63d9e214130bb336057e8668114ae6d8_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

63d9e214130bb336057e8668114ae6d8_JaffaCakes118
Size

112KB
MD5

63d9e214130bb336057e8668114ae6d8
SHA1

11f5efdce988dfd3d71e10c26696e9ef6f15abe2
SHA256

b0fd025fadf5d39c409b8695c800b7c43ee4d648f0ccd19de0d7e32903830994
SHA512

bec710cdbb20bf6c2d693567d2a15f17425758bf6f29847ff77c0214671397a7bee1cac1a8df78de510d8d5a5e422cd080c385a479bc60ce2c9f3f2910ca0d58
SSDEEP

1536:wEgmm9Hy41xUkrfOE9FS7ts1/nvG6fWZrR:rmo4126WcFS7o3N

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
63d9e214130bb336057e8668114ae6d8_JaffaCakes118

Files

63d9e214130bb336057e8668114ae6d8_JaffaCakes118
.exe windows:4 windows x86 arch:x86

c45935998645f2b7f5d040042d3c47ea

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RegQueryValueA
RegReplaceKeyW
RegLoadKeyW
RegDeleteValueW
RegFlushKey
RegQueryInfoKeyA
RegEnumValueA
RegOpenKeyExW
RegReplaceKeyA
RegEnumKeyA
RegQueryValueExA
RegEnumKeyW
RegGetKeySecurity
RegOpenKeyW
RegEnumKeyExW
RegLoadKeyA
RegCreateKeyExA

kernel32

OpenFileMappingA
ExitThread
CreateThread
OpenFile
CopyFileA
GlobalFree
CopyFileW
FindAtomA
ReadConsoleA
GetLastError
GetComputerNameA
CopyFileExW
ReadFile
CopyFileExA
DeleteFileA
DeleteAtom
ExitThread
OpenFileMappingA
SetLastError
FindFirstFileA
GetComputerNameA
CopyFileExW
CopyFileW
ReadFile
Sleep
FindAtomA
GetCommandLineA
CopyFileA
GetLastError
DeleteFileA
GetCPInfo
CreateProcessA
GetFileSize

comctl32

ImageList_DragMove
ImageList_Create
ImageList_GetImageInfo
ImageList_GetIcon
ImageList_LoadImageW
ImageList_DrawEx
ImageList_GetDragImage
ImageList_GetImageRect
ImageList_GetImageCount
ImageList_ReplaceIcon
InitCommonControls
ImageList_DragLeave
ImageList_LoadImageW
ImageList_GetImageInfo
ImageList_GetIcon
ImageList_EndDrag
ImageList_ReplaceIcon
ImageList_GetDragImage
ImageList_BeginDrag
ImageList_DragLeave
ImageList_Read
ImageList_Destroy
ImageList_AddMasked
ImageList_Draw

gdi32

SetTextColor
CancelDC
DeleteDC
CloseFigure
ClearBrushAttributes
AddFontResourceA
AddFontMemResourceEx
CloseMetaFile
DeleteObject
GetPixel
ClearBitmapAttributes
GetDCOrgEx
BitBlt
GetBrushOrgEx
BeginPath
RestoreDC

Sections

.text
Size: 20KB - Virtual size: 19KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 68KB - Virtual size: 66KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 4KB - Virtual size: 41KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

c45935998645f2b7f5d040042d3c47ea

Headers

File Characteristics

Imports

advapi32

kernel32

comctl32

gdi32

Sections

.text Size: 20KB - Virtual size: 19KB

.data Size: 68KB - Virtual size: 66KB

.tls Size: 4KB - Virtual size: 4KB

.rdata Size: 8KB - Virtual size: 6KB

.idata Size: 4KB - Virtual size: 3KB

.rsrc Size: 4KB - Virtual size: 41KB

.text
Size: 20KB - Virtual size: 19KB

.data
Size: 68KB - Virtual size: 66KB

.tls
Size: 4KB - Virtual size: 4KB

.rdata
Size: 8KB - Virtual size: 6KB

.idata
Size: 4KB - Virtual size: 3KB

.rsrc
Size: 4KB - Virtual size: 41KB