8459f4f7e6091c72b3f9e13dcf188fec_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

8459f4f7e6091c72b3f9e13dcf188fec_JaffaCakes118
Size

29KB
MD5

8459f4f7e6091c72b3f9e13dcf188fec
SHA1

e43b0e0b2a0fce3fd7586afbb16747780093b15b
SHA256

5554b7a15093aef202756281cb4a1b4ec5a38584e04c7ae78f57db0bea0eb6f5
SHA512

c2de83956546693fb54560be4bf4eeb3d4e1f214d49d0662fb5c79042d00a869fe9c142804f2e03c14aec7a625d909abdac8ce87eea202bfeb2907624d2ca91e
SSDEEP

384:737oNHKb6nLMVjTUCgvRb0qN8Axp0XEep0ZveSaDhh1KBO2utIXEjgHhsG2JM:3xbmwVj/FqNjxOX04SaDhhkBO21sGR

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8459f4f7e6091c72b3f9e13dcf188fec_JaffaCakes118

Files

8459f4f7e6091c72b3f9e13dcf188fec_JaffaCakes118
.exe windows:4 windows x86 arch:x86

f117cd343f6f8ce08dcb0474d7cc96e6

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

gdi32

GetClipBox
GetBrushOrgEx
AddFontResourceW
AddFontResourceTracking
AddFontResourceA
DeleteDC
RestoreDC
AddFontMemResourceEx
BeginPath
BitBlt
GetPixel
ExcludeClipRect
GetPixel
GetDCOrgEx
GetBitmapBits
SetTextColor
ExtTextOutA
CopyMetaFileA
AddFontResourceExW
DeleteObject
AbortPath
AddFontResourceExA
CancelDC
CloseFigure
ClearBrushAttributes

kernel32

DeleteFileA
ReadConsoleA
CreateProcessA
GetLastError
OpenFileMappingA
CopyFileA
FindAtomA
WriteFile
GetComputerNameA
GetFileTime
GetConsoleMode
GetStdHandle
OpenFile
CopyFileExA
DeleteFileW
GetFileSize
CopyFileExW
GlobalFree
CreateThread
GetCommandLineA
CopyFileW
ReadFile
GetCPInfo
Sleep
SetLastError
DeleteAtom

advapi32

RegLoadKeyA
RegReplaceKeyW
RegQueryValueA
RegQueryValueExA
RegDeleteKeyA
RegCreateKeyW
RegCreateKeyExW
RegQueryInfoKeyA
RegOpenKeyW
RegReplaceKeyA
RegFlushKey
RegQueryValueW
RegEnumKeyA
RegEnumValueA
RegOpenKeyExW
RegEnumKeyExA
RegDeleteValueW
RegEnumKeyW
RegOpenKeyA
RegEnumValueW
RegLoadKeyW

comctl32

ImageList_Destroy
ImageList_DragLeave
ImageList_DrawIndirect
ImageList_Create
ImageList_Replace
ImageList_GetImageInfo
ImageList_EndDrag
ImageList_ReplaceIcon
ImageList_GetDragImage
ImageList_LoadImageA
ImageList_AddIcon
ImageList_Remove
ImageList_DragShowNolock
ImageList_Draw
ImageList_DragMove
ImageList_LoadImageW
ImageList_AddMasked
ImageList_GetIconSize

Sections

.text
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 19KB - Virtual size: 53KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: - Virtual size: 513B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 691B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f117cd343f6f8ce08dcb0474d7cc96e6

Headers

File Characteristics

Imports

gdi32

kernel32

advapi32

comctl32

Sections

.text Size: 5KB - Virtual size: 4KB

.rdata Size: 2KB - Virtual size: 2KB

.data Size: 19KB - Virtual size: 53KB

.reloc Size: - Virtual size: 513B

.rsrc Size: 1024B - Virtual size: 691B

.text
Size: 5KB - Virtual size: 4KB

.rdata
Size: 2KB - Virtual size: 2KB

.data
Size: 19KB - Virtual size: 53KB

.reloc
Size: - Virtual size: 513B

.rsrc
Size: 1024B - Virtual size: 691B