45c32e6a0e1a96757b5546d4b82314d7_JaffaCakes118

General

Target

45c32e6a0e1a96757b5546d4b82314d7_JaffaCakes118
Size

87KB
MD5

45c32e6a0e1a96757b5546d4b82314d7
SHA1

80faaba379de325ec3488a2f2a2edf86a0a74519
SHA256

5c17d1542a755ff303b4e5d1da47435e0c38a5e60a4ac3ab7e5bf8cafcaf9ff8
SHA512

1468291656483d65585bf9c5e47d3829d088842aae7c4ef0446aee787ad6a7883730bf09859881b1d1f71142dde93eafb0136e485fb1027b453efb2fe4a53d9d
SSDEEP

1536:n7TGY4hAJPwzrePVXmV4Hvsi1XpuCKiuauTphkfyxTEbD+:sWJqemAsiLiiujXk6xAbq

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
45c32e6a0e1a96757b5546d4b82314d7_JaffaCakes118

Files

45c32e6a0e1a96757b5546d4b82314d7_JaffaCakes118
.exe windows:4 windows x86 arch:x86

184b0794762a402d5d53761e2d31eea4

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

HeapAlloc
lstrcpynA
GlobalAlloc
lstrcpyA
GetStdHandle
CloseHandle
GetModuleFileNameA
GetLocalTime
FreeLibrary
GetFileSize
GetCPInfo
GetStringTypeW
GlobalFree
GetFileType
WideCharToMultiByte
GetLastError
GetCommandLineA
lstrcatA
DeleteFileA
lstrlenA

user32

DrawTextA
AlignRects
InsertMenuA
AppendMenuA
GetCursor
GetWindowTextLengthA
DialogBoxParamA
CalcMenuBar
DrawTextW
LoadCursorA
LoadMenuA
CopyImage
IsMenu
AppendMenuW
IsWindow
GetFocus
BlockInput
GetWindowTextA
GetWindowTextLengthA
IsWindow
IsMenu
AppendMenuA
CopyImage
DrawTextW
CalcMenuBar
GetMenu
CopyIcon
DialogBoxParamA
CopyRect
GetFocus
DialogBoxParamW
CreateIcon
CloseWindow
GetDlgItem
LoadCursorA
InsertMenuA
GetCursor

comctl32

ImageList_DrawEx
ImageList_DragEnter
ImageList_Merge
ImageList_GetImageRect
ImageList_Replace
ImageList_GetIcon
ImageList_AddMasked
ImageList_Draw
ImageList_Create
ImageList_Remove
ImageList_DragLeave
ImageList_LoadImage
ImageList_AddIcon
ImageList_GetImageCount
ImageList_DragMove
ImageList_DrawIndirect

advapi32

RegEnumKeyExA
RegDeleteKeyW
RegQueryValueA
RegOpenKeyA
RegQueryInfoKeyW
RegDeleteValueW
RegReplaceKeyA
RegEnumValueA
RegOpenKeyExW
RegEnumKeyW
RegGetKeySecurity
RegFlushKey
RegCreateKeyW
RegLoadKeyW
RegQueryValueExA
RegQueryValueExW
RegQueryInfoKeyA
RegCreateKeyExA

Sections

.WBxj
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.fMMqVW
Size: 68KB - Virtual size: 67KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.YYpQl
Size: 2KB - Virtual size: 148KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.WpIE
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

184b0794762a402d5d53761e2d31eea4

Headers

File Characteristics

Imports

kernel32

user32

comctl32

advapi32

Sections

.WBxj Size: 10KB - Virtual size: 10KB

.fMMqVW Size: 68KB - Virtual size: 67KB

.YYpQl Size: 2KB - Virtual size: 148KB

.WpIE Size: 3KB - Virtual size: 2KB

.WBxj
Size: 10KB - Virtual size: 10KB

.fMMqVW
Size: 68KB - Virtual size: 67KB

.YYpQl
Size: 2KB - Virtual size: 148KB

.WpIE
Size: 3KB - Virtual size: 2KB