a784a0becf479ba79a00862bdbe88c42_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

a784a0becf479ba79a00862bdbe88c42_JaffaCakes118
Size

96KB
MD5

a784a0becf479ba79a00862bdbe88c42
SHA1

91a12d5154d5181bef5f338d041645caddffb727
SHA256

eb5043abf80b12e2e2ce57baa0ad3a65017057a90ed0cee517ce5587a2b549e1
SHA512

6db02c5aa485dfa0280be5aeca28120310c461814afa425c27d3c09e36338778fd88380f398d905edb878f66eba53ab6f38565b8b731d70af211b45888c83513
SSDEEP

1536:6LxPH412Bb2vFdw9lMx6xG4a55WpC9ePQb/O/qlecp8rk6T2:6ZY4BMkrx2fWpC99bmOZqk6T

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a784a0becf479ba79a00862bdbe88c42_JaffaCakes118

Files

a784a0becf479ba79a00862bdbe88c42_JaffaCakes118
.exe windows:4 windows x86 arch:x86

dee688bd3a94795ef03a43a054d08f4f

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

BlockInput
GetMenu
CalcMenuBar
LoadMenuA
CopyRect
GetDC
CopyIcon
GetCursor
CreateIcon
DialogBoxParamA
GetWindowTextLengthA
GetDlgItem
DrawIcon
CopyImage
IsWindow
EndDialog
DrawTextW
IsMenu
DrawTextA
DialogBoxParamW

gdi32

GetDCOrgEx
SetTextColor
AbortPath
ExtTextOutA
GetPixel
GetCurrentPositionEx
CreateSolidBrush
GetBrushOrgEx
DeleteDC
CancelDC
ClearBitmapAttributes
AddFontResourceA
BitBlt
CopyMetaFileA
CloseFigure
CloseMetaFile
AddFontResourceExA
GetPixel
AddFontResourceExW
ClearBrushAttributes
AddFontMemResourceEx

advapi32

RegQueryValueExA
RegQueryInfoKeyA
RegDeleteKeyW
RegOpenKeyExA
RegEnumKeyExW
RegEnumValueW
RegQueryInfoKeyW
RegCreateKeyW
RegQueryValueW
RegLoadKeyA
RegDeleteValueA
RegReplaceKeyA
RegOpenKeyW
RegEnumValueA
RegOpenKeyA
RegDeleteKeyA
RegQueryValueA
RegCreateKeyExW

kernel32

GetConsoleMode
ReadConsoleA
GetFileSize
FindAtomA
ExitThread
WriteFile
DeleteAtom
GlobalFree
CopyFileExA
OpenFileMappingA
ReadFile
CopyFileW
DeleteFileA
DeleteFileW
Sleep
GetStdHandle
GetLastError
CreateThread

comctl32

ImageList_Read
ImageList_GetIcon
ImageList_DragShowNolock
ImageList_DrawEx
ImageList_Remove
ImageList_Replace
ImageList_Merge
ImageList_AddMasked
ImageList_EndDrag
ImageList_GetImageCount
ImageList_BeginDrag
ImageList_LoadImage
ImageList_GetImageInfo
ImageList_DrawIndirect
ImageList_LoadImageA
ImageList_Destroy
ImageList_GetIconSize
ImageList_GetImageRect
ImageList_DragLeave
ImageList_LoadImageW
ImageList_AddIcon

Sections

.text
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 64KB - Virtual size: 189KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 16KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

dee688bd3a94795ef03a43a054d08f4f

Headers

File Characteristics

Imports

user32

gdi32

advapi32

kernel32

comctl32

Sections

.text Size: 8KB - Virtual size: 4KB

.rdata Size: 4KB - Virtual size: 2KB

.data Size: 64KB - Virtual size: 189KB

.rsrc Size: 16KB - Virtual size: 16KB

.text
Size: 8KB - Virtual size: 4KB

.rdata
Size: 4KB - Virtual size: 2KB

.data
Size: 64KB - Virtual size: 189KB

.rsrc
Size: 16KB - Virtual size: 16KB