44e7302c7376a14693835fcfd069a13b_JaffaCakes118

General

Target

44e7302c7376a14693835fcfd069a13b_JaffaCakes118
Size

96KB
MD5

44e7302c7376a14693835fcfd069a13b
SHA1

b3901d2ca5b92d5614d5bf4c417fecef45a11e0f
SHA256

14e4fb64bf8902e4c1a4a84c87051cb779809511595a6fb04cf7fe098c08ab7b
SHA512

5b67ee1038a36bd42632d6097be4d770e7c8c84d91711ad346761ac849d2905ff693f4d7500d9bc137d7b2302595db5517c4f8b6beac07e2823b11563ed98668
SSDEEP

1536:MX1o34icugA9ad9s5NYpJbusMyTUU8Ugj0+V41/bgeULes8F:MX1OJJ9UaMJbuzyTUUQjN60D6s8F

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
44e7302c7376a14693835fcfd069a13b_JaffaCakes118

Files

44e7302c7376a14693835fcfd069a13b_JaffaCakes118
.exe windows:4 windows x86 arch:x86

d664f56533fbc91e7d65a2550d9d5983

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RegDeleteKeyA
RegEnumKeyW
RegQueryValueW
RegQueryInfoKeyW
RegLoadKeyW
RegDeleteValueA
RegCreateKeyExW
RegCreateKeyW
RegQueryInfoKeyA
RegEnumKeyExA
RegEnumKeyExW
RegOpenKeyExW
RegEnumValueW
RegOpenKeyW
RegQueryValueExW
RegEnumValueA

user32

LoadMenuA
DrawTextA
CalcMenuBar
IsMenu
GetMenu
DrawIcon
DialogBoxParamA
GetFocus
InsertMenuA
AlignRects
DrawTextW
DrawIconEx
GetCursor
CopyRect
LoadCursorA
CopyImage
GetDC
GetDlgItem
CloseWindow
AppendMenuA

kernel32

FreeLibrary
GetFileAttributesA
GlobalAlloc
GetLocalTime
lstrlenA
WideCharToMultiByte
GetLastError
GetModuleFileNameA
HeapAlloc
lstrcpynA
HeapFree
lstrcatA
lstrcpyA
GetStringTypeA
GetFileType
GetStringTypeW
lstrcmpA
GetCommandLineA
CloseHandle
GetCPInfo

comctl32

ImageList_DragShowNolock
ImageList_Draw
ImageList_Remove
ImageList_AddIcon
ImageList_Merge
ImageList_Replace
ImageList_Create
ImageList_GetImageRect
ImageList_ReplaceIcon
ImageList_Read
ImageList_DrawEx
ImageList_GetIconSize
ImageList_DragLeave
ImageList_GetDragImage
ImageList_LoadImageA
ImageList_LoadImage
ImageList_GetImageInfo
ImageList_BeginDrag

Sections

.CUFsgR
Size: 15KB - Virtual size: 14KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.kqzN
Size: 72KB - Virtual size: 71KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.DWAU
Size: 3KB - Virtual size: 107KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pgSX
Size: 1024B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.xyZZ
Size: 1024B - Virtual size: 2KB

IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d664f56533fbc91e7d65a2550d9d5983

Headers

File Characteristics

Imports

advapi32

user32

kernel32

comctl32

Sections

.CUFsgR Size: 15KB - Virtual size: 14KB

.kqzN Size: 72KB - Virtual size: 71KB

.DWAU Size: 3KB - Virtual size: 107KB

.pgSX Size: 1024B - Virtual size: 1KB

.xyZZ Size: 1024B - Virtual size: 2KB

.CUFsgR
Size: 15KB - Virtual size: 14KB

.kqzN
Size: 72KB - Virtual size: 71KB

.DWAU
Size: 3KB - Virtual size: 107KB

.pgSX
Size: 1024B - Virtual size: 1KB

.xyZZ
Size: 1024B - Virtual size: 2KB