410c7cba6ba3051fe1adde3f697d2693_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

410c7cba6ba3051fe1adde3f697d2693_JaffaCakes118
Size

92KB
MD5

410c7cba6ba3051fe1adde3f697d2693
SHA1

3fa60bb586d8378f813b92cb54bbe58835a07616
SHA256

e9b7eb8bad5d37b2be694c9be0fc8747485f67ebc3a70aa564e9f0c9cd838b2b
SHA512

5596c3b165a9d269f39e5ed0f833321444ad9ac964c5e6e2bf2f841c571f73e5f109ce6375f69598c8a23ce652ea82cd5e78722d830fb665aceb280afcdf03dd
SSDEEP

1536:pDKvFOLwc66mYi0/JqWitkUY47TTo/z/3av2CZ68ZAliIfOT:pDUlVhYNAza4/TmfRVEA4V

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
410c7cba6ba3051fe1adde3f697d2693_JaffaCakes118

Files

410c7cba6ba3051fe1adde3f697d2693_JaffaCakes118
.exe windows:4 windows x86 arch:x86

8cbcc09bf41d999ea46584b3b911aff2

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

gdi32

CreateSolidBrush
AddFontResourceW
BitBlt
RestoreDC
AddFontResourceTracking
AbortPath
DeleteDC
SetTextColor
CloseFigure
ExtTextOutA
GetDCOrgEx
GetBrushOrgEx
GetPixel
AddFontResourceA
GetClipBox
AddFontMemResourceEx
AddFontResourceExW
ExcludeClipRect

user32

DrawIconEx
LoadMenuA
GetWindowTextLengthA
DrawTextA
IsMenu
InsertMenuA
BlockInput
DrawIcon
CreateIcon
DrawTextW
CopyRect
GetFocus
AlignRects
IsWindow
DialogBoxParamA
GetCursor
GetMenu

advapi32

RegLoadKeyA
RegEnumKeyA
RegQueryValueExA
RegEnumKeyExW
RegOpenKeyA
RegReplaceKeyA
RegOpenKeyExA
RegGetKeySecurity
RegQueryValueExW
RegReplaceKeyW
RegQueryInfoKeyA
RegCreateKeyExW
RegCreateKeyW
RegFlushKey
RegLoadKeyW
RegQueryInfoKeyW
RegEnumKeyW
RegEnumKeyExA

kernel32

CopyFileExA
GetCommandLineA
SetLastError
Sleep
GetLastError
CreateThread
CopyFileA
GetConsoleMode
DeleteFileA
GetCPInfo
DeleteFileW
ReadConsoleW
FindAtomA
WriteFile
GlobalFree
GetFileSize
CreateDirectoryA
CopyFileExW
OpenFile

comctl32

ImageList_DrawEx
ImageList_Read
ImageList_Copy
ImageList_Replace
ImageList_Destroy
ImageList_DrawIndirect
ImageList_DragMove
ImageList_DragLeave
ImageList_Remove
ImageList_GetIconSize
ImageList_GetImageCount
ImageList_AddIcon
ImageList_AddMasked
InitCommonControls
ImageList_GetDragImage
ImageList_LoadImageA
ImageList_BeginDrag

Sections

.text
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 60KB - Virtual size: 176KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 16KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

8cbcc09bf41d999ea46584b3b911aff2

Headers

File Characteristics

Imports

gdi32

user32

advapi32

kernel32

comctl32

Sections

.text Size: 8KB - Virtual size: 4KB

.rdata Size: 4KB - Virtual size: 2KB

.data Size: 60KB - Virtual size: 176KB

.reloc Size: - Virtual size: 1KB

.rsrc Size: 16KB - Virtual size: 16KB

.text
Size: 8KB - Virtual size: 4KB

.rdata
Size: 4KB - Virtual size: 2KB

.data
Size: 60KB - Virtual size: 176KB

.reloc
Size: - Virtual size: 1KB

.rsrc
Size: 16KB - Virtual size: 16KB