634dae0dfd5fbf040e8d0be56f9994de_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

634dae0dfd5fbf040e8d0be56f9994de_JaffaCakes118
Size

111KB
MD5

634dae0dfd5fbf040e8d0be56f9994de
SHA1

9e53138824b583e07ce123cc4e8ba1fd104d4f6c
SHA256

f66243337d8efc61308581125387c284de5e27d8891be095453fdd96be8fb1a6
SHA512

af1aa8ec852d248edcd083acda76f99e842486bf891798a3dc9d75c0b9bbb3f510d77d87e3b46efbb251abb2bcf4e1a828d9be84f39e910363891a4a8f75c4e1
SSDEEP

1536:3APOdVLYRl4r8HyGvtCYkFLX/+6h88lV95wckd9PdfcTk:wGVLi9HyGvwnFTVt15IPPdfc

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
634dae0dfd5fbf040e8d0be56f9994de_JaffaCakes118

Files

634dae0dfd5fbf040e8d0be56f9994de_JaffaCakes118
.exe windows:4 windows x86 arch:x86

45678d5b55c6fb0724f9f4b02631d69b

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

advapi32

RegEnumKeyA
RegOpenKeyW
RegGetKeySecurity
RegOpenKeyExW
RegQueryValueExA
RegOpenKeyExA
RegEnumKeyExW
RegDeleteValueW
RegReplaceKeyA
RegEnumValueW
RegFlushKey
RegQueryInfoKeyA
RegQueryValueW
RegEnumKeyW
RegDeleteKeyA
RegEnumKeyExA
RegQueryValueA
RegDeleteValueA
RegQueryInfoKeyW

kernel32

CopyFileA
GetCPInfo
GetStdHandle
FindAtomA
CopyFileW
ReadConsoleA
CreateThread
OpenFile
WriteFile
DeleteAtom
GetFileSize
ExitThread
CreateDirectoryA
GetConsoleMode
Sleep
GetComputerNameA

user32

GetWindowTextLengthA
DrawTextA
CreateIcon
GetWindowTextA
CloseWindow
IsWindow
DialogBoxParamW
GetDlgItem
GetCursor
IsMenu
CopyImage

comctl32

ImageList_GetDragImage
ImageList_AddIcon
ImageList_DrawEx
InitCommonControls
ImageList_Read
ImageList_Create
ImageList_ReplaceIcon
ImageList_GetIconSize
ImageList_Copy
ImageList_AddMasked
ImageList_DragShowNolock
ImageList_Copy
ImageList_DragMove
ImageList_Read
ImageList_GetImageInfo
ImageList_DragShowNolock
ImageList_LoadImageW
ImageList_DragEnter
ImageList_EndDrag
ImageList_DrawEx
ImageList_LoadImage
InitCommonControls
ImageList_GetDragImage
ImageList_DrawIndirect
ImageList_GetIcon
ImageList_Merge
ImageList_Remove
ImageList_LoadImageA

gdi32

GetPixel
RestoreDC
AbortPath
GetCurrentPositionEx
AddFontResourceExA
ClearBrushAttributes
SetTextColor
ClearBitmapAttributes
GetBrushOrgEx
GetPixel
AddFontResourceExA
AddFontResourceW
ClearBrushAttributes
CopyMetaFileA
AddFontMemResourceEx
CancelDC
AddFontResourceExW
CloseFigure
DeleteObject
GetClipBox
BeginPath

Sections

.text
Size: 24KB - Virtual size: 24KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 81KB - Virtual size: 80KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bbs
Size: - Virtual size: 60KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tls
Size: - Virtual size: 206B

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 190B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 516B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

45678d5b55c6fb0724f9f4b02631d69b

Headers

File Characteristics

Imports

advapi32

kernel32

user32

comctl32

gdi32

Sections

.text Size: 24KB - Virtual size: 24KB

.data Size: 81KB - Virtual size: 80KB

.bbs Size: - Virtual size: 60KB

.idata Size: 3KB - Virtual size: 2KB

.tls Size: - Virtual size: 206B

.rdata Size: 512B - Virtual size: 190B

.rsrc Size: 1024B - Virtual size: 516B

.text
Size: 24KB - Virtual size: 24KB

.data
Size: 81KB - Virtual size: 80KB

.bbs
Size: - Virtual size: 60KB

.idata
Size: 3KB - Virtual size: 2KB

.tls
Size: - Virtual size: 206B

.rdata
Size: 512B - Virtual size: 190B

.rsrc
Size: 1024B - Virtual size: 516B