageCount
ImageList_Replace
ImageList_DragLeave
ImageList_GetIcon
ImageList_Draw
ImageList_LoadImage
InitCommonControls
ImageList_DrawEx
ImageList_GetIconSize
ImageList_Remove
ImageList_LoadImageW
ImageList_DragMove
ImageList_EndDrag
ImageList_LoadImageA
ImageList_ReplaceIcon

gdi32

DeleteDC
AddFontResourceExA
CloseFigure
SetTextColor
GetBitmapBits
GetBrushOrgEx
GetPixel
GetCurrentPositionEx
AddFontResourceA
AddFontResourceExW
GetPixel
AddFontMemResourceEx
GetClipBox
AddFontResourceTracking
ClearBitmapAttributes
AddFontResourceW
ExtTextOutA
DeleteObject
BitBlt
CopyMetaFileA

user32

CreateIcon
BlockInput
CopyIcon
GetMenu
DrawIcon
InsertMenuA
AlignRects
LoadMenuA
EndDialog
GetWindowTextA
GetDlgItem
AppendMenuW
CloseWindow
GetDC
CopyImage
DrawIconEx
AppendMenuA
DialogBoxParamW
DrawTextW
GetCursor

kernel32

CopyFileExW
ReadFile
CopyFileW
GetStdHandle
FindFirstFileA
FindAtomA
GetConsoleMode
CreateProcessA
CreateThread
DeleteFileA
CopyFileExA
Sleep
GetLastError
GetCommandLineA
DeleteAtom
GetCPInfo
CreateDirectoryA
GetComputerNameA
WriteFile
SetLastError
CopyFileA

advapi32

RegDeleteValueW
RegOpenKeyExW
RegEnumKeyExA
RegQueryValueExA
RegQueryValueW
RegQueryInfoKeyW
RegCreateKeyExW
RegReplaceKeyW
RegDeleteValueA
RegReplaceKeyA
RegDeleteKeyW
RegEnumValueW
RegLoadKeyA
RegDeleteKeyA
RegCreateKeyExA
RegCreateKeyW
RegQueryValueA
RegEnumKeyW
RegQueryValueExW

Sections

.text
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 62KB - Virtual size: 115KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: - Virtual size: 3KB

IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

5f786cc0f9dd3cfaf4eb223a37973e05

Headers

File Characteristics

Imports

comctl32

gdi32

user32

kernel32

advapi32

Sections

.text Size: 4KB - Virtual size: 3KB

.rdata Size: 3KB - Virtual size: 2KB

.data Size: 62KB - Virtual size: 115KB

.reloc Size: - Virtual size: 3KB

.rsrc Size: 1KB - Virtual size: 1KB

.text
Size: 4KB - Virtual size: 3KB

.rdata
Size: 3KB - Virtual size: 2KB

.data
Size: 62KB - Virtual size: 115KB

.reloc
Size: - Virtual size: 3KB

.rsrc
Size: 1KB - Virtual size: 1KB