440e83818911938d8b4e96cd9d9e018d_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

440e83818911938d8b4e96cd9d9e018d_JaffaCakes118
Size

72KB
MD5

440e83818911938d8b4e96cd9d9e018d
SHA1

72a80c5e32916f466e938d9054b5cca665c40370
SHA256

3a55df350c25b2526b09c9ce982cf203edd826729ced5b9c60cfbf0727b43775
SHA512

a678ee21061a27c02eecaec0f13df2ea798e0765c1b5b1c0704c833204cc3317eefce35d021f75cd8cb98d7fc5c8a2752bea3ddc2ea2ceb22881a426cc321ac6
SSDEEP

1536:/2smFs/8abxWMXfUoRAGzOMp0VtwZLQ3vJH:mGNHRAGb0wZLQ3vV

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
440e83818911938d8b4e96cd9d9e018d_JaffaCakes118

Files

440e83818911938d8b4e96cd9d9e018d_JaffaCakes118
.exe windows:4 windows x86 arch:x86

609a7c80d0cdaa27b7cf9a8a8ba800a3

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ReadConsoleA
DeleteFileW
ExitThread
GetLastError
ReadFile
DeleteAtom
CreateDirectoryA
GetCommandLineA
GetCPInfo
Sleep
GetFileTime
DeleteFileA
SetLastError
CopyFileA
OpenFileMappingA
OpenFile
CopyFileW
GetComputerNameA
WriteFile
FindAtomA

advapi32

RegCreateKeyExW
RegQueryInfoKeyW
RegLoadKeyA
RegQueryValueA
RegEnumKeyA
RegEnumKeyExA
RegQueryValueExA
RegDeleteKeyA
RegEnumValueW
RegDeleteValueA
RegQueryValueW
RegDeleteKeyW
RegDeleteValueW
RegEnumKeyW
RegOpenKeyExA
RegEnumKeyExW
RegLoadKeyW
RegFlushKey
RegQueryInfoKeyA

gdi32

AddFontMemResourceEx
CreateSolidBrush
GetPixel
GetPixel
ExcludeClipRect
CloseMetaFile
ClearBrushAttributes
CloseFigure
SetTextColor
AddFontResourceExW
GetBrushOrgEx
RestoreDC
CopyMetaFileA
DeleteObject
ClearBitmapAttributes
AddFontResourceExA
CancelDC
AbortPath
GetClipBox
BitBlt
AddFontResourceTracking

user32

GetDlgItem
EndDialog
CopyRect
GetCursor
DrawIconEx
GetWindowTextLengthA
GetDC
AlignRects
InsertMenuA
LoadCursorA
DialogBoxParamW
DialogBoxParamA
CopyIcon
AppendMenuW
GetMenu
CreateIcon
DrawTextA
CloseWindow
DrawTextW

comctl32

ImageList_Merge
ImageList_GetImageRect
ImageList_LoadImageA
ImageList_GetDragImage
ImageList_DragLeave
ImageList_LoadImage
ImageList_GetImageCount
ImageList_Destroy
ImageList_Read
ImageList_AddIcon
ImageList_DragEnter
ImageList_BeginDrag
ImageList_GetIcon
InitCommonControls
ImageList_GetImageInfo
ImageList_DragShowNolock
ImageList_DrawIndirect
ImageList_DragMove
ImageList_LoadImageW
ImageList_Copy
ImageList_Draw

Sections

.text
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 62KB - Virtual size: 142KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 274B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

609a7c80d0cdaa27b7cf9a8a8ba800a3

Headers

File Characteristics

Imports

kernel32

advapi32

gdi32

user32

comctl32

Sections

.text Size: 5KB - Virtual size: 4KB

.rdata Size: 3KB - Virtual size: 2KB

.data Size: 62KB - Virtual size: 142KB

.reloc Size: - Virtual size: 1KB

.rsrc Size: 512B - Virtual size: 274B

.text
Size: 5KB - Virtual size: 4KB

.rdata
Size: 3KB - Virtual size: 2KB

.data
Size: 62KB - Virtual size: 142KB

.reloc
Size: - Virtual size: 1KB

.rsrc
Size: 512B - Virtual size: 274B