b931c476e4029303aecd838aebe1f41a_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

b931c476e4029303aecd838aebe1f41a_JaffaCakes118
Size

84KB
MD5

b931c476e4029303aecd838aebe1f41a
SHA1

0562bbe868f49310df580f3d7f34bf1f9808aeb4
SHA256

1a8eddf89f0da07d6dce0c7038d9cf21277e039c23123135e774f4c687e9df6d
SHA512

81512757d07b86d00399ebf4c89382242495dc52ad4ab3dd32f1594454f6a0940de6df629d5da7e4d5d1ca60955151c67c296bd57239b2def38c8a895a2cc0bd
SSDEEP

1536:GMPGV/u5HfChRN8r9GUzHEUrN6H+eeOvY9zCjuZYiyAI:C/Ufu8rhbEUrEH+eeOMzCjuqAI

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b931c476e4029303aecd838aebe1f41a_JaffaCakes118

Files

b931c476e4029303aecd838aebe1f41a_JaffaCakes118
.exe windows:4 windows x86 arch:x86

984a7f24d32ce1c983543426ee9da82b

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RegEnumValueA
RegLoadKeyW
RegQueryInfoKeyW
RegQueryValueExW
RegEnumKeyW
RegReplaceKeyW
RegReplaceKeyA
RegOpenKeyA
RegOpenKeyW
RegEnumKeyExA
RegCreateKeyW
RegDeleteKeyW
RegFlushKey
RegCreateKeyExW
RegQueryValueW
RegQueryValueA
RegDeleteValueW
RegOpenKeyExA
RegEnumKeyExW
RegLoadKeyA

gdi32

CreateSolidBrush
AddFontResourceExA
RestoreDC
AddFontResourceExW
ExcludeClipRect
ExtTextOutA
AbortPath
GetBrushOrgEx
AddFontResourceA
GetClipBox
GetDCOrgEx
ClearBrushAttributes
CloseMetaFile
GetPixel
AddFontResourceTracking
AddFontMemResourceEx
ClearBitmapAttributes
CloseFigure
BitBlt
CopyMetaFileA

comctl32

ImageList_Read
ImageList_DragLeave
ImageList_DrawIndirect
ImageList_Copy
ImageList_EndDrag
ImageList_Replace
ImageList_GetIconSize
ImageList_GetDragImage
ImageList_DrawEx
ImageList_AddMasked
ImageList_LoadImageW
ImageList_GetImageInfo
ImageList_Create
InitCommonControls
ImageList_LoadImageA
ImageList_GetImageRect
ImageList_DragMove
ImageList_GetImageCount
ImageList_Draw
ImageList_DragEnter

kernel32

HeapFree
lstrcmpA
HeapAlloc
Sleep
SetLastError
GetLastError
GetCPInfo
GlobalFree
GetStdHandle
GetModuleHandleA
FreeLibrary
GetFileAttributesA
GetModuleFileNameA
CloseHandle
GetCommandLineA
lstrlenA
GetFileType

user32

InsertMenuA
IsWindow
DrawIcon
DialogBoxParamW
CreateIcon
GetWindowTextLengthA
CopyIcon
DrawTextW
LoadMenuA
EndDialog
CopyRect
DrawIconEx
GetCursor
AppendMenuW
GetDlgItem
IsMenu
GetDC
DrawTextA
CloseWindow

Sections

.text
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 64KB - Virtual size: 60KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 4KB - Virtual size: 93KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.INIT
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.edata
Size: 512B - Virtual size: 834B

IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

984a7f24d32ce1c983543426ee9da82b

Headers

File Characteristics

Imports

advapi32

gdi32

comctl32

kernel32

user32

Sections

.text Size: 8KB - Virtual size: 4KB

.data Size: 64KB - Virtual size: 60KB

.rdata Size: 4KB - Virtual size: 93KB

.INIT Size: 3KB - Virtual size: 2KB

.edata Size: 512B - Virtual size: 834B

.text
Size: 8KB - Virtual size: 4KB

.data
Size: 64KB - Virtual size: 60KB

.rdata
Size: 4KB - Virtual size: 93KB

.INIT
Size: 3KB - Virtual size: 2KB

.edata
Size: 512B - Virtual size: 834B