dd13080df52f52a9abedd7608a3770ae_JaffaCakes118

General

Target

dd13080df52f52a9abedd7608a3770ae_JaffaCakes118
Size

47KB
MD5

dd13080df52f52a9abedd7608a3770ae
SHA1

6663843870029fe22e45b1c3d38dd7186556a870
SHA256

0e7da05ae6ba9f72b2fc4d00d7a721c4f31d4c225c77244412d5297e8db1c867
SHA512

519badacc508f072770c35f98c52fd6bb7e91ded847e6280c72676dea5678ac939b5bc82e723a87ea0297932217711e637d6cba0f8ab6ec4bde2629454e2ca44
SSDEEP

768:kMShjWKImJdi8DWW13cpFXl9uASs7p0jKm40R9m+Av:kMSDJw8PMpvcA70emNR9BA

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
dd13080df52f52a9abedd7608a3770ae_JaffaCakes118

Files

dd13080df52f52a9abedd7608a3770ae_JaffaCakes118
.exe windows:4 windows x86 arch:x86

b5fd50256e5264e8770275b6c0a48cbb

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

comctl32

ImageList_GetDragImage
ImageList_LoadImage
InitCommonControls
ImageList_DrawIndirect
ImageList_LoadImageW
ImageList_GetIcon
ImageList_GetImageCount
ImageList_ReplaceIcon
ImageList_EndDrag
ImageList_Read
ImageList_DragShowNolock
ImageList_LoadImageA
ImageList_DrawEx
ImageList_GetImageRect
ImageList_Destroy
ImageList_DragEnter
ImageList_GetImageInfo
ImageList_DragLeave
ImageList_AddMasked
ImageList_GetIconSize

advapi32

RegQueryValueA
RegQueryValueW
RegDeleteKeyW
RegEnumValueA
RegQueryValueExW
RegReplaceKeyA
RegEnumKeyExW
RegEnumValueW
RegDeleteKeyA
RegCreateKeyW
RegCreateKeyExW
RegQueryValueExA
RegDeleteValueW
RegEnumKeyExA
RegEnumKeyA
RegOpenKeyA
RegOpenKeyExW
RegEnumKeyW

user32

GetWindowTextA
DrawTextW
LoadMenuA
CopyImage
GetFocus
LoadCursorA
InsertMenuA
GetDC
AppendMenuA
DrawTextA
IsWindow
AppendMenuW
CloseWindow
GetMenu
CopyIcon
GetWindowTextLengthA
GetDlgItem

kernel32

GetLastError
FreeLibrary
GetLastError
GetStdHandle
GetLastError
GetFileType
GetLastError
lstrcatA
GetLastError
GetLocalTime
GetLastError
ExitProcess
GetLastError
GetCommandLineA
GetLastError
lstrcpyA
GetLastError

Sections

.t72t
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.da0a
Size: 28KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rda8a
Size: 1KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rs9c
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b5fd50256e5264e8770275b6c0a48cbb

Headers

File Characteristics

Imports

comctl32

advapi32

user32

kernel32

Sections

.t72t Size: 10KB - Virtual size: 10KB

.da0a Size: 28KB - Virtual size: 28KB

.rda8a Size: 1KB - Virtual size: 27KB

.rs9c Size: 1KB - Virtual size: 1KB

.rsrc Size: 1024B - Virtual size: 4KB

.t72t
Size: 10KB - Virtual size: 10KB

.da0a
Size: 28KB - Virtual size: 28KB

.rda8a
Size: 1KB - Virtual size: 27KB

.rs9c
Size: 1KB - Virtual size: 1KB

.rsrc
Size: 1024B - Virtual size: 4KB