3e7c4a1a5bb3a0454c2a8e0a4e22a146_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

3e7c4a1a5bb3a0454c2a8e0a4e22a146_JaffaCakes118
Size

84KB
MD5

3e7c4a1a5bb3a0454c2a8e0a4e22a146
SHA1

1acb5901449b4d1bf6122a3a74581cef808ac992
SHA256

f0a7ed312b4159c513b3f2501fc90ff751cc035f92ed1bcf31a26d9f0ec3cc73
SHA512

0465cd6617ea901aad1eb155c0b44dd69a5510d0a09de018d83e24ad2c3e30ebd011ceb7854bd61ca53964e1049bea3e1de67b8f718b44566e72720dee4f6009
SSDEEP

768:AGViBrmBErHN6m5XdtV4r1BWH64Wvt4cBkDeE9JEvFROQdGjftc/SFrxvq9NMFys:QAErtZ4RBWgvt4HeGrfFlaVvE

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3e7c4a1a5bb3a0454c2a8e0a4e22a146_JaffaCakes118

Files

3e7c4a1a5bb3a0454c2a8e0a4e22a146_JaffaCakes118
.exe windows:4 windows x86 arch:x86

c23e990178b1c0113d95e211edafc5a1

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ExitThread
SetLastError
DeleteFileW
GetCommandLineA
GetFileSize
WriteFile
DeleteFileA
ReadConsoleA
CreateDirectoryA
GetLastError
CopyFileExA
GetComputerNameA
GetCPInfo
GetConsoleMode
CopyFileW
GetFileTime
OpenFile
CreateProcessA
GetStdHandle

user32

GetWindowTextA
CopyIcon
InsertMenuA
CreateIcon
DrawIconEx
CopyRect
AppendMenuA
DrawIcon
GetDC
GetMenu
GetWindowTextLengthA
AppendMenuW
BlockInput
GetFocus
CloseWindow
CopyImage

comctl32

ImageList_Create
ImageList_DragMove
ImageList_DrawIndirect
InitCommonControls
ImageList_AddIcon
ImageList_Copy
ImageList_DragShowNolock
ImageList_Read
ImageList_LoadImage
ImageList_LoadImageW
ImageList_DragLeave
ImageList_DrawEx
ImageList_DragEnter
ImageList_BeginDrag
ImageList_ReplaceIcon
ImageList_GetImageCount
ImageList_AddMasked

gdi32

CancelDC
CreateSolidBrush
CopyMetaFileA
BitBlt
BeginPath
AddFontResourceW
AddFontResourceExA
AddFontMemResourceEx
GetPixel
ExtTextOutA
AddFontResourceA
RestoreDC
AbortPath
ExcludeClipRect
GetDCOrgEx
AddFontResourceExW
GetClipBox
DeleteObject
GetPixel

advapi32

RegLoadKeyA
RegLoadKeyW
RegQueryValueExA
RegQueryValueW
RegReplaceKeyA
RegCreateKeyExA
RegDeleteKeyW
RegCreateKeyExW
RegQueryValueA
RegEnumValueW
RegEnumKeyA
RegOpenKeyW
RegQueryValueExW
RegQueryInfoKeyW
RegOpenKeyExW
RegGetKeySecurity
RegEnumKeyW
RegEnumKeyExW
RegDeleteValueW
RegFlushKey

Sections

.text
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 64KB - Virtual size: 190KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: - Virtual size: 2KB

IMAGE_SCN_MEM_READ

.rsrc
Size: 4KB - Virtual size: 969B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

c23e990178b1c0113d95e211edafc5a1

Headers

File Characteristics

Imports

kernel32

user32

comctl32

gdi32

advapi32

Sections

.text Size: 8KB - Virtual size: 4KB

.rdata Size: 4KB - Virtual size: 2KB

.data Size: 64KB - Virtual size: 190KB

.reloc Size: - Virtual size: 2KB

.rsrc Size: 4KB - Virtual size: 969B

.text
Size: 8KB - Virtual size: 4KB

.rdata
Size: 4KB - Virtual size: 2KB

.data
Size: 64KB - Virtual size: 190KB

.reloc
Size: - Virtual size: 2KB

.rsrc
Size: 4KB - Virtual size: 969B