d6d9a6998ddfc72a004d9826f72ba699_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

d6d9a6998ddfc72a004d9826f72ba699_JaffaCakes118
Size

48KB
MD5

d6d9a6998ddfc72a004d9826f72ba699
SHA1

cdd9d524e664b3ca5e4194bc178ca3841fdf160a
SHA256

c84be77559457488e9e5dcd0104d4c2f3b2dc7a2b849680d0733b36559be37c5
SHA512

2288642179c520bbf7ecc97c4a87a7438d0af69d19dc6a75aea5437e788ac8e7e8e18a0da312dd5595a3b6e562f41fc9c0a3024e560709631d3fa719cae15333
SSDEEP

384:hwBC+VPZ53+trnCBZg4KOQVoR8bo5RACwZQgFW4Nx1uQ9QtDDkYhCs9Ne1NW7:ahktrnXHoRTwZrFgCQtDDzAsMW7

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d6d9a6998ddfc72a004d9826f72ba699_JaffaCakes118

Files

d6d9a6998ddfc72a004d9826f72ba699_JaffaCakes118
.exe windows:4 windows x86 arch:x86

1a9d46207f96d4fce3621d10a3cc6353

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

comctl32

ImageList_EndDrag
ImageList_Copy
ImageList_ReplaceIcon
ImageList_AddIcon
ImageList_Replace
ImageList_GetIcon
ImageList_Read
ImageList_DrawEx
ImageList_Remove
ImageList_Create
ImageList_GetImageRect
ImageList_DragShowNolock
ImageList_GetImageInfo
ImageList_Draw
ImageList_GetImageCount
ImageList_DragLeave
ImageList_BeginDrag

advapi32

RegOpenKeyA
RegDeleteKeyA
RegEnumValueW
RegEnumValueA
RegLoadKeyA
RegCreateKeyExW
RegCreateKeyW
RegLoadKeyW
RegOpenKeyW
RegOpenKeyExW
RegCreateKeyExA
RegQueryInfoKeyW
RegEnumKeyW
RegFlushKey
RegDeleteKeyW
RegReplaceKeyA
RegDeleteValueW
RegEnumKeyExW

user32

GetDlgItem
DrawIconEx
LoadCursorA
AppendMenuA
EndDialog
GetCursor
GetWindowTextA
GetFocus
IsMenu
GetWindowTextLengthA
DrawIcon
GetDC
CopyRect
DrawTextW
CalcMenuBar
CopyImage
AppendMenuW
DrawTextA

kernel32

GetCommandLineA
GlobalAlloc
lstrcmpA
GlobalFree
GetModuleHandleA
GetFileType
WideCharToMultiByte
lstrlenA
GetStringTypeW
SetLastError
GetLastError
DeleteFileA
GetFileSize
GetModuleFileNameA
lstrcpynA
GetLocalTime
GetStdHandle

gdi32

CreateSolidBrush
AddFontResourceA
AbortPath
SetTextColor
AddFontResourceExA
ClearBitmapAttributes
DeleteObject
AddFontMemResourceEx
ExtTextOutA
CloseFigure
GetCurrentPositionEx
CopyMetaFileA
CancelDC
DeleteDC
GetBrushOrgEx
AddFontResourceExW

Sections

.text
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 28KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 4KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 930B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

1a9d46207f96d4fce3621d10a3cc6353

Headers

File Characteristics

Imports

comctl32

advapi32

user32

kernel32

gdi32

Sections

.text Size: 8KB - Virtual size: 4KB

.data Size: 28KB - Virtual size: 24KB

.rdata Size: 4KB - Virtual size: 19KB

.rsrc Size: 4KB - Virtual size: 930B

.text
Size: 8KB - Virtual size: 4KB

.data
Size: 28KB - Virtual size: 24KB

.rdata
Size: 4KB - Virtual size: 19KB

.rsrc
Size: 4KB - Virtual size: 930B