38bc957801a8a8890803e44c8e5e66c0_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

38bc957801a8a8890803e44c8e5e66c0_JaffaCakes118
Size

59KB
MD5

38bc957801a8a8890803e44c8e5e66c0
SHA1

b4bcc4f310e1e6f1c1b619038c3507586a071175
SHA256

17fe135445789470cd288c26e763cb0290aea4dfd1a56856dedfeafeb7a3f41d
SHA512

bbd03297d195b1a5a0b59db6dbb89c7c64456008895fdf34a76d2fa05b1d244f0341e3437343f3df357581440d734f06bdfdd5eb9cb8f371517dd227a96c7e4b
SSDEEP

1536:AXMMMbR1Zkey9ARTWgxaXHKU8Ji5yzfLhQL7XiFLCu2GU4mEYU:AXMMM1v3PRZ4XP+SKl6GFL92FU

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
38bc957801a8a8890803e44c8e5e66c0_JaffaCakes118

Files

38bc957801a8a8890803e44c8e5e66c0_JaffaCakes118
.exe windows:4 windows x86 arch:x86

25d4a444137a9229bf42ff5c19193198

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetConsoleMode
WriteFile
CopyFileA
ReadConsoleA
DeleteFileW
DeleteFileA
CopyFileW
CopyFileExW
CopyFileExA
GetFileTime
GetFileSize
CreateThread
CreateProcessA
GetLastError
GetCommandLineA
OpenFileMappingA
ReadFile
GetComputerNameA
DeleteAtom
SetLastError
CreateDirectoryA
OpenFile
FindFirstFileA
FindAtomA

advapi32

RegOpenKeyA
RegReplaceKeyA
RegQueryValueW
RegDeleteKeyA
RegEnumKeyExW
RegReplaceKeyW
RegOpenKeyExA
RegEnumValueW
RegCreateKeyW
RegQueryValueA
RegOpenKeyExW
RegOpenKeyW
RegCreateKeyExW
RegLoadKeyW
RegDeleteKeyW
RegEnumKeyA
RegFlushKey
RegGetKeySecurity
RegQueryValueExW
RegDeleteValueW
RegCreateKeyExA
RegEnumKeyW
RegDeleteValueA
RegLoadKeyA

gdi32

CloseMetaFile
ExcludeClipRect
AddFontResourceW
CloseFigure
DeleteObject
SetTextColor
GetBitmapBits
AddFontResourceExW
DeleteDC
CancelDC
CreateSolidBrush
BeginPath
ClearBitmapAttributes
GetBrushOrgEx
ClearBrushAttributes
AddFontMemResourceEx
AddFontResourceA

user32

DialogBoxParamA
InsertMenuA
BlockInput
DrawIconEx
IsMenu
GetWindowTextA
AppendMenuA
CopyImage
CopyIcon
IsWindow
DrawTextW
AlignRects
GetCursor
AppendMenuW
EndDialog
LoadCursorA
CloseWindow
GetFocus

comctl32

ImageList_AddMasked
ImageList_Destroy
ImageList_GetImageInfo
ImageList_DragMove
ImageList_DragEnter
ImageList_GetIcon
ImageList_Draw
ImageList_EndDrag
ImageList_LoadImageW
ImageList_AddIcon
ImageList_GetIconSize
ImageList_LoadImage
ImageList_DrawEx
ImageList_DragLeave
ImageList_Create
ImageList_Merge
ImageList_Replace

Sections

.text
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 50KB - Virtual size: 149KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 287B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: - Virtual size: 453B

IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

25d4a444137a9229bf42ff5c19193198

Headers

File Characteristics

Imports

kernel32

advapi32

gdi32

user32

comctl32

Sections

.text Size: 5KB - Virtual size: 4KB

.rdata Size: 3KB - Virtual size: 2KB

.data Size: 50KB - Virtual size: 149KB

.rsrc Size: 512B - Virtual size: 287B

.reloc Size: - Virtual size: 453B

.text
Size: 5KB - Virtual size: 4KB

.rdata
Size: 3KB - Virtual size: 2KB

.data
Size: 50KB - Virtual size: 149KB

.rsrc
Size: 512B - Virtual size: 287B

.reloc
Size: - Virtual size: 453B