c06abee5fa42107ea0a8c6c228d082f1_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

c06abee5fa42107ea0a8c6c228d082f1_JaffaCakes118
Size

84KB
MD5

c06abee5fa42107ea0a8c6c228d082f1
SHA1

b3b11cf00ec8926d6b442aeb58f514b700f0e5e2
SHA256

96ea69aaaaf1780ade9e6aef3cd63a308bc5ae5b2b8a5cc9183b9b44ce05f3e2
SHA512

394e3a27631ac0c28fb6247f4d5a42afe6f96c6e758c76c726dcb778706f5b18995aa02c14734afaddf860d3a405a5e410a2f93b9d7e66cee6f1039c772533b1
SSDEEP

1536:0H6242v4N1wbw6ttrN6JWpwFZMCTa4nf2Z0foDjCPtTKps4g:03gzwbxttuZfa4nfEcTssN

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c06abee5fa42107ea0a8c6c228d082f1_JaffaCakes118

Files

c06abee5fa42107ea0a8c6c228d082f1_JaffaCakes118
.exe windows:4 windows x86 arch:x86

259c91a15721646c4827fa86f845827d

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

comctl32

ImageList_Read
ImageList_DragEnter
ImageList_DrawIndirect
ImageList_BeginDrag
ImageList_Draw
ImageList_LoadImageA
ImageList_AddIcon
ImageList_GetIconSize
ImageList_GetImageCount
ImageList_Merge
ImageList_ReplaceIcon
ImageList_AddMasked
ImageList_GetImageRect
ImageList_EndDrag
ImageList_GetImageInfo
ImageList_Destroy
ImageList_LoadImageW
ImageList_DragMove
ImageList_DrawEx

gdi32

AddFontResourceExW
CloseMetaFile
RestoreDC
AddFontResourceExA
GetBrushOrgEx
BitBlt
AbortPath
CopyMetaFileA
GetCurrentPositionEx
AddFontResourceTracking
GetClipBox
AddFontResourceW
ExcludeClipRect
CreateSolidBrush
SetTextColor
ExtTextOutA
AddFontMemResourceEx
BeginPath
CloseFigure
ClearBrushAttributes

user32

GetDlgItem
IsWindow
LoadCursorA
GetWindowTextLengthA
CreateIcon
AlignRects
CloseWindow
CopyRect
CopyIcon
CalcMenuBar
DrawTextW
DrawTextA
DrawIcon
BlockInput
IsMenu
GetMenu
GetWindowTextA
GetCursor
LoadMenuA

kernel32

SetLastError
WriteFile
CreateThread
DeleteFileW
GetFileTime
DeleteAtom
OpenFileMappingA
GetCommandLineA
GetFileSize
FindAtomA
CreateDirectoryA
GlobalFree
ReadConsoleA
GetConsoleMode
ExitThread
FindFirstFileA
GetCPInfo
CopyFileA
ReadFile

advapi32

RegEnumKeyExW
RegQueryValueW
RegOpenKeyExA
RegReplaceKeyA
RegQueryInfoKeyA
RegOpenKeyA
RegCreateKeyExA
RegQueryValueExW
RegQueryValueA
RegCreateKeyW
RegEnumValueA
RegFlushKey
RegReplaceKeyW
RegQueryValueExA
RegEnumKeyW
RegOpenKeyExW
RegDeleteKeyW
RegQueryInfoKeyW
RegEnumKeyA
RegEnumKeyExA

Sections

.text
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 64KB - Virtual size: 123KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: - Virtual size: 2KB

IMAGE_SCN_MEM_READ

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

259c91a15721646c4827fa86f845827d

Headers

File Characteristics

Imports

comctl32

gdi32

user32

kernel32

advapi32

Sections

.text Size: 8KB - Virtual size: 4KB

.rdata Size: 4KB - Virtual size: 2KB

.data Size: 64KB - Virtual size: 123KB

.reloc Size: - Virtual size: 2KB

.rsrc Size: 4KB - Virtual size: 1KB

.text
Size: 8KB - Virtual size: 4KB

.rdata
Size: 4KB - Virtual size: 2KB

.data
Size: 64KB - Virtual size: 123KB

.reloc
Size: - Virtual size: 2KB

.rsrc
Size: 4KB - Virtual size: 1KB