6121cee886bad0c9433d81dad5077a27_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

6121cee886bad0c9433d81dad5077a27_JaffaCakes118
Size

1.3MB
MD5

6121cee886bad0c9433d81dad5077a27
SHA1

f24b789c3bda0c511a54f6a60b42be4f4bcf3f7f
SHA256

bc6fc0c28c67aacd41cb4a9bc605b359aa9c3e10e4f992f848d680207e4e9c52
SHA512

55f45c48cfa61ac355599cbcf36cabb5f0a1acdaec23eaf12d34facfa2b576071e60914ae1dc3c0f1252401aac804ab3739caaecba4e96f384ab34119196753d
SSDEEP

24576:BDTMtaFVF1D31wM9kKaztDxFwCT9Z6Lpk/cUQbdG:BDTMtaFV1wM+wCTXe0KG

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
6121cee886bad0c9433d81dad5077a27_JaffaCakes118

Files

6121cee886bad0c9433d81dad5077a27_JaffaCakes118
.exe windows:4 windows x86 arch:x86

9bd315ad460d1803658e69fc98ba50b9

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RegEnumValueA
RegDeleteKeyW
RegDeleteValueW
RegQueryValueA
RegFlushKey
RegEnumKeyExW
RegLoadKeyW
RegEnumValueW
RegCreateKeyW
RegOpenKeyExW
RegQueryInfoKeyA
RegQueryValueA
RegEnumKeyW
RegDeleteValueW
RegReplaceKeyA
RegEnumKeyExA
RegCreateKeyExW
RegEnumValueA
RegOpenKeyExA
RegFlushKey
RegCreateKeyExA
RegOpenKeyExW
RegEnumKeyA
RegEnumValueA
RegEnumKeyW
RegGetKeySecurity
RegQueryValueExW
RegReplaceKeyW
RegLoadKeyW
RegDeleteKeyA
RegQueryInfoKeyA
RegQueryValueW

user32

DialogBoxParamW
CreateIcon
GetFocus
DrawIcon
IsMenu
CalcMenuBar
IsWindow
GetDC
GetWindowTextA
GetDlgItem
DrawTextA
AppendMenuW
IsWindow
LoadCursorA
LoadMenuA
CopyImage
CalcMenuBar
DrawIcon
GetMenu
GetWindowTextLengthA
CalcMenuBar
InsertMenuA
GetCursor
DrawTextW
GetFocus
CopyImage
CreateIcon
IsWindow
CloseWindow

kernel32

ExitProcess
ExitProcess
ExitProcess
ExitProcess
ExitProcess
ExitProcess
ExitProcess
ExitProcess
ExitProcess
ExitProcess

Sections

.text
Size: 43KB - Virtual size: 43KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.DATA
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.init
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.edata
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bss
Size: 1.2MB - Virtual size: 5.4MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.ctls
Size: 512B - Virtual size: 115B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.emdata
Size: 33KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

9bd315ad460d1803658e69fc98ba50b9

Headers

File Characteristics

Imports

advapi32

user32

kernel32

Sections

.text Size: 43KB - Virtual size: 43KB

.DATA Size: 10KB - Virtual size: 10KB

.init Size: 2KB - Virtual size: 2KB

.edata Size: 11KB - Virtual size: 10KB

.bss Size: 1.2MB - Virtual size: 5.4MB

.idata Size: 3KB - Virtual size: 3KB

.ctls Size: 512B - Virtual size: 115B

.rdata Size: 1KB - Virtual size: 1KB

.emdata Size: 33KB - Virtual size: 32KB

.text
Size: 43KB - Virtual size: 43KB

.DATA
Size: 10KB - Virtual size: 10KB

.init
Size: 2KB - Virtual size: 2KB

.edata
Size: 11KB - Virtual size: 10KB

.bss
Size: 1.2MB - Virtual size: 5.4MB

.idata
Size: 3KB - Virtual size: 3KB

.ctls
Size: 512B - Virtual size: 115B

.rdata
Size: 1KB - Virtual size: 1KB

.emdata
Size: 33KB - Virtual size: 32KB