d19e1c8a8e1b1a5343ec001af1a00d09_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

d19e1c8a8e1b1a5343ec001af1a00d09_JaffaCakes118
Size

72KB
MD5

d19e1c8a8e1b1a5343ec001af1a00d09
SHA1

1619ad5c9200010bfcc09b83d864b45b304b6c8d
SHA256

63504980d6c845f61cf86063e2ee341f804bdaf497bc4524de2a9d9f8de77335
SHA512

0b40c1498ae776aac8158f058d899fbba8a9af9463d2b52c80418b356cf3a27d4e243147fa56189e39aec60ebdbafbdfbadbc619ff980d2c17382f70cd20e31f
SSDEEP

1536:E2EQ/P1SIF7tQTZ2V/Or+KtW2hkdt3dzXPyiuIS+fu:Em/vW2V/Or+KtVh0LuKfu

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d19e1c8a8e1b1a5343ec001af1a00d09_JaffaCakes118

Files

d19e1c8a8e1b1a5343ec001af1a00d09_JaffaCakes118
.exe windows:4 windows x86 arch:x86

d149bb358402344eeb87cdceb7df45ba

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

gdi32

GetCurrentPositionEx
ExtTextOutA
SetTextColor
AddFontResourceW
CancelDC
GetPixel
ClearBrushAttributes
CopyMetaFileA
BitBlt
ExcludeClipRect
BeginPath
CloseMetaFile
CreateSolidBrush
AbortPath
GetClipBox
AddFontResourceTracking
GetDCOrgEx
AddFontMemResourceEx
GetBrushOrgEx
ClearBitmapAttributes
DeleteDC

advapi32

RegOpenKeyA
RegEnumValueA
RegCreateKeyExW
RegLoadKeyA
RegLoadKeyW
RegEnumValueW
RegOpenKeyExA
RegDeleteKeyW
RegCreateKeyExA
RegQueryValueW
RegEnumKeyA
RegEnumKeyExA
RegQueryValueExW
RegDeleteKeyA
RegGetKeySecurity
RegQueryInfoKeyA
RegDeleteValueA
RegEnumKeyW
RegReplaceKeyW

comctl32

ImageList_Copy
ImageList_DragShowNolock
ImageList_GetIcon
ImageList_Merge
ImageList_Create
ImageList_DrawEx
ImageList_LoadImage
ImageList_Replace
ImageList_GetImageInfo
ImageList_DragMove
ImageList_AddIcon
ImageList_GetImageCount
ImageList_GetDragImage
ImageList_BeginDrag
ImageList_Read
ImageList_GetImageRect
ImageList_DragLeave
InitCommonControls
ImageList_LoadImageA
ImageList_ReplaceIcon
ImageList_AddMasked

kernel32

DeleteAtom
GetConsoleMode
ReadConsoleA
GetCPInfo
CopyFileExW
ReadFile
DeleteFileA
WriteFile
GlobalFree
FindFirstFileA
CreateProcessA
ExitThread
DeleteFileW
GetLastError
GetFileSize
OpenFile
GetFileTime
CreateDirectoryA
GetStdHandle

user32

CalcMenuBar
CloseWindow
GetMenu
GetCursor
LoadMenuA
AppendMenuW
BlockInput
DialogBoxParamW
DialogBoxParamA
CopyRect
CreateIcon
DrawTextW
EndDialog
IsWindow
GetWindowTextLengthA
CopyIcon
DrawIcon
GetFocus
GetWindowTextA

Sections

.text
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 63KB - Virtual size: 169KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 285B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d149bb358402344eeb87cdceb7df45ba

Headers

File Characteristics

Imports

gdi32

advapi32

comctl32

kernel32

user32

Sections

.text Size: 5KB - Virtual size: 4KB

.rdata Size: 3KB - Virtual size: 2KB

.data Size: 63KB - Virtual size: 169KB

.rsrc Size: 512B - Virtual size: 285B

.text
Size: 5KB - Virtual size: 4KB

.rdata
Size: 3KB - Virtual size: 2KB

.data
Size: 63KB - Virtual size: 169KB

.rsrc
Size: 512B - Virtual size: 285B