be3323a599794cdc841bb366f0484dca_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

be3323a599794cdc841bb366f0484dca_JaffaCakes118
Size

82KB
MD5

be3323a599794cdc841bb366f0484dca
SHA1

3993776e4fdf281b2ca8e89bcbff1eee50896966
SHA256

9606f22905ba9e23b4a47db12506c41266955f2f56ac41dca904f8641c57d812
SHA512

31bcd4afaea40784002bb5180ac2d273f4d76f21558e02e2d352b1353a2dd8c929a43c2f757818cf47130ea168972d85e7c47ec8e0ababaf4099b7820f023949
SSDEEP

1536:Q1RFajNM92X2MfifH6+lfVrRm1y/Fn+ERj5p3e7a7l98l7X/k:Qz8RK2X2MKfRlfbUKu7Ql98B/k

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
be3323a599794cdc841bb366f0484dca_JaffaCakes118

Files

be3323a599794cdc841bb366f0484dca_JaffaCakes118
.exe windows:4 windows x86 arch:x86

b7a94e9d0dac4633f1683ae6c4aeeebc

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetLastError
DeleteFileA
GetLastError
GetStringTypeA
GetLastError
ExitProcess
GetLastError
GetStringTypeW
GetLastError
GetCommandLineA
GetLastError
lstrcmpiA
GetLastError
lstrlenA
GetLastError
GetLastError
GetLastError
lstrcmpA
GetLastError

advapi32

RegOpenKeyExW
RegQueryValueW
RegQueryInfoKeyW
RegOpenKeyA
RegEnumValueA
RegReplaceKeyW
RegReplaceKeyA
RegCreateKeyW
RegCreateKeyExA
RegOpenKeyExA
RegCreateKeyExW
RegLoadKeyW
RegQueryValueExW
RegEnumKeyA
RegEnumValueW
RegGetKeySecurity
RegEnumKeyExA
RegDeleteValueW
RegOpenKeyW
RegEnumKeyExW
RegQueryValueA
RegQueryValueExA
RegDeleteValueA
RegEnumKeyW
RegLoadKeyA
RegQueryInfoKeyA
RegDeleteKeyA
RegFlushKey
RegDeleteKeyW
RegEnumKeyExW
RegCreateKeyW
RegEnumKeyW
RegEnumValueA
RegDeleteValueW
RegDeleteKeyW
RegDeleteKeyA
RegQueryValueW
RegQueryInfoKeyW
RegOpenKeyA
RegCreateKeyExA
RegEnumValueW
RegReplaceKeyA
RegCreateKeyExW
RegQueryInfoKeyA
RegOpenKeyExA
RegOpenKeyExW
RegDeleteValueA
RegQueryValueA
RegReplaceKeyW
RegLoadKeyW
RegQueryValueExW
RegLoadKeyA
RegGetKeySecurity
RegEnumKeyExA
RegOpenKeyW
RegEnumKeyA
RegQueryValueExA
RegFlushKey

user32

LoadMenuA
DialogBoxParamW
DrawTextA
DrawIconEx
CloseWindow
CreateIcon
IsMenu
GetWindowTextLengthA
GetMenu
CopyRect
GetDlgItem
InsertMenuA
GetWindowTextA
DialogBoxParamA
AlignRects
AppendMenuW
AppendMenuA
CopyIcon
GetDC
EndDialog
IsWindow
DrawIcon
CopyImage
DrawTextW
LoadCursorA
GetCursor
GetFocus
CalcMenuBar
BlockInput
GetCursor
GetFocus
GetDC
CopyRect
DialogBoxParamA
CreateIcon
BlockInput
GetWindowTextA
GetDlgItem
LoadMenuA
AlignRects
CloseWindow
LoadCursorA
GetWindowTextLengthA
DrawTextW
IsMenu
DrawIconEx
AppendMenuA
CalcMenuBar
DrawTextA
CopyIcon
DialogBoxParamW
CopyImage
AppendMenuW
DrawIcon
GetMenu
IsWindow
EndDialog
InsertMenuA

Sections

.text
Size: 19KB - Virtual size: 18KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 49KB - Virtual size: 48KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 9KB - Virtual size: 46KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b7a94e9d0dac4633f1683ae6c4aeeebc

Headers

File Characteristics

Imports

kernel32

advapi32

user32

Sections

.text Size: 19KB - Virtual size: 18KB

.data Size: 49KB - Virtual size: 48KB

.rdata Size: 9KB - Virtual size: 46KB

.rsrc Size: 1024B - Virtual size: 4KB

.text
Size: 19KB - Virtual size: 18KB

.data
Size: 49KB - Virtual size: 48KB

.rdata
Size: 9KB - Virtual size: 46KB

.rsrc
Size: 1024B - Virtual size: 4KB