5adb01d3881811d2a80100007f6617ad_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

5adb01d3881811d2a80100007f6617ad_JaffaCakes118
Size

368KB
MD5

5adb01d3881811d2a80100007f6617ad
SHA1

792dd1ed66e684a139776a5011b728f82db20619
SHA256

5661b9dac010e4c85d0cb41a4bf31f06896c81d8d7348ca743e6deb19f115246
SHA512

1bf59f31abc41b62a15b5235efe6d592d13ba0f9318a0409da000b7a94401496045c6ea2cafe7b96e608af2ba688a138481c8eeab8c9d67574efc3aaa074cd69
SSDEEP

6144:cLwwv6dmYqd6tLrctW3F3kiTp6g54rpO1KSM0KVOpUrd3KrBR+m:Hs6t8tMVNm01BKwEaW

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5adb01d3881811d2a80100007f6617ad_JaffaCakes118

Files

5adb01d3881811d2a80100007f6617ad_JaffaCakes118
.dll windows:4 windows x86 arch:x86

feb2f8de32d782301576315e83aeaa0e

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Imports

advapi32

RegGetKeySecurity
RegOpenKeyExA
RegLoadKeyA
RegDeleteKeyW
RegQueryInfoKeyW
RegCreateKeyW
RegEnumKeyExW
RegEnumValueA
RegReplaceKeyW
RegQueryValueExA
RegLoadKeyW
RegLoadKeyA
RegQueryInfoKeyA
RegCloseKey
RegReplaceKeyW
RegQueryValueExA
RegEnumKeyExW
RegCreateKeyW
RegReplaceKeyA
RegCreateKeyExA
RegOpenKeyA
RegQueryInfoKeyA
RegLoadKeyW
RegDeleteKeyW
RegDeleteValueA
RegQueryValueExA
RegGetKeySecurity
RegDeleteKeyA
RegOpenKeyExA
RegCloseKey
RegEnumKeyExA
RegCreateKeyExW
RegFlushKey
RegDeleteValueW
RegOpenKeyA
RegQueryInfoKeyW
RegEnumValueW

user32

DrawTextW
InsertMenuA
DrawIconEx
GetFocus
CopyImage
DialogBoxParamA
CreateIcon
GetDlgItem
GetMenu
GetWindowTextLengthA
BlockInput
CloseWindow
IsMenu
CreateIcon
LoadCursorA
DialogBoxParamA
DialogBoxParamW
DrawTextA
CopyRect
GetCursor
DrawTextW
DrawIcon
InsertMenuA
EndDialog
CloseWindow
CopyIcon
DrawIconEx
CreateIcon
GetWindowTextLengthA
AppendMenuW
GetDlgItem
CopyImage
GetCursor
CopyIcon
GetMenu
BlockInput
CalcMenuBar
LoadMenuA
DialogBoxParamW
GetFocus
DrawTextA
IsWindow
DrawTextA
GetMenu
CopyImage
IsMenu
EndDialog
BlockInput
IsWindow
DrawTextW
LoadMenuA
DialogBoxParamW
GetCursor
CopyRect
CloseWindow
GetWindow
CopyIcon
LoadCursorA

kernel32

GlobalFree
GetFileTime
CreateThread
ReadConsoleW
DeleteFileW
OpenFile
FindFirstFileA
CopyFileA
ReadFile
ReadConsoleA
GetCommandLineA
CreateProcessA
GetLastError
WriteFile
OpenFileMappingA
Sleep

comctl32

ImageList_Write
ImageList_DragMove
InitCommonControls
ImageList_BeginDrag
ImageList_GetImageCount
ImageList_DragShowNolock
ImageList_GetIcon
ImageList_LoadImage
ImageList_Draw
ImageList_LoadImageW

Sections

DATA
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.INIT
Size: 348KB - Virtual size: 348KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bbs
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.edata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 2KB - Virtual size: 233KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

feb2f8de32d782301576315e83aeaa0e

Headers

File Characteristics

Imports

advapi32

user32

kernel32

comctl32

Sections

DATA Size: 10KB - Virtual size: 9KB

.rdata Size: - Virtual size: 1KB

.data Size: - Virtual size: 3KB

.INIT Size: 348KB - Virtual size: 348KB

.bbs Size: 4KB - Virtual size: 4KB

.edata Size: 1KB - Virtual size: 1KB

.reloc Size: 2KB - Virtual size: 233KB

DATA
Size: 10KB - Virtual size: 9KB

.rdata
Size: - Virtual size: 1KB

.data
Size: - Virtual size: 3KB

.INIT
Size: 348KB - Virtual size: 348KB

.bbs
Size: 4KB - Virtual size: 4KB

.edata
Size: 1KB - Virtual size: 1KB

.reloc
Size: 2KB - Virtual size: 233KB