3da001419034135ee4206728083821b8_JaffaCakes118

General

Target

3da001419034135ee4206728083821b8_JaffaCakes118
Size

44KB
MD5

3da001419034135ee4206728083821b8
SHA1

1d7751c68448aebfbe49f495ea4ebb3e7236a54e
SHA256

c4ba8cefb6d47ca904e245cf23e72c8dbe101b9ec1637fe3ca5b38cd9f3e842a
SHA512

630027b2322c64155f2b458fd63dccd4764f7f6eade3ddabc8212c2a4895f5681ceb62152cd10d38e23488fbb887b2e033d03469fa31ed97ee3d1ab9fa07a5f5
SSDEEP

768:WIrvmHwZ30VQdqgA3mILyCvyFBzIw5J8p4b:W0+HC30VQdbILh0P8p4b

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3da001419034135ee4206728083821b8_JaffaCakes118

Files

3da001419034135ee4206728083821b8_JaffaCakes118
.exe windows:4 windows x86 arch:x86

4d903ea19f500cb01da2587cbcadf0e2

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetFileType
GetStringTypeW
Sleep
lstrcpynA
GetCommandLineA
GetStringTypeA
CloseHandle
lstrlenA
GetLastError
GetCPInfo
SetLastError
HeapAlloc
GetFileAttributesA
WideCharToMultiByte
lstrcpyA
GlobalAlloc
GetStdHandle
GetModuleHandleA
GetDateFormatA
GetModuleFileNameA

advapi32

RegOpenKeyExA
RegOpenKeyExW
RegReplaceKeyW
RegReplaceKeyA
RegCreateKeyExA
RegQueryInfoKeyA
RegOpenKeyW
RegLoadKeyW
RegFlushKey
RegQueryValueA
RegDeleteValueW
RegEnumKeyExW
RegEnumKeyExA
RegQueryValueExA
RegOpenKeyA
RegCreateKeyExW
RegQueryValueExW
RegQueryValueW

comctl32

ImageList_Destroy
ImageList_DragMove
ImageList_EndDrag
ImageList_AddIcon
ImageList_GetIconSize
ImageList_Copy
ImageList_DragEnter
ImageList_LoadImage
ImageList_GetImageInfo
ImageList_ReplaceIcon
ImageList_DrawEx
ImageList_GetImageRect
ImageList_Create
ImageList_DragShowNolock
ImageList_Remove
InitCommonControls

user32

GetFocus
LoadCursorA
GetDlgItem
GetWindowTextLengthA
DrawTextW
DrawIcon
CopyIcon
CreateIcon
InsertMenuA
CloseWindow
CopyImage
AppendMenuA
DialogBoxParamA
IsMenu
DrawTextA
LoadMenuA
DialogBoxParamW
AppendMenuW

Sections

.text
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.ydata
Size: 25KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.hdata
Size: 3KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 1024B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.edata
Size: 1024B - Virtual size: 502B

IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

4d903ea19f500cb01da2587cbcadf0e2

Headers

File Characteristics

Imports

kernel32

advapi32

comctl32

user32

Sections

.text Size: 10KB - Virtual size: 9KB

.ydata Size: 25KB - Virtual size: 24KB

.hdata Size: 3KB - Virtual size: 6KB

.idata Size: 1024B - Virtual size: 1KB

.edata Size: 1024B - Virtual size: 502B

.text
Size: 10KB - Virtual size: 9KB

.ydata
Size: 25KB - Virtual size: 24KB

.hdata
Size: 3KB - Virtual size: 6KB

.idata
Size: 1024B - Virtual size: 1KB

.edata
Size: 1024B - Virtual size: 502B