a1fd25c9144024f533a06f5290df8da0_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

a1fd25c9144024f533a06f5290df8da0_JaffaCakes118
Size

164KB
MD5

a1fd25c9144024f533a06f5290df8da0
SHA1

044ec25843621d0cc3f3de7f46562bd9907f2594
SHA256

d55086b35c34b1429def8602b344cea6ec05257cdbab297ede3737257fd2845d
SHA512

c9d2eb739dcf12e2987988577d1c5e1ca7c026787525cd1bfffb610763e6bb6c5466b14de45d2f5f41993693dde4d30e9b47c5db9228a173ae64ce6c2ce61245
SSDEEP

1536:sK+az4rrbTusUL0BQ70JG69PIN9rlLEMyjMUbzmlN0cHB:sK5z4rrbS703w3lLE3AUbzw0

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a1fd25c9144024f533a06f5290df8da0_JaffaCakes118

Files

a1fd25c9144024f533a06f5290df8da0_JaffaCakes118
.exe windows:4 windows x86 arch:x86

bf7726b425fd450036708284d76b0473

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

OpenFileMappingA
CreateThread
Sleep
GetFileSize
WriteFile
CopyFileExW
ReadConsoleA
ExitThread
CreateDirectoryA
GetCommandLineA
DeleteAtom
OpenFile
GlobalFree
GetFileTime
ReadConsoleW

advapi32

RegQueryValueW
RegReplaceKeyA
RegOpenKeyExA
RegReplaceKeyW
RegCreateKeyExA
RegQueryInfoKeyW
RegOpenKeyW
RegOpenKeyA
RegDeleteKeyA
RegEnumKeyExA
RegCreateKeyExW
RegEnumKeyA
RegDeleteValueA
RegQueryValueA
RegQueryValueExA
RegDeleteKeyW
RegOpenKeyExW
RegGetKeySecurity
RegEnumValueW
RegEnumValueA
RegQueryInfoKeyA
RegLoadKeyA
RegFlushKey

comctl32

ImageList_DrawIndirect
ImageList_LoadImageW
ImageList_Copy
ImageList_GetIcon
ImageList_DrawEx
ImageList_Create
ImageList_LoadImage
ImageList_DragMove
ImageList_LoadImageA
ImageList_Merge
InitCommonControls
ImageList_GetIconSize
ImageList_BeginDrag
ImageList_Replace
ImageList_Read
ImageList_GetImageRect
ImageList_DragEnter
ImageList_Destroy
ImageList_ReplaceIcon
ImageList_Draw
ImageList_Remove

user32

IsMenu
GetMenu
DrawTextW
DialogBoxParamA
GetDlgItem
CloseWindow
GetCursor
AppendMenuW
EndDialog
GetWindowTextLengthA
DrawIcon
AlignRects
AppendMenuA
BlockInput
CopyIcon
GetDC
CopyRect
CalcMenuBar
DrawIconEx
GetWindowTextA
LoadCursorA

Sections

.text
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 120KB - Virtual size: 4.3MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 4KB - Virtual size: 30B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

bf7726b425fd450036708284d76b0473

Headers

File Characteristics

Imports

kernel32

advapi32

comctl32

user32

Sections

.text Size: 4KB - Virtual size: 1KB

.rdata Size: 8KB - Virtual size: 4KB

.edata Size: 4KB - Virtual size: 1KB

.data Size: 120KB - Virtual size: 4.3MB

.reloc Size: 4KB - Virtual size: 30B

.rdata Size: 4KB - Virtual size: 1KB

.idata Size: 4KB - Virtual size: 2KB

.rsrc Size: 12KB - Virtual size: 11KB

.text
Size: 4KB - Virtual size: 1KB

.rdata
Size: 8KB - Virtual size: 4KB

.edata
Size: 4KB - Virtual size: 1KB

.data
Size: 120KB - Virtual size: 4.3MB

.reloc
Size: 4KB - Virtual size: 30B

.rdata
Size: 4KB - Virtual size: 1KB

.idata
Size: 4KB - Virtual size: 2KB

.rsrc
Size: 12KB - Virtual size: 11KB