651bcf3017b018a1138a8d6346d4287d_JaffaCakes118

General

Target

651bcf3017b018a1138a8d6346d4287d_JaffaCakes118
Size

235KB
MD5

651bcf3017b018a1138a8d6346d4287d
SHA1

cef6e1270e265f07f81fbd25376b81658363b213
SHA256

e02abcac28f98295b4273d3963e532b9715d0866ff7b019ef3a9c52dd92ff96e
SHA512

c94d4a15820099f9fa20f4fda2fa7b7caacb80371fcd7c142b5e6b99a685e1972b0a8e253388697601cc35b98076bdae2edb625a5874c2d0638e1c64a2cd1596
SSDEEP

3072:VbluYjiiYbT1+Z7N4vXjrqlEn81JBaZQosbiGj4y+9:u9k2j+p13doghjC

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
651bcf3017b018a1138a8d6346d4287d_JaffaCakes118

Files

651bcf3017b018a1138a8d6346d4287d_JaffaCakes118
.dll windows:5 windows x86 arch:x86

c5b55fd4efce2c527a207961fae6278a

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

user32

AppendMenuA
GetWindowTextLengthA
EndDialog
IsWindow
GetDlgItem
DrawTextA
GetScrollInfo
GetDC
BeginPaint
GetScrollPos
CopyIcon
DrawTextW
InsertMenuA
CopyImage
GetMenu
IsMenu
DrawIcon
GetWindowTextA
AlignRects
AppendMenuW
CopyRect

kernel32

FormatMessageA
CopyFileExA
lstrcatA
ExitProcess
DeleteFileW
lstrlenA
OpenFileMappingA
FindClose
ReadFile
GetLastError
GetCommandLineA
FlushFileBuffers
OpenFile
ExitThread
HeapFree
CompareStringA
GetCPInfo
GetPriorityClass
GetStdHandle
CopyFileA
DeleteFileA

advapi32

RegEnumKeyA
RegDeleteKeyW
RegEnumKeyW
RegOpenKeyExA
RegOpenKeyExW
RegLoadKeyA
RegCreateKeyExA
RegDeleteKeyA
RegDeleteValueW
RegEnumKeyExA
RegEnumValueA
RegQueryValueExA
RegGetKeySecurity
RegEnumValueW
RegQueryInfoKeyW
RegCreateKeyExW
RegOpenKeyA
RegCreateKeyW
RegQueryInfoKeyA

Sections

.mdklj
Size: 31KB - Virtual size: 30KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.clko
Size: 34KB - Virtual size: 33KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bolf
Size: 160KB - Virtual size: 544KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.gplal
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.hinho
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

c5b55fd4efce2c527a207961fae6278a

Headers

File Characteristics

Imports

user32

kernel32

advapi32

Sections

.mdklj Size: 31KB - Virtual size: 30KB

.clko Size: 34KB - Virtual size: 33KB

.bolf Size: 160KB - Virtual size: 544KB

.gplal Size: 3KB - Virtual size: 2KB

.hinho Size: 6KB - Virtual size: 5KB

.mdklj
Size: 31KB - Virtual size: 30KB

.clko
Size: 34KB - Virtual size: 33KB

.bolf
Size: 160KB - Virtual size: 544KB

.gplal
Size: 3KB - Virtual size: 2KB

.hinho
Size: 6KB - Virtual size: 5KB