962d7ba5319374fbb6de7a0869e0bc07_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

962d7ba5319374fbb6de7a0869e0bc07_JaffaCakes118
Size

2.0MB
MD5

962d7ba5319374fbb6de7a0869e0bc07
SHA1

6876c5cebde692334cef2f1222eec74c51fe9139
SHA256

3de2c9980f808714e25227e564d56134b5ca4b6ab1f32fbf078fe3ceb30b1734
SHA512

279accb513f1a8c2636adb8211f13c934ff5ab05dbc2fd12e3c1f645f993b8e7391f1fc89416228d9ceff43b0b496c0f0ab49acfffa62721e33fc8282ee683a3
SSDEEP

24576:WySwWjZbomxUdjyuUzMyp+kMSC8Y4bMggKXoRHg5nK7kuJ:pRWjJofyuUz/p+h8gAUt7kuJ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
962d7ba5319374fbb6de7a0869e0bc07_JaffaCakes118

Files

962d7ba5319374fbb6de7a0869e0bc07_JaffaCakes118
.exe windows:4 windows x86 arch:x86

dff4aa4477593b1c9bb48e09d0b81d5d

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

comctl32

InitCommonControls
ImageList_Replace
ImageList_Create
ImageList_AddMasked
ImageList_DragEnter
ImageList_DrawEx
ImageList_Read
ImageList_GetImageInfo
ImageList_LoadImage
ImageList_BeginDrag
ImageList_GetIconSize
ImageList_GetDragImage
ImageList_DrawIndirect
ImageList_Merge
ImageList_LoadImageW
ImageList_Remove
ImageList_DragMove
ImageList_LoadImageA

advapi32

RegDeleteKeyW
RegOpenKeyW
RegQueryValueExA
RegDeleteValueA
RegReplaceKeyW
RegOpenKeyA
RegEnumKeyW
RegEnumKeyExW
RegQueryValueExW
RegOpenKeyExW
RegQueryInfoKeyW
RegEnumKeyExA
RegEnumKeyA
RegQueryValueA
RegDeleteKeyA
RegEnumValueW
RegCreateKeyExA
RegQueryValueW
RegDeleteValueW
RegQueryValueExA
RegEnumValueW
RegOpenKeyW
RegReplaceKeyA
RegCreateKeyW
RegEnumKeyW
RegEnumKeyA
RegEnumKeyExA
RegOpenKeyExA
RegEnumKeyExW
RegOpenKeyA
RegDeleteValueA
RegEnumValueA
RegLoadKeyA
RegLoadKeyW
RegLoadKeyA
RegGetKeySecurity
RegOpenKeyA
RegDeleteKeyA
RegEnumKeyExA
RegOpenKeyExA
RegDeleteValueW
RegReplaceKeyW
RegEnumValueW
RegFlushKey
RegOpenKeyW
RegCreateKeyExW
RegQueryInfoKeyW
RegQueryValueExA
RegQueryInfoKeyW
RegLoadKeyW
RegReplaceKeyA
RegLoadKeyA
RegQueryValueW
RegQueryInfoKeyA
RegReplaceKeyW
RegDeleteKeyA
RegDeleteValueW
RegQueryValueExW
RegEnumKeyExW
RegDeleteValueA
RegQueryValueExA
RegCreateKeyExW
RegOpenKeyExA
RegFlushKey
RegEnumKeyA
RegGetKeySecurity
RegCreateKeyW

kernel32

GetFileTime
GetCommandLineA
ReadConsoleW
FindAtomA
CopyFileExA
CreateThread
Sleep
CopyFileW
CopyFileExW
CreateDirectoryA
ReadConsoleA
DeleteFileW
GetLastError
WriteFile
GetFileSize

Sections

CODE
Size: 264KB - Virtual size: 261KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.zdysBh
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.qdata
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.lmYUNT
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.mdata
Size: 1.7MB - Virtual size: 5.4MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.YKYKlj
Size: 4KB - Virtual size: 290B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.GAsasy
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.zIHwnC
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

dff4aa4477593b1c9bb48e09d0b81d5d

Headers

File Characteristics

Imports

comctl32

advapi32

kernel32

Sections

CODE Size: 264KB - Virtual size: 261KB

.zdysBh Size: 8KB - Virtual size: 5KB

.qdata Size: 8KB - Virtual size: 5KB

.lmYUNT Size: 8KB - Virtual size: 4KB

.mdata Size: 1.7MB - Virtual size: 5.4MB

.YKYKlj Size: 4KB - Virtual size: 290B

.GAsasy Size: 4KB - Virtual size: 1KB

.zIHwnC Size: 4KB - Virtual size: 3KB

.rsrc Size: 8KB - Virtual size: 4KB

CODE
Size: 264KB - Virtual size: 261KB

.zdysBh
Size: 8KB - Virtual size: 5KB

.qdata
Size: 8KB - Virtual size: 5KB

.lmYUNT
Size: 8KB - Virtual size: 4KB

.mdata
Size: 1.7MB - Virtual size: 5.4MB

.YKYKlj
Size: 4KB - Virtual size: 290B

.GAsasy
Size: 4KB - Virtual size: 1KB

.zIHwnC
Size: 4KB - Virtual size: 3KB

.rsrc
Size: 8KB - Virtual size: 4KB