f580a2c79ff78b677e43235b39992e63_JaffaCakes118

General

Target

f580a2c79ff78b677e43235b39992e63_JaffaCakes118
Size

35KB
MD5

f580a2c79ff78b677e43235b39992e63
SHA1

d320b920875f036738a343df2e2e4e5752b4f68c
SHA256

1017cd890e9ca5a30bde2e06812ddeaf3e4164f77dfcf0fbcf9d0a3e6da30214
SHA512

f3f1ce10d81a088acd468384261778992f916aec8fc2966e0d8e8995e8a640e0142b9cf906c5a999cb4790d5e6ab1e07d4cf47ed5280b9e876ce6ddb7f11aa81
SSDEEP

384:dNUYChMRkEQcmEMzOx//AlSPe0cHeL6wGP0OnNYKKp4OC6+3E/MDPjc:dNiE3QsMzOx3AIqFMAYKA+s

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f580a2c79ff78b677e43235b39992e63_JaffaCakes118

Files

f580a2c79ff78b677e43235b39992e63_JaffaCakes118
.exe windows:4 windows x86 arch:x86

ae226b92c19281f784f9d20278e96e64

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CopyFileExW
GetCommandLineA
GetLastError
FindAtomA
OpenFileMappingA
GlobalFree
OpenFile
CreateThread
ReadFile
CreateProcessA
CopyFileW
DeleteAtom
WriteFile
CopyFileA
GetComputerNameA
CreateDirectoryA
FindFirstFileA

advapi32

RegOpenKeyExW
RegQueryInfoKeyA
RegDeleteKeyW
RegCreateKeyExW
RegEnumKeyExW
RegCreateKeyExA
RegQueryValueW
RegOpenKeyW
RegGetKeySecurity
RegOpenKeyExA
RegOpenKeyA
RegQueryValueExW
RegEnumKeyA
RegReplaceKeyA
RegCreateKeyW
RegReplaceKeyW
RegEnumValueW

user32

DialogBoxParamA
DrawTextA
GetWindowTextLengthA
CalcMenuBar
IsMenu
AppendMenuA
GetMenu
DrawTextW
LoadMenuA
CopyImage
GetFocus
InsertMenuA
LoadCursorA
DrawIcon
CopyIcon
CreateIcon
DrawIconEx
CloseWindow
GetWindowTextA
AlignRects

comctl32

ImageList_DrawEx
ImageList_GetImageInfo
ImageList_DrawIndirect
ImageList_Replace
ImageList_Destroy
ImageList_GetIcon
ImageList_AddIcon
ImageList_GetImageRect
ImageList_GetImageCount
ImageList_DragLeave
ImageList_GetIconSize
ImageList_AddMasked
ImageList_ReplaceIcon
ImageList_LoadImage
ImageList_GetDragImage
ImageList_Create
ImageList_DragShowNolock

Sections

.text
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 27KB - Virtual size: 57KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: - Virtual size: 425B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ae226b92c19281f784f9d20278e96e64

Headers

File Characteristics

Imports

kernel32

advapi32

user32

comctl32

Sections

.text Size: 3KB - Virtual size: 3KB

.rdata Size: 2KB - Virtual size: 1KB

.data Size: 27KB - Virtual size: 57KB

.rsrc Size: 2KB - Virtual size: 1KB

.reloc Size: - Virtual size: 425B

.text
Size: 3KB - Virtual size: 3KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 27KB - Virtual size: 57KB

.rsrc
Size: 2KB - Virtual size: 1KB

.reloc
Size: - Virtual size: 425B