e16350bfa66bd2ce476899cec3346770_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

e16350bfa66bd2ce476899cec3346770_JaffaCakes118
Size

112KB
MD5

e16350bfa66bd2ce476899cec3346770
SHA1

99f30f8c479559e2a2cfc5c88c7b2e319d0681dd
SHA256

0776867f53bffa30eba146fa5b3c621d383921fc2b5c0431be0a31804e495ba8
SHA512

cbea1149bca90c50cd816d2608dbde79d6771a316ca39b1bf9963f7f4004f6db9a099c03459c97ae6fff640142a51c97ea09a453e9a72bcd791ce3c23fc3bfd5
SSDEEP

1536:jK7voFc2YTvyKDkjObm1bUWzyRYmsCr891gPzAXGcu:u7oFc2cDZbm1b1F2P+

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
e16350bfa66bd2ce476899cec3346770_JaffaCakes118

Files

e16350bfa66bd2ce476899cec3346770_JaffaCakes118
.exe windows:4 windows x86 arch:x86

f16baf1b010b8e5aaff020d5f55e64a1

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RegOpenKeyExW
RegReplaceKeyA
RegFlushKey
RegOpenKeyExA
RegEnumKeyA
RegQueryInfoKeyW
RegCreateKeyExA
RegOpenKeyW
RegEnumValueA
RegEnumValueW
RegDeleteKeyW
RegEnumKeyW
RegEnumKeyExA
RegQueryValueExW
RegQueryInfoKeyA
RegDeleteValueW
RegEnumKeyExA
RegCreateKeyW
RegReplaceKeyW
RegQueryValueW
RegDeleteKeyW
RegQueryInfoKeyA
RegOpenKeyA
RegDeleteValueW
RegOpenKeyW
RegEnumKeyW
RegCreateKeyExW
RegEnumKeyExW
RegQueryValueExA
RegQueryValueA
RegEnumValueW
RegQueryInfoKeyW

kernel32

ReadFile
CopyFileExW
FindFirstFileA
GetFileTime
WriteFile
Sleep
GlobalFree
CopyFileA
CopyFileExA
ExitThread
CreateDirectoryA
GetComputerNameA
GetFileSize
DeleteAtom
GetStdHandle

comctl32

ImageList_GetImageCount
ImageList_EndDrag
ImageList_GetImageInfo
ImageList_DragEnter
ImageList_Destroy
ImageList_Merge
ImageList_ReplaceIcon
ImageList_DrawIndirect
ImageList_LoadImageA
ImageList_DrawEx
ImageList_Create
ImageList_Read
ImageList_LoadImageW
ImageList_DragShowNolock
ImageList_GetIcon
ImageList_GetIconSize
InitCommonControls
ImageList_GetImageRect
ImageList_Draw
ImageList_GetDragImage
ImageList_DrawIndirect
ImageList_DragEnter
ImageList_ReplaceIcon
InitCommonControls
ImageList_DragLeave
ImageList_Read
ImageList_DrawEx
ImageList_Destroy
ImageList_LoadImageA
ImageList_GetImageInfo

Sections

.text
Size: 20KB - Virtual size: 19KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 68KB - Virtual size: 65KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 4KB - Virtual size: 41KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f16baf1b010b8e5aaff020d5f55e64a1

Headers

File Characteristics

Imports

advapi32

kernel32

comctl32

Sections

.text Size: 20KB - Virtual size: 19KB

.data Size: 68KB - Virtual size: 65KB

.tls Size: 4KB - Virtual size: 4KB

.rdata Size: 8KB - Virtual size: 5KB

.idata Size: 4KB - Virtual size: 2KB

.rsrc Size: 4KB - Virtual size: 41KB

.text
Size: 20KB - Virtual size: 19KB

.data
Size: 68KB - Virtual size: 65KB

.tls
Size: 4KB - Virtual size: 4KB

.rdata
Size: 8KB - Virtual size: 5KB

.idata
Size: 4KB - Virtual size: 2KB

.rsrc
Size: 4KB - Virtual size: 41KB