82867a4bf9d79fa870a3d4210664a8e5_JaffaCakes118

General

Target

82867a4bf9d79fa870a3d4210664a8e5_JaffaCakes118
Size

76KB
MD5

82867a4bf9d79fa870a3d4210664a8e5
SHA1

d90d6fb0b4fa99202be7440bb1de2a7c08c0ae98
SHA256

6aee600dafa92f41d7dd2fec5f213049e5b03e4f3daa6ecc70a76ce1c580fd14
SHA512

744e9676ee0dac7bc6a42575556d3394d6da5c4c903dfed1bd94b734b2a6a518c0d2a7bf491157979bf14deb29da69fcf1e08dfb3e730dfd27e5cf5400e039e3
SSDEEP

768:dbN0kfSibyYBlL/pb8NZ37zWJcVdS+xR4j6za/DZ1Be5YWvHgQ5vPptOniXGt/SI:48vh8bP2cV1x2j6QDZ1y35t9y/S

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
82867a4bf9d79fa870a3d4210664a8e5_JaffaCakes118

Files

82867a4bf9d79fa870a3d4210664a8e5_JaffaCakes118
.exe windows:4 windows x86 arch:x86

f1ea2413c97cbd033c85d5cc54a053d2

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

DialogBoxParamW
DrawTextA
InsertMenuA
IsWindow
AppendMenuW
DrawIconEx
LoadCursorA
CloseWindow
CopyIcon
GetWindowTextLengthA
GetWindowTextA
DrawTextW
IsMenu
CalcMenuBar
LoadMenuA
CreateIcon
CopyImage
GetFocus
AlignRects
EndDialog

advapi32

RegEnumValueA
RegEnumValueW
RegOpenKeyExW
RegDeleteValueA
RegDeleteKeyA
RegCreateKeyExW
RegReplaceKeyA
RegReplaceKeyW
RegDeleteKeyW
RegCreateKeyExA
RegOpenKeyW
RegQueryInfoKeyW
RegDeleteValueW
RegQueryValueExA
RegEnumKeyW
RegQueryInfoKeyA
RegLoadKeyA
RegEnumKeyExA

kernel32

ReadFile
CreateThread
CreateProcessA
SetLastError
CopyFileExA
GetCommandLineA
CopyFileA
FindFirstFileA
FindAtomA
CreateDirectoryA
GlobalFree
CopyFileW
GetFileTime
CopyFileExW
DeleteAtom
GetStdHandle
OpenFileMappingA
GetLastError
GetFileSize

comctl32

ImageList_DrawEx
ImageList_GetImageInfo
ImageList_DrawIndirect
ImageList_GetIconSize
ImageList_Create
ImageList_DragShowNolock
ImageList_LoadImageW
ImageList_LoadImage
ImageList_ReplaceIcon
ImageList_GetIcon
InitCommonControls
ImageList_DragLeave
ImageList_AddIcon
ImageList_AddMasked
ImageList_GetImageCount
ImageList_Read
ImageList_Merge

Sections

.text
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 56KB - Virtual size: 115KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 717B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f1ea2413c97cbd033c85d5cc54a053d2

Headers

File Characteristics

Imports

user32

advapi32

kernel32

comctl32

Sections

.text Size: 8KB - Virtual size: 4KB

.rdata Size: 4KB - Virtual size: 2KB

.data Size: 56KB - Virtual size: 115KB

.rsrc Size: 4KB - Virtual size: 717B

.text
Size: 8KB - Virtual size: 4KB

.rdata
Size: 4KB - Virtual size: 2KB

.data
Size: 56KB - Virtual size: 115KB

.rsrc
Size: 4KB - Virtual size: 717B