075884a681463db679881f76e3b52ee8_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

075884a681463db679881f76e3b52ee8_JaffaCakes118
Size

140KB
MD5

075884a681463db679881f76e3b52ee8
SHA1

81b687a3d3bb645c1e89b2134be5c05cf1a10c45
SHA256

d2a3bedd998dbf366812a235f190a23bd4b4134e6a4d7d5c345d998e88557136
SHA512

c8c492742133e174c777406be35200b34de3b7bd4584bab560c139fc51f5dc58736434276029566db42f6a150194bedee35d5beaea8b2d111eeec5f679f9caca
SSDEEP

3072:HY72yqT5LVt54/QdHEHSt74wmBTqUWGd+kt9IzNLk:HY7XqNP5OQdHEytGBTrWGezNLk

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
075884a681463db679881f76e3b52ee8_JaffaCakes118

Files

075884a681463db679881f76e3b52ee8_JaffaCakes118
.exe windows:4 windows x86 arch:x86

10893754d163e6c846777a283a8657a0

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

DeleteFileA
GetOEMCP
GetCurrentThread
CreateThread
GetFileSize
FindFirstFileA
CopyFileW
ExitProcess
Sleep
GetLastError
ExitThread
GetFileTime
GetCommandLineA
GetCurrentProcess
CreateProcessA
GetUserDefaultLangID
GetConsoleMode
Sleep
GetFileTime
GetConsoleOutputCP
GetCurrentThreadId
GetCommandLineA
GetOEMCP
GetUserDefaultLangID
CopyFileW
DeleteAtom
GetCurrentProcessId
FindAtomA
GetStdHandle
CreateThread
GetLastError
DeleteFileA
FindFirstFileA
OpenFile
FindFirstFileA
GetConsoleMode
CreateProcessA
GetOEMCP
GlobalFree
GetConsoleOutputCP
DeleteFileA
GetCurrentProcessId
GetUserDefaultLangID
ExitProcess
GetCurrentThread
GetLastError
GetComputerNameA
GetCPInfo
CreateDirectoryA
FindAtomA
GetCurrentThread
CreateDirectoryA
DeleteFileA
GetStdHandle
DeleteFileW
FindFirstFileA
GetCurrentProcessId
GetUserDefaultLangID
GetLastError
GetComputerNameA
DeleteAtom
GetConsoleMode
GetCurrentProcess
ExitThread
CreateDirectoryA
FindFirstFileA
Sleep
GetCurrentProcessId
GetConsoleOutputCP
GetConsoleMode
OpenFile
GetCurrentThreadId
GetFileSize
DeleteAtom
GetCurrentProcess
GetCommandLineA
DeleteFileA
DeleteAtom
CreateProcessA
GetStdHandle
GetCurrentProcessId
GetConsoleMode
ExitProcess
GetFileTime
GetComputerNameA
GetCurrentThread
GetCurrentThreadId
GetCPInfo
GetUserDefaultLangID
ExitThread
GetFileSize
GlobalFree
GetCurrentThreadId
DeleteFileW
GetConsoleOutputCP
CreateThread
GlobalFree
FindAtomA
FindFirstFileA
GetFileTime
GetStdHandle
CreateDirectoryA
OpenFile
CreateProcessA
GetCurrentProcessId
GetLastError
GetCPInfo
CopyFileW
DeleteAtom
GetConsoleMode

user32

InsertMenuA
EndDialog
GetFocus
DrawTextW
CloseWindow
GetDC
AppendMenuW
BlockInput
CalcMenuBar
GetDlgItem
CreateIcon
DrawIcon
GetWindowTextA
GetCursor
LoadMenuA
CopyRect
GetWindowTextLengthA
CalcMenuBar
GetWindowTextLengthA
GetWindowTextA
DrawIconEx
CopyIcon
DrawTextA
AppendMenuW
CopyImage
IsWindow
GetCursor
AlignRects
LoadMenuA
GetFocus
CalcMenuBar
AppendMenuW
GetDC
DrawTextA
CopyImage
GetCursor
AppendMenuA
DrawTextW
LoadMenuA
IsMenu
GetWindowTextLengthA
CloseWindow
GetWindowTextA
LoadCursorA
DrawIcon

advapi32

RegEnumKeyExW
RegQueryValueW
RegDeleteValueA
RegCreateKeyExW
RegCreateKeyExA
RegDeleteValueW
RegOpenKeyA
RegReplaceKeyA
RegDeleteKeyW
RegOpenKeyExA
RegOpenKeyExW
RegCreateKeyW

Sections

.itext
Size: 26KB - Virtual size: 26KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.edata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bss
Size: 102KB - Virtual size: 366KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

10893754d163e6c846777a283a8657a0

Headers

File Characteristics

Imports

kernel32

user32

advapi32

Sections

.itext Size: 26KB - Virtual size: 26KB

.edata Size: 4KB - Virtual size: 3KB

.bss Size: 102KB - Virtual size: 366KB

.idata Size: 6KB - Virtual size: 5KB

.itext
Size: 26KB - Virtual size: 26KB

.edata
Size: 4KB - Virtual size: 3KB

.bss
Size: 102KB - Virtual size: 366KB

.idata
Size: 6KB - Virtual size: 5KB