88ea9db6df7a561668a936923517e3cc_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

88ea9db6df7a561668a936923517e3cc_JaffaCakes118
Size

132KB
MD5

88ea9db6df7a561668a936923517e3cc
SHA1

5bbac42e18244d3f9bd45559e15a6dd9e4124ee9
SHA256

c4a3482fbabe3d43763af0ca99b754a8a539e5bc08bb3b6231e8b61cf9e40259
SHA512

7e7b8059b675c73dfc5eeae35c7b20921c7beba5e08166ab7de41b19c7c009d1efd54340a4cf49d6c7e093b67377b03ac462af10cdee95d21d2b39715f5f3bec
SSDEEP

1536:SvO7vON4u+JG5FK3TWVUtPw80t9RrTUcq8bh8s3q7VoagHu:8O6N4H85FKD0U0xq8Pa7Voa

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
88ea9db6df7a561668a936923517e3cc_JaffaCakes118

Files

88ea9db6df7a561668a936923517e3cc_JaffaCakes118
.exe windows:4 windows x86 arch:x86

72d8fcbeb96126f97b7a46ba4fa9b690

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RegQueryValueW
RegEnumKeyA
RegEnumKeyExW
RegEnumKeyW
RegEnumValueW
RegDeleteValueW
RegEnumKeyExA
RegReplaceKeyW
RegDeleteValueA
RegQueryValueA
RegQueryInfoKeyA
RegGetKeySecurity
RegOpenKeyA
RegReplaceKeyA
RegCreateKeyW
RegEnumValueA
RegLoadKeyA
RegDeleteKeyW
RegCreateKeyExW
RegCreateKeyExA
RegOpenKeyW
RegFlushKey

kernel32

ReadConsoleA
CreateThread
CopyFileW
CopyFileA
ExitThread
ReadConsoleW
ReadFile
DeleteAtom
DeleteFileW
GetFileTime
SetLastError
OpenFile
GetStdHandle
CopyFileExW
FindFirstFileA
FindAtomA
Sleep
GetCPInfo

comctl32

ImageList_GetIconSize
ImageList_Merge
ImageList_GetImageInfo
ImageList_DragShowNolock
ImageList_LoadImageW
ImageList_GetImageRect
ImageList_Destroy
ImageList_Draw
ImageList_GetDragImage
ImageList_AddIcon
ImageList_BeginDrag
ImageList_LoadImage
ImageList_GetImageCount
ImageList_Create
ImageList_DrawIndirect

gdi32

ExcludeClipRect
AddFontResourceExA
CopyMetaFileA
RestoreDC
AddFontResourceTracking
CreateSolidBrush
GetBrushOrgEx
CloseFigure
GetPixel
AbortPath
ClearBrushAttributes
BeginPath
DeleteObject
DeleteDC
GetCurrentPositionEx
BitBlt
CloseMetaFile
AddFontMemResourceEx
GetPixel
CloseMetaFile
GetDCOrgEx
AddFontResourceTracking
CloseFigure
BitBlt
GetBrushOrgEx
AddFontResourceExA
CancelDC
GetPixel
ClearBrushAttributes
BeginPath
AddFontMemResourceEx
ExtTextOutA
AddFontResourceW
DeleteObject
CreateSolidBrush
GetBitmapBits
ExcludeClipRect
DeleteDC
AddFontResourceA

Sections

.text
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 72KB - Virtual size: 3.7MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 4KB - Virtual size: 208B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_MEM_READ

.rsrc
Size: 20KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

72d8fcbeb96126f97b7a46ba4fa9b690

Headers

File Characteristics

Imports

advapi32

kernel32

comctl32

gdi32

Sections

.text Size: 8KB - Virtual size: 5KB

.rdata Size: 8KB - Virtual size: 5KB

.edata Size: 4KB - Virtual size: 2KB

.data Size: 72KB - Virtual size: 3.7MB

.tls Size: 4KB - Virtual size: 208B

.rdata Size: 4KB - Virtual size: 1KB

.idata Size: 4KB - Virtual size: 2KB

.reloc Size: 4KB - Virtual size: 1KB

.rsrc Size: 20KB - Virtual size: 19KB

.text
Size: 8KB - Virtual size: 5KB

.rdata
Size: 8KB - Virtual size: 5KB

.edata
Size: 4KB - Virtual size: 2KB

.data
Size: 72KB - Virtual size: 3.7MB

.tls
Size: 4KB - Virtual size: 208B

.rdata
Size: 4KB - Virtual size: 1KB

.idata
Size: 4KB - Virtual size: 2KB

.reloc
Size: 4KB - Virtual size: 1KB

.rsrc
Size: 20KB - Virtual size: 19KB