cfd54c9570f7530cfaa2972ba22b60b6_JaffaCakes118

General

Target

cfd54c9570f7530cfaa2972ba22b60b6_JaffaCakes118
Size

84KB
MD5

cfd54c9570f7530cfaa2972ba22b60b6
SHA1

e78252b1ac7ab8fdd4d2bda755302be1ff98f301
SHA256

cd01ce9a315f022a6f468498bf4f596aeb96f422d13af2d8fa761f199d0ffc5e
SHA512

4aef320c4a78e2980f39e4339d381013b57e4ba5285edd87a253ae5ed504f47273a282e3b99c545291a4f280b6fefe3dd945b534669a7de586fa5f28698d4e21
SSDEEP

1536:Y4mmhl/NCcHJNKWUqDHMi6wlBjrY7lykScF4Fqu:YKhl/RSF+HMyXjrY78krFk

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
cfd54c9570f7530cfaa2972ba22b60b6_JaffaCakes118

Files

cfd54c9570f7530cfaa2972ba22b60b6_JaffaCakes118
.exe windows:4 windows x86 arch:x86

8a8d045da74b1a11efb015ab9f127238

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RegReplaceKeyA
RegDeleteValueW
RegCreateKeyExA
RegDeleteValueA
RegOpenKeyW
RegCreateKeyW
RegFlushKey
RegDeleteKeyW
RegEnumValueA
RegQueryInfoKeyA
RegCreateKeyExW
RegOpenKeyA
RegQueryValueExW
RegQueryInfoKeyW
RegQueryValueExA
RegOpenKeyExA

comctl32

ImageList_LoadImageW
ImageList_LoadImage
ImageList_Destroy
ImageList_AddIcon
ImageList_DragEnter
ImageList_LoadImageA
ImageList_GetImageInfo
ImageList_Draw
ImageList_Copy
ImageList_Create
ImageList_DragShowNolock
ImageList_Merge
ImageList_DragLeave
ImageList_EndDrag
ImageList_Remove
ImageList_BeginDrag

user32

GetDlgItem
CopyIcon
CloseWindow
DrawIconEx
DrawTextA
GetWindowTextLengthA
InsertMenuA
BlockInput
DialogBoxParamA
LoadCursorA
CreateIcon
AppendMenuA
GetWindowTextA
EndDialog
AppendMenuW
GetCursor
GetMenu
LoadMenuA
AlignRects
DrawTextW

kernel32

DeleteFileW
GetCommandLineA
GetLastError
FindAtomA
CopyFileW
GetCPInfo
OpenFileMappingA
WriteFile
ExitThread
GlobalFree
GetStdHandle
DeleteAtom
GetFileTime
ReadFile
GetConsoleMode
SetLastError
CopyFileExA
Sleep
ReadConsoleA
FindFirstFileA

Sections

.text
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 64KB - Virtual size: 118KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

8a8d045da74b1a11efb015ab9f127238

Headers

File Characteristics

Imports

advapi32

comctl32

user32

kernel32

Sections

.text Size: 8KB - Virtual size: 4KB

.rdata Size: 4KB - Virtual size: 1KB

.data Size: 64KB - Virtual size: 118KB

.rsrc Size: 4KB - Virtual size: 2KB

.text
Size: 8KB - Virtual size: 4KB

.rdata
Size: 4KB - Virtual size: 1KB

.data
Size: 64KB - Virtual size: 118KB

.rsrc
Size: 4KB - Virtual size: 2KB