b83abfa9c8ebfb72d34cf990c1269092_JaffaCakes118

General

Target

b83abfa9c8ebfb72d34cf990c1269092_JaffaCakes118
Size

29KB
MD5

b83abfa9c8ebfb72d34cf990c1269092
SHA1

6945c08dcd8156e4bff7b14344af80c805f76e25
SHA256

7bc297f658cb5ceaf92023cd6292baa52907bfbd6df99ba78f8a335c1d18b833
SHA512

c7a1daf830cf9730d0897548f63cd07e404f2df7d346a8b0b1a9d2a03440ac3d911155923b28d63584a5050eebd5706cb753b99e214c3b5ab45760e787d1964e
SSDEEP

384:TGsaVaNK73DVyIP+VPXDmj1/G662MtoOJ+BPJwKWK:TGscsKDDVyImVPiBNbMGEGzWK

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b83abfa9c8ebfb72d34cf990c1269092_JaffaCakes118

Files

b83abfa9c8ebfb72d34cf990c1269092_JaffaCakes118
.exe windows:4 windows x86 arch:x86

53ee37f7bfa8f8e8a643794b0f7320ed

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetFileType
LCMapStringW
GetVersion
TerminateProcess
CreateFileA
lstrcpynW
GetModuleFileNameA
GetOEMCP
GetCurrentProcess
lstrcatA
LCMapStringA
SetFilePointer
GetStartupInfoA
MultiByteToWideChar
GetStringTypeW
GetCPInfo
GetStdHandle
GetStringTypeA
lstrcpynA
SetHandleCount
lstrcpyA
GetACP
GetCommandLineA

user32

CopyImage
CopyIcon
CopyRect
LoadMenuA
DrawIcon
GetWindowTextLengthA
CloseWindow
LoadCursorA
GetWindowTextA
IsMenu
DrawTextA
GetCursor
InsertMenuA
EndDialog
CreateIcon
GetFocus
DrawIconEx
DrawTextW
GetMenu
DialogBoxParamA
GetDlgItem
GetDC
IsWindow
DialogBoxParamW

comctl32

CreateMappedBitmap
CreateStatusWindow
ImageList_Copy
DrawStatusTextW
ImageList_LoadImageA
ImageList_AddIcon
MenuHelp
ImageList_DragEnter
ImageList_Draw
ImageList_EndDrag

advapi32

RegSetValueA
RegDeleteValueW
RegEnumValueA
RegEnumKeyW
RegCreateKeyExA
RegSetValueW
RegOpenKeyExW
RegOpenKeyW
RegEnumKeyExA
RegDeleteKeyA
RegOpenKeyA

Sections

.text
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 18KB - Virtual size: 17.7MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

53ee37f7bfa8f8e8a643794b0f7320ed

Headers

File Characteristics

Imports

kernel32

user32

comctl32

advapi32

Sections

.text Size: 7KB - Virtual size: 7KB

.rdata Size: 2KB - Virtual size: 1KB

.data Size: 18KB - Virtual size: 17.7MB

.text
Size: 7KB - Virtual size: 7KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 18KB - Virtual size: 17.7MB