35c3fbb58d64c0a6e7024bed53275408_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

35c3fbb58d64c0a6e7024bed53275408_JaffaCakes118
Size

112KB
MD5

35c3fbb58d64c0a6e7024bed53275408
SHA1

7387e1583a06d533eaffd2ca90e679328a6ad5af
SHA256

34b82e3906cb1539f3a36a585798e505bda346814cd9ef986993d7714c630546
SHA512

e70307534300e6493bf618ac23c07713e0f1b9af47740583b37ca2baf4f33994f2911a03903a8edc38aaf2cd885d076fabbfbe0a418d489f4168611b52247c61
SSDEEP

1536:NqaaWEF5h22uPp40NHPgMC3h5fsadbEKPBOpBIHx14:QVWECa0NHhC3f0UYmB6B

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
35c3fbb58d64c0a6e7024bed53275408_JaffaCakes118

Files

35c3fbb58d64c0a6e7024bed53275408_JaffaCakes118
.exe windows:4 windows x86 arch:x86

331d9f188058db17c6f6626ef2c1d1df

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RegDeleteKeyA
RegQueryValueExW
RegEnumValueA
RegEnumKeyExA
RegReplaceKeyA
RegLoadKeyW
RegCreateKeyExA
RegQueryValueExA
RegQueryInfoKeyW
RegDeleteKeyW
RegCreateKeyExW
RegGetKeySecurity
RegQueryValueW
RegCreateKeyW
RegReplaceKeyW
RegEnumKeyW
RegOpenKeyExW
RegFlushKey

user32

GetWindowTextLengthA
EndDialog
CopyIcon
DialogBoxParamA
CopyRect
AppendMenuW
LoadMenuA
LoadCursorA
AppendMenuA
GetDlgItem
GetWindowTextLengthA
GetWindowTextA
GetDC
IsMenu
GetDlgItem
GetCursor
DrawIcon
DialogBoxParamW
DialogBoxParamA
CreateIcon
EndDialog
CopyImage
InsertMenuA
DrawTextA
CopyIcon
CalcMenuBar
CopyRect
GetMenu
CloseWindow
GetFocus
IsWindow
DrawTextW
AlignRects
CopyIcon
CreateIcon
GetDC
GetWindowTextA
DialogBoxParamA
GetCursor
GetWindowTextLengthA
DrawIconEx
EndDialog
LoadMenuA
BlockInput
IsMenu
GetDlgItem
AlignRects
CopyImage
GetMenu
GetWindowTextA
DrawIconEx
GetFocus
EndDialog
AppendMenuW
DrawTextA
GetDC
AppendMenuA
IsWindow
CreateIcon
DialogBoxParamA
DialogBoxParamW
LoadCursorA
DrawTextW

kernel32

ReadConsoleA
FindAtomA
ReadFile
GetFileTime
DeleteAtom
GetComputerNameA
CopyFileExW
CopyFileA
SetLastError
OpenFile
FindFirstFileA
DeleteFileW
WriteFile
GetLastError
OpenFileMappingA
CreateProcessA
GetCPInfo
GlobalFree
GetLastError
DeleteFileW
FindFirstFileA
CreateThread
CreateDirectoryA
ReadFile
FindAtomA
GetCPInfo
Sleep
CopyFileExW
ReadConsoleA
SetLastError
GetConsoleMode
OpenFile
FindFirstFileA
FindAtomA
ExitThread
DeleteAtom
GetLastError
ReadFile
GlobalFree
GetCPInfo
CreateDirectoryA
DeleteFileW
GetFileTime
GetCommandLineA
SetLastError
GetComputerNameA

Sections

.text
Size: 20KB - Virtual size: 19KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 68KB - Virtual size: 66KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 4KB - Virtual size: 41KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

331d9f188058db17c6f6626ef2c1d1df

Headers

File Characteristics

Imports

advapi32

user32

kernel32

Sections

.text Size: 20KB - Virtual size: 19KB

.data Size: 68KB - Virtual size: 66KB

.tls Size: 4KB - Virtual size: 4KB

.rdata Size: 8KB - Virtual size: 6KB

.idata Size: 4KB - Virtual size: 3KB

.rsrc Size: 4KB - Virtual size: 41KB

.text
Size: 20KB - Virtual size: 19KB

.data
Size: 68KB - Virtual size: 66KB

.tls
Size: 4KB - Virtual size: 4KB

.rdata
Size: 8KB - Virtual size: 6KB

.idata
Size: 4KB - Virtual size: 3KB

.rsrc
Size: 4KB - Virtual size: 41KB