b9e5931e93561a37b78f050272fc7b0a_JaffaCakes118

General

Target

b9e5931e93561a37b78f050272fc7b0a_JaffaCakes118
Size

84KB
MD5

b9e5931e93561a37b78f050272fc7b0a
SHA1

1cab512dc541f5587344b036081d7f3b0df34c79
SHA256

53665785c1b2df036b03b1135c81c083d5e839ea686862e3f14f7af61caeeff7
SHA512

65f31619fedf45868662326684e2728d950eed4f0e241c7bbee8690097c190f97b6ff53bf3ccc1ccd1ee0c00d3c4c1ddb3375b10a19a6ab8b4060c16146a299c
SSDEEP

1536:Y4mmhl/NCcHJNKWUqDHMi6wlBjrY7lykScF4FqY:YKhl/RSF+HMyXjrY78krF6

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b9e5931e93561a37b78f050272fc7b0a_JaffaCakes118

Files

b9e5931e93561a37b78f050272fc7b0a_JaffaCakes118
.exe windows:4 windows x86 arch:x86

8a8d045da74b1a11efb015ab9f127238

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RegReplaceKeyA
RegDeleteValueW
RegCreateKeyExA
RegDeleteValueA
RegOpenKeyW
RegCreateKeyW
RegFlushKey
RegDeleteKeyW
RegEnumValueA
RegQueryInfoKeyA
RegCreateKeyExW
RegOpenKeyA
RegQueryValueExW
RegQueryInfoKeyW
RegQueryValueExA
RegOpenKeyExA

comctl32

ImageList_LoadImageW
ImageList_LoadImage
ImageList_Destroy
ImageList_AddIcon
ImageList_DragEnter
ImageList_LoadImageA
ImageList_GetImageInfo
ImageList_Draw
ImageList_Copy
ImageList_Create
ImageList_DragShowNolock
ImageList_Merge
ImageList_DragLeave
ImageList_EndDrag
ImageList_Remove
ImageList_BeginDrag

user32

GetDlgItem
CopyIcon
CloseWindow
DrawIconEx
DrawTextA
GetWindowTextLengthA
InsertMenuA
BlockInput
DialogBoxParamA
LoadCursorA
CreateIcon
AppendMenuA
GetWindowTextA
EndDialog
AppendMenuW
GetCursor
GetMenu
LoadMenuA
AlignRects
DrawTextW

kernel32

DeleteFileW
GetCommandLineA
GetLastError
FindAtomA
CopyFileW
GetCPInfo
OpenFileMappingA
WriteFile
ExitThread
GlobalFree
GetStdHandle
DeleteAtom
GetFileTime
ReadFile
GetConsoleMode
SetLastError
CopyFileExA
Sleep
ReadConsoleA
FindFirstFileA

Sections

.text
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 64KB - Virtual size: 118KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

8a8d045da74b1a11efb015ab9f127238

Headers

File Characteristics

Imports

advapi32

comctl32

user32

kernel32

Sections

.text Size: 8KB - Virtual size: 4KB

.rdata Size: 4KB - Virtual size: 1KB

.data Size: 64KB - Virtual size: 118KB

.rsrc Size: 4KB - Virtual size: 2KB

.text
Size: 8KB - Virtual size: 4KB

.rdata
Size: 4KB - Virtual size: 1KB

.data
Size: 64KB - Virtual size: 118KB

.rsrc
Size: 4KB - Virtual size: 2KB