01d6b29297c6cb64447e923f0beefa62_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

01d6b29297c6cb64447e923f0beefa62_JaffaCakes118
Size

168KB
MD5

01d6b29297c6cb64447e923f0beefa62
SHA1

2167f71d5a5ccf8314610a40f60bcf3606005359
SHA256

822e7549cd5c1a4608b203dfe727878a77f4f2fdbe3fdb3854a391f31b43ceff
SHA512

382f3f6085415b7281c059f684b4c0e5d4e82b4da3905e0b501e805d579818bcc4c78b61c752b969f31cfc204afdb2ac7ef3ede92d2565b51bd6eda66a52ecd8
SSDEEP

3072:EjamqRpj+BpX9GyJyO/4q4FBOg+3L9ob9Euuw/O9RFm0DXg:EiLj+BpNhz/4qFz3LGbWSET/E

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
01d6b29297c6cb64447e923f0beefa62_JaffaCakes118

Files

01d6b29297c6cb64447e923f0beefa62_JaffaCakes118
.exe windows:4 windows x86 arch:x86

1dde474fb6ff3ba11723d4acf2655d99

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RegCreateKeyW
RegReplaceKeyW
RegLoadKeyW
RegOpenKeyExW
RegOpenKeyA
RegQueryValueW
RegDeleteValueW
RegGetKeySecurity
RegQueryInfoKeyW
RegQueryInfoKeyA
RegQueryValueExW
RegEnumKeyExA
RegQueryValueExA
RegQueryValueA
RegEnumKeyExW
RegEnumKeyW
RegDeleteValueA
RegFlushKey
RegLoadKeyA
RegCreateKeyExA
RegDeleteKeyA
RegCreateKeyExW
RegDeleteKeyW
RegOpenKeyExA
RegEnumKeyA
RegOpenKeyW
RegEnumValueA
RegReplaceKeyA
RegEnumValueW
RegCreateKeyExW
RegOpenKeyExW
RegDeleteKeyA
RegGetKeySecurity
RegQueryInfoKeyW
RegEnumValueA
RegLoadKeyW
RegQueryValueExW
RegReplaceKeyA
RegFlushKey
RegQueryValueW
RegCreateKeyW
RegQueryValueA
RegEnumKeyExA
RegReplaceKeyW
RegEnumKeyW
RegLoadKeyA
RegEnumKeyA
RegOpenKeyA
RegQueryValueExA
RegEnumValueW
RegCreateKeyExA
RegDeleteValueA
RegDeleteValueW
RegQueryInfoKeyA
RegOpenKeyW
RegOpenKeyExA
RegDeleteKeyW
RegEnumKeyExW

kernel32

CloseHandle
GetLastError
CloseHandle
FreeLibrary
CloseHandle
DeleteFileA
CloseHandle
HeapAlloc
CloseHandle
GetCPInfo
CloseHandle
GetStringTypeW
CloseHandle
ExitProcess
CloseHandle
GetFileAttributesA
CloseHandle
GetLocalTime

user32

GetFocus
CopyRect
CopyIcon
CreateIcon
GetWindowTextA
AlignRects
InsertMenuA
DialogBoxParamA
CalcMenuBar
DialogBoxParamW
CopyImage
GetDlgItem
AppendMenuW
GetMenu
EndDialog
LoadMenuA
GetWindowTextLengthA
DrawIcon
GetCursor
DrawTextW
BlockInput
IsMenu
DrawTextA
AppendMenuA
LoadCursorA
IsWindow
GetDC
DrawIconEx
CloseWindow

Sections

.text
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rddta
Size: 143KB - Virtual size: 142KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.eddaa
Size: 3KB - Virtual size: 42KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reddc
Size: 6KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 1024B - Virtual size: 1KB

IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

1dde474fb6ff3ba11723d4acf2655d99

Headers

File Characteristics

Imports

advapi32

kernel32

user32

Sections

.text Size: 10KB - Virtual size: 10KB

.rddta Size: 143KB - Virtual size: 142KB

.eddaa Size: 3KB - Virtual size: 42KB

.reddc Size: 6KB - Virtual size: 7KB

.idata Size: 1024B - Virtual size: 1KB

.text
Size: 10KB - Virtual size: 10KB

.rddta
Size: 143KB - Virtual size: 142KB

.eddaa
Size: 3KB - Virtual size: 42KB

.reddc
Size: 6KB - Virtual size: 7KB

.idata
Size: 1024B - Virtual size: 1KB