de96bb05e8da7d4672bd8343e7577d0c_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

de96bb05e8da7d4672bd8343e7577d0c_JaffaCakes118
Size

2.1MB
MD5

de96bb05e8da7d4672bd8343e7577d0c
SHA1

21d7290cb994d903a7fe8f994021733c0af8fd58
SHA256

528a0f3ff662f4d62efbcfccdc55bc765a20fba3a3ed591f0a3426023bd64b99
SHA512

2da1251be35442e3d38305ede0d75d4014b92c60ca49199702e0be2246d92bcabb06bfb5af02223289e19bdec70e163b97faf925351ab9a85011c9337860b528
SSDEEP

24576:Iz7xFztXArAErI/TaVn1dVOmP6IaS3PJb7:shtXArDUTaJ1dVOs6l4P

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
de96bb05e8da7d4672bd8343e7577d0c_JaffaCakes118

Files

de96bb05e8da7d4672bd8343e7577d0c_JaffaCakes118
.exe windows:4 windows x86 arch:x86

5e4d1a1d36b008909f9808e025456c6c

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

GetCursor
InsertMenuA
EndDialog
IsWindow
GetWindowTextLengthA
DrawIconEx
DialogBoxParamA
CopyRect
AppendMenuW
DialogBoxParamW
DrawTextW
GetDlgItem
IsMenu
CloseWindow
LoadCursorA
CalcMenuBar
CopyIcon
GetWindowTextA
GetMenu
CreateIcon
DrawIcon
GetFocus

advapi32

RegQueryValueA
RegLoadKeyW
RegEnumKeyExW
RegDeleteValueA
RegQueryInfoKeyW
RegOpenKeyA
RegQueryValueW
RegDeleteKeyW
RegQueryValueExA
RegDeleteValueW
RegDeleteKeyA
RegCreateKeyExA
RegGetKeySecurity
RegCreateKeyW
RegLoadKeyA

comctl32

ImageList_Merge
ImageList_GetDragImage
ImageList_GetImageInfo
ImageList_GetIcon
ImageList_DrawEx
ImageList_DragMove
ImageList_Create
ImageList_DrawIndirect
ImageList_BeginDrag
ImageList_ReplaceIcon
ImageList_Destroy
ImageList_GetImageCount
ImageList_DragLeave
ImageList_AddMasked
ImageList_AddIcon
ImageList_Read
ImageList_LoadImage
ImageList_LoadImageA
ImageList_Remove
ImageList_Copy
ImageList_GetIconSize

kernel32

CopyFileExA
Sleep
GetConsoleMode
DeleteFileA
ReadConsoleW
GetFileTime
GetLastError
ReadFile
CopyFileW
ReadConsoleA
GetCommandLineA
DeleteAtom
OpenFile
CreateDirectoryA
ExitThread
GetCPInfo
WriteFile
CreateThread
GetComputerNameA

Sections

.text
Size: 260KB - Virtual size: 259KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1.9MB - Virtual size: 5.9MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 4KB - Virtual size: 196B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 4KB - Virtual size: 536B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

5e4d1a1d36b008909f9808e025456c6c

Headers

File Characteristics

Imports

user32

advapi32

comctl32

kernel32

Sections

.text Size: 260KB - Virtual size: 259KB

.rdata Size: 8KB - Virtual size: 5KB

.edata Size: 4KB - Virtual size: 1KB

.data Size: 1.9MB - Virtual size: 5.9MB

.tls Size: 4KB - Virtual size: 196B

.rdata Size: 4KB - Virtual size: 536B

.idata Size: 4KB - Virtual size: 2KB

.rsrc Size: 12KB - Virtual size: 11KB

.text
Size: 260KB - Virtual size: 259KB

.rdata
Size: 8KB - Virtual size: 5KB

.edata
Size: 4KB - Virtual size: 1KB

.data
Size: 1.9MB - Virtual size: 5.9MB

.tls
Size: 4KB - Virtual size: 196B

.rdata
Size: 4KB - Virtual size: 536B

.idata
Size: 4KB - Virtual size: 2KB

.rsrc
Size: 12KB - Virtual size: 11KB