48ad669ecb070cf170c6b96db76ded6f_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

48ad669ecb070cf170c6b96db76ded6f_JaffaCakes118
Size

2.1MB
MD5

48ad669ecb070cf170c6b96db76ded6f
SHA1

afe166b66284689187b013a99ba116d7f582c70d
SHA256

0839c2402aed575dcc42581e1c875f16f5a9479f9822817b2ee109e18d785dc4
SHA512

78daff6ae022b7ee4f7e596b7f6e32ffeeb59b8b3e38090b7005da36997e56ba70ba990d1331b470d598970223cfd7183b110b18e71fa0afd348a9d3791b5668
SSDEEP

24576:Vvm/w3D8381g3xXC+e7MF4AMoO2z0dJkduSbX/fF:s43A3tS+e79Axz0dJvSbvf

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
48ad669ecb070cf170c6b96db76ded6f_JaffaCakes118

Files

48ad669ecb070cf170c6b96db76ded6f_JaffaCakes118
.exe windows:4 windows x86 arch:x86

440155432fadf8fd01236fc239dd21f0

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

comctl32

ImageList_DragShowNolock
ImageList_GetImageInfo
ImageList_GetIconSize
ImageList_DrawIndirect
ImageList_GetImageRect
ImageList_Destroy
ImageList_GetDragImage
ImageList_Copy
ImageList_BeginDrag
ImageList_Remove
ImageList_Create
ImageList_Draw
ImageList_Merge
ImageList_GetIcon
ImageList_AddIcon
ImageList_DrawEx
ImageList_Read

advapi32

RegQueryValueExA
RegQueryInfoKeyA
RegQueryValueA
RegOpenKeyExA
RegEnumKeyW
RegDeleteValueA
RegOpenKeyA
RegOpenKeyExW
RegQueryValueW
RegGetKeySecurity
RegOpenKeyW
RegLoadKeyA
RegCreateKeyExW
RegLoadKeyW
RegEnumValueW
RegReplaceKeyA
RegEnumKeyA
RegFlushKey
RegCreateKeyW
RegEnumKeyExA
RegQueryValueExA
RegDeleteKeyW
RegReplaceKeyW
RegGetKeySecurity
RegOpenKeyA
RegQueryInfoKeyW
RegQueryValueExW
RegCreateKeyExW
RegEnumKeyW
RegDeleteKeyA
RegLoadKeyA
RegReplaceKeyA
RegOpenKeyW
RegFlushKey
RegLoadKeyW
RegFlushKey
RegEnumValueA
RegOpenKeyA
RegReplaceKeyW
RegCreateKeyExW
RegQueryInfoKeyA
RegQueryValueExA
RegCreateKeyExA
RegDeleteValueA
RegQueryValueW
RegLoadKeyA
RegEnumKeyExA
RegEnumValueW
RegQueryValueA

Sections

.text
Size: 260KB - Virtual size: 257KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1.9MB - Virtual size: 5.3MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 4KB - Virtual size: 222B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

440155432fadf8fd01236fc239dd21f0

Headers

File Characteristics

Imports

comctl32

advapi32

Sections

.text Size: 260KB - Virtual size: 257KB

.rdata Size: 8KB - Virtual size: 4KB

.edata Size: 4KB - Virtual size: 2KB

.data Size: 1.9MB - Virtual size: 5.3MB

.tls Size: 4KB - Virtual size: 222B

.rdata Size: 4KB - Virtual size: 1KB

.idata Size: 4KB - Virtual size: 2KB

.rsrc Size: 12KB - Virtual size: 11KB

.text
Size: 260KB - Virtual size: 257KB

.rdata
Size: 8KB - Virtual size: 4KB

.edata
Size: 4KB - Virtual size: 2KB

.data
Size: 1.9MB - Virtual size: 5.3MB

.tls
Size: 4KB - Virtual size: 222B

.rdata
Size: 4KB - Virtual size: 1KB

.idata
Size: 4KB - Virtual size: 2KB

.rsrc
Size: 12KB - Virtual size: 11KB