a189d2fbb2f3ed3e72b6e0f3bbd80a4f_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

a189d2fbb2f3ed3e72b6e0f3bbd80a4f_JaffaCakes118
Size

65KB
MD5

a189d2fbb2f3ed3e72b6e0f3bbd80a4f
SHA1

e39eb24958c9a375b2f4b383b14947e6fa58fa5b
SHA256

c19f283a1a82e6f1dcb45b21bf133a94e6c897b37aa718c589ce65cb35162e02
SHA512

7f251590626837eb677a37090f21f5f0f07f7eb4e1512bacb1a68e234daeec83478e16830c1f87e802337c59282f8c8ee9b3459f4dd046e292d16a112831741d
SSDEEP

384:rOH2kDL6vEjF+/ZwJpQptvQSCzcMLgQQ1RHVB5tTn+HGbLE/Faa+6YbKkxZNJRep:azp0auppcz9LgRtn+HGnOFaaPMKknrM

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a189d2fbb2f3ed3e72b6e0f3bbd80a4f_JaffaCakes118

Files

a189d2fbb2f3ed3e72b6e0f3bbd80a4f_JaffaCakes118
.exe windows:4 windows x86 arch:x86

396e9dd23db380877cd3c413e45b0788

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ExitThread
DeleteAtom
WriteFile
OpenFileMappingA
Sleep
FindAtomA
FindFirstFileA
SetLastError
GetStdHandle
GetFileSize
GetCPInfo
OpenFile
GlobalFree
GetComputerNameA
ReadFile
CreateProcessA
CreateThread
GetFileTime
DeleteFileA
GetConsoleMode
GetCommandLineA
ReadConsoleA
GetLastError
DeleteFileW

user32

CreateIcon
IsMenu
IsWindow
GetDlgItem
CopyImage
GetWindowTextLengthA

comctl32

ImageList_Create
DrawStatusTextW
ImageList_GetIcon
ImageList_EndDrag
ImageList_DrawEx
ImageList_LoadImageA
ImageList_Add
ImageList_AddIcon
InitCommonControls

advapi32

RegOpenKeyExW
RegEnumKeyExW
RegQueryValueExW
RegCreateKeyA
RegQueryValueW
RegOpenKeyExA
RegEnumValueA

Sections

.text
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 512B - Virtual size: 253B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 41KB - Virtual size: 32.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 405B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 1024B - Virtual size: 536B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

396e9dd23db380877cd3c413e45b0788

Headers

File Characteristics

Imports

kernel32

user32

comctl32

advapi32

Sections

.text Size: 12KB - Virtual size: 12KB

.rdata Size: 512B - Virtual size: 253B

.data Size: 41KB - Virtual size: 32.1MB

.tls Size: 512B - Virtual size: 405B

.rdata Size: 1024B - Virtual size: 536B

.idata Size: 2KB - Virtual size: 2KB

.reloc Size: 1KB - Virtual size: 1KB

.rsrc Size: 4KB - Virtual size: 3KB

.text
Size: 12KB - Virtual size: 12KB

.rdata
Size: 512B - Virtual size: 253B

.data
Size: 41KB - Virtual size: 32.1MB

.tls
Size: 512B - Virtual size: 405B

.rdata
Size: 1024B - Virtual size: 536B

.idata
Size: 2KB - Virtual size: 2KB

.reloc
Size: 1KB - Virtual size: 1KB

.rsrc
Size: 4KB - Virtual size: 3KB