0349f6a479a64210a3ef8c06446399e9_JaffaCakes118

General

Target

0349f6a479a64210a3ef8c06446399e9_JaffaCakes118
Size

93KB
MD5

0349f6a479a64210a3ef8c06446399e9
SHA1

887e0d12934be4e6c4e24365c9222322c5a3dbbc
SHA256

61a6a90a2df6bfd59d5e822f5324e60a84215e87748488f7827d78e1e0c8480e
SHA512

bc2dfe04da44112992981a3ec5754afd1b242119702f1581725d78540a081a522fb42a44edf8bdce50e8d82192107cc904fa51599ddb372f121dd9e241de06d3
SSDEEP

1536:x2c7l8/m12OgsDaDRrmPEdXcg562fAQ6YnboxjlhVxkE:97lqdtsD8rSEW2fYYnUxjlhnz

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0349f6a479a64210a3ef8c06446399e9_JaffaCakes118

Files

0349f6a479a64210a3ef8c06446399e9_JaffaCakes118
.exe windows:4 windows x86 arch:x86

b5ad2b07cb13ee440dba4846fe3c54db

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrcmpA
lstrcpyA
GetDateFormatA
GetStdHandle
GetModuleFileNameA
DeleteFileA
GetFileAttributesA
GetFileSize
lstrlenA
GetFileType
GetStringTypeW
GetCommandLineA
HeapFree
GetLocalTime
GetModuleHandleA
lstrcatA
GetConsoleCP
HeapFree
GetConsoleCP
lstrcpyA
GetConsoleCP
GetCommandLineA
GetConsoleCP
lstrcpynA
GetConsoleCP
DeleteFileA
GetConsoleCP
WideCharToMultiByte
GetConsoleCP
GetFileType
GetConsoleCP
ExitProcess

advapi32

RegLoadKeyW
RegQueryValueW
RegOpenKeyW
RegDeleteKeyW
RegQueryInfoKeyA
RegOpenKeyExA
RegLoadKeyA
RegDeleteValueA
RegDeleteKeyA
RegOpenKeyA
RegEnumKeyA
RegQueryValueExW
RegCreateKeyExW
RegOpenKeyExW
RegEnumValueW
RegReplaceKeyW
RegEnumKeyW
RegDeleteValueW
RegQueryValueExA
RegEnumKeyExW

user32

InsertMenuA
CopyRect
CopyImage
DrawTextW
GetWindowTextLengthA
DrawIcon
CopyIcon
GetDlgItem
DrawIconEx
DialogBoxParamA
GetWindowTextA
CreateIcon
IsMenu
CalcMenuBar
BlockInput
AppendMenuA
GetDC
AlignRects

Sections

.text
Size: 15KB - Virtual size: 14KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdada
Size: 63KB - Virtual size: 63KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edada
Size: 512B - Virtual size: 111KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b5ad2b07cb13ee440dba4846fe3c54db

Headers

File Characteristics

Imports

kernel32

advapi32

user32

Sections

.text Size: 15KB - Virtual size: 14KB

.rdada Size: 63KB - Virtual size: 63KB

.edada Size: 512B - Virtual size: 111KB

.idata Size: 10KB - Virtual size: 9KB

.text
Size: 15KB - Virtual size: 14KB

.rdada
Size: 63KB - Virtual size: 63KB

.edada
Size: 512B - Virtual size: 111KB

.idata
Size: 10KB - Virtual size: 9KB