c0e7ae28ec6a8d3d3bcd77424cb56bfc_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

c0e7ae28ec6a8d3d3bcd77424cb56bfc_JaffaCakes118
Size

202KB
MD5

c0e7ae28ec6a8d3d3bcd77424cb56bfc
SHA1

aa77300c0ae1f8752cedfec82c4d5244f993433b
SHA256

e36c9855126b64b405a15e43e761aaa8adf799eb1298da3257f9fc61703e101a
SHA512

50b2ccab809f097d860a9a704212cffac94d7dd6e7e419e1402d2f4e0f09518294ddee1bc8afcc1ce2cf3c7d076eb60ca8eadbae0c9120399d0c8f87f231e6c2
SSDEEP

3072:4Qi6ZpZCrCLmWE+k6GfAP2V4+RrTgNJUGu4EQ6V/H84nvhjE8KJODeB:tZRL1B+AvgTgEBVc4nv1E8WODeB

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c0e7ae28ec6a8d3d3bcd77424cb56bfc_JaffaCakes118

Files

c0e7ae28ec6a8d3d3bcd77424cb56bfc_JaffaCakes118
.dll windows:4 windows x86 arch:x86

f129cc9c2e02447d8b099aebd3c5c920

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

comctl32

ImageList_AddMasked
ImageList_Destroy
ImageList_LoadImage
ImageList_Draw
ImageList_Read
InitCommonControls
ImageList_GetImageInfo
ImageList_DragEnter
ImageList_GetIconSize
ImageList_GetImageCount

user32

GetCursor
AppendMenuA
GetWindowTextLengthA
InsertMenuA
CloseWindow
IsMenu
CopyIcon
GetWindow
GetDlgItem
LoadCursorA
CopyRect
IsWindow
AlignRects
EndDialog
DrawTextA
GetWindowTextLengthA
IsWindow
CopyRect
BlockInput
GetFocus
AppendMenuA
DrawIconEx
CloseWindow
GetMenu
CreateIcon
GetMenu
CopyImage
DialogBoxParamW
GetWindow
LoadCursorA
GetWindowTextA
GetWindowTextLengthA
DrawTextA
AppendMenuA
IsWindow
BlockInput
DrawTextW

advapi32

RegDeleteKeyA
RegReplaceKeyW
RegQueryValueW
RegGetKeySecurity
RegDeleteValueA
RegEnumValueA
RegQueryValueExW
RegLoadKeyW
RegCreateKeyExW
RegEnumKeyW
RegOpenKeyA
RegEnumValueW
RegQueryValueExA
RegQueryInfoKeyW
RegCloseKey
RegReplaceKeyA
RegCreateKeyExA
RegOpenKeyExA
RegCreateKeyExA
RegOpenKeyW
RegEnumValueA
RegEnumKeyExW
RegQueryValueExW
RegCreateKeyExW
RegQueryValueExA
RegReplaceKeyA
RegOpenKeyExA
RegFlushKey
RegReplaceKeyW
RegEnumValueW
RegDeleteKeyA
RegQueryValueExW
RegEnumValueA
RegDeleteValueA
RegQueryInfoKeyW
RegReplaceKeyA
RegDeleteValueW
RegQueryInfoKeyA
RegCreateKeyExA
RegEnumValueW
RegQueryValueW
RegQueryValueA
RegOpenKeyW
RegEnumKeyExA
RegLoadKeyW
RegReplaceKeyW

Sections

.tls
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rdata
Size: - Virtual size: 18B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bss
Size: 183KB - Virtual size: 183KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.b8112
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.edata
Size: 1024B - Virtual size: 978B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 238KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f129cc9c2e02447d8b099aebd3c5c920

Headers

File Characteristics

Imports

comctl32

user32

advapi32

Sections

.tls Size: 10KB - Virtual size: 10KB

.data Size: - Virtual size: 3KB

.rdata Size: - Virtual size: 18B

.bss Size: 183KB - Virtual size: 183KB

.b8112 Size: 3KB - Virtual size: 3KB

.edata Size: 1024B - Virtual size: 978B

.rsrc Size: 2KB - Virtual size: 238KB

.tls
Size: 10KB - Virtual size: 10KB

.data
Size: - Virtual size: 3KB

.rdata
Size: - Virtual size: 18B

.bss
Size: 183KB - Virtual size: 183KB

.b8112
Size: 3KB - Virtual size: 3KB

.edata
Size: 1024B - Virtual size: 978B

.rsrc
Size: 2KB - Virtual size: 238KB