0c938b707db99f2e9c96470bf2450b56_JaffaCakes118

General

Target

0c938b707db99f2e9c96470bf2450b56_JaffaCakes118
Size

147KB
MD5

0c938b707db99f2e9c96470bf2450b56
SHA1

2317b2baba05e201d0b66d63b54624d469b90c1a
SHA256

da7d7e90bb71f55a0b505157c30b8cb1e6ed79422072797bc4593918646b4608
SHA512

ad7f4193d25297f03e585e913193d64e08a70429e7c409a5376e278367ece06cc62edc2e0e905eeb1417d6106bc224725c3812989a02e88a13dcb88aac2f6bbd
SSDEEP

3072:KfPlDISeFJuHN7fAy/SZXa/eu4zo+TtCmccXO/YN:KGSay4XuDx+6cXO/Q

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0c938b707db99f2e9c96470bf2450b56_JaffaCakes118

Files

0c938b707db99f2e9c96470bf2450b56_JaffaCakes118
.exe windows:4 windows x86 arch:x86

0abfd0b4876e82a18660834f9138d64d

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RegEnumValueA
RegDeleteValueW
RegDeleteKeyW
RegReplaceKeyA
RegDeleteKeyA
RegDeleteValueA
RegQueryValueA
RegOpenKeyA
RegLoadKeyA
RegQueryValueW
RegEnumValueW
RegEnumKeyExW
RegReplaceKeyW
RegFlushKey
RegCreateKeyExA
RegLoadKeyW
RegEnumKeyA
RegEnumKeyExA

kernel32

GetConsoleCP
GetCPInfo
GetConsoleCP
FreeLibrary
GetConsoleCP
GetModuleFileNameA
GetConsoleCP
lstrcmpiA
GetConsoleCP
HeapFree
GetConsoleCP
ExitProcess
GetConsoleCP
GetLastError
GetConsoleCP
GetDateFormatA
GetConsoleCP
WideCharToMultiByte
GetConsoleCP
lstrcmpiA
GetFileType
GetStringTypeA
lstrcpyA
GetModuleFileNameA
GetDateFormatA
GetStringTypeW
WideCharToMultiByte
lstrcpynA
Sleep
lstrlenA
DeleteFileA
ExitProcess
GetStdHandle
GetCommandLineA
lstrcmpA
GetModuleHandleA

user32

GetFocus
EndDialog
CloseWindow
DrawIcon
CreateIcon
AppendMenuW
DialogBoxParamA
AlignRects
AppendMenuA
GetDC
GetDlgItem
CopyImage
CopyRect
LoadMenuA
LoadCursorA
IsMenu
CalcMenuBar
IsWindow
BlockInput

Sections

.text
Size: 23KB - Virtual size: 22KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.raata
Size: 104KB - Virtual size: 103KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.edada
Size: 9KB - Virtual size: 151KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bss
Size: - Virtual size: 1KB

IMAGE_SCN_MEM_READ

.rarc
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

0abfd0b4876e82a18660834f9138d64d

Headers

File Characteristics

Imports

advapi32

kernel32

user32

Sections

.text Size: 23KB - Virtual size: 22KB

.raata Size: 104KB - Virtual size: 103KB

.edada Size: 9KB - Virtual size: 151KB

.bss Size: - Virtual size: 1KB

.rarc Size: 7KB - Virtual size: 6KB

.text
Size: 23KB - Virtual size: 22KB

.raata
Size: 104KB - Virtual size: 103KB

.edada
Size: 9KB - Virtual size: 151KB

.bss
Size: - Virtual size: 1KB

.rarc
Size: 7KB - Virtual size: 6KB