76814a356c754b217b024e3772e9b268_JaffaCakes118

General

Target

76814a356c754b217b024e3772e9b268_JaffaCakes118
Size

80KB
MD5

76814a356c754b217b024e3772e9b268
SHA1

345a346e0ca5bbbd3979513209e05ead649420f2
SHA256

dbbdea1b5c5d43d158a9cad4721469cbf506979bd295b44fa5d100a56c1b4bcc
SHA512

eed09c82269f07cb461dddd4c1abd3633836f4b1edf6c9f218056c1f0a6e20afd6a0d0568a3b7339a2f09bb18906c58ba8c90e35672fcbcd8383200fbc3d2405
SSDEEP

1536:KWNkazlYel3DX9MfbOJBmGDehK21+YWhZBrpg+:KjaqS3DtMzcW+YA1g

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
76814a356c754b217b024e3772e9b268_JaffaCakes118

Files

76814a356c754b217b024e3772e9b268_JaffaCakes118
.exe windows:4 windows x86 arch:x86

1bc4d62b4023ea7c80f270665064b571

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

comctl32

ImageList_DragLeave
ImageList_DrawIndirect
ImageList_Destroy
ImageList_EndDrag
ImageList_LoadImageW
ImageList_Replace
ImageList_LoadImageA
ImageList_DragEnter
ImageList_DrawEx
ImageList_GetImageRect
ImageList_GetIconSize
ImageList_GetImageCount
ImageList_AddIcon
ImageList_Remove
ImageList_GetDragImage
ImageList_Merge
ImageList_Draw
InitCommonControls
ImageList_LoadImage
ImageList_Copy

user32

CopyIcon
GetWindowTextA
IsMenu
GetDlgItem
BlockInput
InsertMenuA
CreateIcon
GetWindowTextLengthA
CloseWindow
GetMenu
DrawIcon
CalcMenuBar
DrawTextW
GetFocus
DialogBoxParamA
LoadMenuA

kernel32

lstrcmpiA
FreeLibrary
HeapFree
GetStdHandle
lstrcatA
GetFileSize
GetModuleHandleA
SetLastError
CloseHandle
GlobalFree
GetLastError
GetStringTypeA
GetCPInfo
GetCommandLineA
GetModuleFileNameA
GetFileAttributesA

advapi32

RegQueryValueExA
RegEnumKeyA
RegDeleteKeyA
RegOpenKeyExA
RegCreateKeyExW
RegOpenKeyW
RegEnumKeyW
RegLoadKeyA
RegFlushKey
RegOpenKeyExW
RegReplaceKeyA
RegEnumValueA
RegQueryValueW
RegCreateKeyExA
RegQueryValueExW
RegEnumValueW

Sections

.text
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.ldata
Size: 60KB - Virtual size: 56KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 8KB - Virtual size: 81KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.res
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

1bc4d62b4023ea7c80f270665064b571

Headers

File Characteristics

Imports

comctl32

user32

kernel32

advapi32

Sections

.text Size: 4KB - Virtual size: 3KB

.ldata Size: 60KB - Virtual size: 56KB

.rdata Size: 8KB - Virtual size: 81KB

.res Size: 4KB - Virtual size: 2KB

.text
Size: 4KB - Virtual size: 3KB

.ldata
Size: 60KB - Virtual size: 56KB

.rdata
Size: 8KB - Virtual size: 81KB

.res
Size: 4KB - Virtual size: 2KB