458dba21e51036e77cfd6d463c86d912_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

458dba21e51036e77cfd6d463c86d912_JaffaCakes118
Size

2.0MB
MD5

458dba21e51036e77cfd6d463c86d912
SHA1

a524032bc902ef635ef1b4782e9b0d41f468c76b
SHA256

960ff57bd6b0b8726416291e26d4bfcdbabd7b2ff9942518cacf85f6ba30edfe
SHA512

c562bdcc16bef5126a9fb4bac0d278b2c5d66762869e46b62aabc245818c84e4e82c898f8a1b362743b30bb4a76d19ab693a861dc172ab39fc218381243119ba
SSDEEP

24576:N6yvES1FxBZHETOqlEat8Q9ij9HFnLPvjrp0bh40qTczIQOg4ZmeQ5E+:N7t2Oqn9i5FzvjrGtaTeB4/O

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
458dba21e51036e77cfd6d463c86d912_JaffaCakes118

Files

458dba21e51036e77cfd6d463c86d912_JaffaCakes118
.exe windows:4 windows x86 arch:x86

d836100a4311437e9b1b31d6abfc2d7e

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetLastError
ReadFile
CopyFileW
GetStdHandle
GetFileSize
CopyFileA
WriteFile
CreateThread
GetComputerNameA
DeleteFileW
CopyFileExW
OpenFileMappingA
ReadConsoleW
CreateDirectoryA
FindAtomA
GlobalFree
CopyFileExA
GetFileTime
ExitThread
FindFirstFileA
SetLastError
OpenFile
GetCommandLineA

comctl32

ImageList_LoadImage
ImageList_Merge
ImageList_GetIconSize
ImageList_DragShowNolock
ImageList_Remove
ImageList_GetImageRect
ImageList_Destroy
ImageList_BeginDrag
ImageList_DrawIndirect
ImageList_LoadImageW
ImageList_GetDragImage
ImageList_EndDrag
InitCommonControls
ImageList_AddIcon
ImageList_Replace
ImageList_AddMasked
ImageList_Read
ImageList_LoadImageA

advapi32

RegEnumKeyA
RegQueryValueExW
RegOpenKeyW
RegQueryValueExA
RegQueryValueA
RegReplaceKeyA
RegReplaceKeyW
RegGetKeySecurity
RegCreateKeyExW
RegDeleteValueA
RegFlushKey
RegQueryValueW
RegEnumKeyExA
RegDeleteKeyA
RegDeleteValueW
RegCreateKeyW
RegEnumKeyW
RegOpenKeyExW
RegDeleteKeyW
RegQueryInfoKeyA
RegLoadKeyA
RegDeleteKeyW
RegOpenKeyA
RegQueryValueExA
RegDeleteKeyA
RegCreateKeyExW
RegCreateKeyExA
RegOpenKeyExW
RegLoadKeyW
RegEnumValueA
RegFlushKey
RegGetKeySecurity
RegCreateKeyW
RegEnumKeyExW
RegEnumKeyA
RegQueryValueA
RegQueryInfoKeyA
RegEnumValueA
RegOpenKeyExW
RegDeleteKeyA
RegDeleteValueA
RegEnumKeyA
RegOpenKeyW
RegOpenKeyExA
RegQueryValueW
RegEnumKeyW
RegLoadKeyW
RegCreateKeyExA
RegEnumKeyExW
RegOpenKeyA
RegCreateKeyExW
RegReplaceKeyA
RegFlushKey
RegQueryValueExW
RegReplaceKeyW
RegEnumValueW
RegDeleteKeyW
RegGetKeySecurity

user32

LoadMenuA
LoadCursorA
DialogBoxParamW
GetDlgItem
CopyRect
IsWindow
AppendMenuW
DrawIcon
DrawTextA
AlignRects
CopyIcon
CopyImage
DrawIconEx
IsMenu
GetWindowTextLengthA
GetMenu
DrawTextW
CloseWindow
GetCursor
GetDC

Sections

CODE
Size: 260KB - Virtual size: 259KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.XEsLLU
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.wBlTMC
Size: 4KB - Virtual size: 739B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.ndata
Size: 1.7MB - Virtual size: 5.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.JqztCH
Size: 4KB - Virtual size: 93B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.iGajhG
Size: 4KB - Virtual size: 24B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.nbuyPB
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.kEBliF
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d836100a4311437e9b1b31d6abfc2d7e

Headers

File Characteristics

Imports

kernel32

comctl32

advapi32

user32

Sections

CODE Size: 260KB - Virtual size: 259KB

.XEsLLU Size: 8KB - Virtual size: 4KB

.wBlTMC Size: 4KB - Virtual size: 739B

.ndata Size: 1.7MB - Virtual size: 5.0MB

.JqztCH Size: 4KB - Virtual size: 93B

.iGajhG Size: 4KB - Virtual size: 24B

.nbuyPB Size: 8KB - Virtual size: 4KB

.kEBliF Size: 8KB - Virtual size: 4KB

CODE
Size: 260KB - Virtual size: 259KB

.XEsLLU
Size: 8KB - Virtual size: 4KB

.wBlTMC
Size: 4KB - Virtual size: 739B

.ndata
Size: 1.7MB - Virtual size: 5.0MB

.JqztCH
Size: 4KB - Virtual size: 93B

.iGajhG
Size: 4KB - Virtual size: 24B

.nbuyPB
Size: 8KB - Virtual size: 4KB

.kEBliF
Size: 8KB - Virtual size: 4KB