a7c6dd35ca4c2b630df9613a2bb22732_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

a7c6dd35ca4c2b630df9613a2bb22732_JaffaCakes118
Size

323KB
MD5

a7c6dd35ca4c2b630df9613a2bb22732
SHA1

51db0cbbffcf6657edafe3a12258ae7e2f03647a
SHA256

7e9f61c321131d29d67060fd7fea630ca536a00961d99e3a492d7c48b109adbc
SHA512

c538be69601b20650eb564e5c99781c82025ce7ae9d8cfdf37ff76784b9ad8598dde97f560fb7d817f279ca44f662f658ed968055afd91279405e8084ced2110
SSDEEP

6144:NKWr6WJLXh1DVpR+l1rXUOhc6M0lp8Qs/TNwr6RcSivpE3iZ6J:1rvxp8XHcKILrNwr/pE3

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a7c6dd35ca4c2b630df9613a2bb22732_JaffaCakes118

Files

a7c6dd35ca4c2b630df9613a2bb22732_JaffaCakes118
.dll windows:4 windows x86 arch:x86

c49d1836415ae436968ffb06051b3038

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Imports

user32

LoadMenuA
CopyIcon
GetWindowTextLengthA
LoadCursorA
GetFocus
DialogBoxParamW
GetDlgItem
DrawTextA
InsertMenuA
DrawTextW
DrawIconEx
GetCursor
DialogBoxParamA
EndDialog
CopyRect

kernel32

Sleep
ReadFile
CreateProcessA
CreateThread
GetLastError
OpenFileMappingA
OpenFile
ExitThread
DeleteFileA
SetLastError
GlobalFree
DeleteAtom
GetFileSize
GetStdHandle
GetComputerNameA
GetCPInfo
GetCommandLineA
WriteFile
ReadConsoleA
FindAtomA
GetFileTime
FindFirstFileA
DeleteFileW

comctl32

DrawStatusText
ImageList_LoadImageA
CreateStatusWindow
CreateToolbarEx
MenuHelp
DllGetVersion
ImageList_GetIconSize
ImageList_Add
CreateStatusWindowW

advapi32

RegEnumKeyW
RegOpenKeyW
RegEnumKeyA
RegOpenKeyExA
RegCreateKeyW
RegDeleteKeyW
RegQueryValueW
RegSetValueA
RegQueryValueExA
RegDeleteValueA
RegOpenKeyA
RegCreateKeyA
RegSetValueW
RegDeleteKeyA
RegQueryValueExW
RegEnumKeyExA
RegQueryValueA
RegEnumValueW
RegDeleteValueW
RegEnumValueA

Sections

.text
Size: 47KB - Virtual size: 47KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 270KB - Virtual size: 269KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bbs
Size: - Virtual size: 234KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tls
Size: - Virtual size: 333B

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 838B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 108KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

c49d1836415ae436968ffb06051b3038

Headers

File Characteristics

Imports

user32

kernel32

comctl32

advapi32

Sections

.text Size: 47KB - Virtual size: 47KB

.data Size: 270KB - Virtual size: 269KB

.bbs Size: - Virtual size: 234KB

.idata Size: 2KB - Virtual size: 2KB

.tls Size: - Virtual size: 333B

.rdata Size: 512B - Virtual size: 838B

.rsrc Size: 1024B - Virtual size: 108KB

.text
Size: 47KB - Virtual size: 47KB

.data
Size: 270KB - Virtual size: 269KB

.bbs
Size: - Virtual size: 234KB

.idata
Size: 2KB - Virtual size: 2KB

.tls
Size: - Virtual size: 333B

.rdata
Size: 512B - Virtual size: 838B

.rsrc
Size: 1024B - Virtual size: 108KB