b9729958d359c9258b8c3a91aee5c95c_JaffaCakes118

General

Target

b9729958d359c9258b8c3a91aee5c95c_JaffaCakes118
Size

89KB
MD5

b9729958d359c9258b8c3a91aee5c95c
SHA1

a9e611c3f5bc0e963eccda9bdd3d02ff57af8077
SHA256

624ae3af134fcc05ce89a8d24c0e742847aaeaf95247b795f62e2ec5277c4fae
SHA512

d47eaf237554262d90cbc3a456f3dacc9e094a738f508fc1d94ce446c295385165eca0bda8b61200224b88c0b9d1d4703831d86ab9960fb2beaf9a192ba93204
SSDEEP

1536:vuBX2NQZ5TgB5akZvT/trhGpkapTpEDYYkJWpCtydd46:vcXiQZ5nkZvTFVGprVUYYcybt

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b9729958d359c9258b8c3a91aee5c95c_JaffaCakes118

Files

b9729958d359c9258b8c3a91aee5c95c_JaffaCakes118
.exe windows:4 windows x86 arch:x86

406fd58f4fb84ffca683d10e7ed2fbc0

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RegQueryInfoKeyW
RegQueryValueExW
RegEnumKeyW
RegCreateKeyExW
RegReplaceKeyA
RegQueryValueExA
RegEnumKeyExA
RegCreateKeyW
RegLoadKeyA
RegFlushKey
RegQueryInfoKeyA
RegDeleteKeyA
RegEnumKeyExW
RegDeleteValueW
RegCreateKeyExA
RegOpenKeyExW
RegDeleteKeyW
RegOpenKeyExA
RegEnumKeyA
RegOpenKeyW

user32

DrawIcon
GetMenu
AlignRects
EndDialog
CreateIcon
LoadMenuA
IsWindow
CopyIcon
BlockInput
DialogBoxParamW
AppendMenuW
CopyRect
CloseWindow
IsMenu
CopyImage
InsertMenuA
DrawTextW
GetDlgItem
GetWindowTextLengthA

kernel32

GetFileSize
Sleep
lstrcmpA
WideCharToMultiByte
GetFileAttributesA
CloseHandle
GetModuleFileNameA
GetDateFormatA
GetLastError
GetLocalTime
GetCommandLineA
lstrcmpiA
GetFileType
HeapAlloc
SetLastError
lstrlenA
lstrcatA

comctl32

ImageList_Merge
ImageList_Remove
ImageList_Copy
InitCommonControls
ImageList_GetImageRect
ImageList_ReplaceIcon
ImageList_LoadImage
ImageList_LoadImageA
ImageList_Destroy
ImageList_GetImageCount
ImageList_DragLeave
ImageList_DragEnter
ImageList_GetDragImage
ImageList_EndDrag
ImageList_Replace
ImageList_GetImageInfo

Sections

.text
Size: 14KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.adata
Size: 60KB - Virtual size: 60KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bdata
Size: 7KB - Virtual size: 74KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.res
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

406fd58f4fb84ffca683d10e7ed2fbc0

Headers

File Characteristics

Imports

advapi32

user32

kernel32

comctl32

Sections

.text Size: 14KB - Virtual size: 13KB

.adata Size: 60KB - Virtual size: 60KB

.bdata Size: 7KB - Virtual size: 74KB

.res Size: 3KB - Virtual size: 2KB

.text
Size: 14KB - Virtual size: 13KB

.adata
Size: 60KB - Virtual size: 60KB

.bdata
Size: 7KB - Virtual size: 74KB

.res
Size: 3KB - Virtual size: 2KB