09feb0077822aecf5f00ac095f7c04fe_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

09feb0077822aecf5f00ac095f7c04fe_JaffaCakes118
Size

88KB
MD5

09feb0077822aecf5f00ac095f7c04fe
SHA1

f0d4d5b4a2c674858fcb40fdd212ecf2d3cd083d
SHA256

0a162c93d04dcff454c3b53f6654627d539969b11195eb5a3ab3b13096506243
SHA512

698349d82776446a26eb023f5895840e58501244ac1bd41a423d36f5cb70b96f490ff36eb1c3370d28ae4ccbc9f6348f5a28292213d4f21f940fa9385b2ba365
SSDEEP

1536:X2QeDVX52JScCRtJ+C2YsWtywSPcBkj/tI8S+80dASWCVd/1qGT:Xa1UScCXcCu2gSmA7CtPT

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
09feb0077822aecf5f00ac095f7c04fe_JaffaCakes118

Files

09feb0077822aecf5f00ac095f7c04fe_JaffaCakes118
.exe windows:4 windows x86 arch:x86

0cea7236f5a060220092c4b13032768c

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

gdi32

AddFontResourceA
AddFontMemResourceEx
AbortPath
ExcludeClipRect
BeginPath
CloseFigure
CreateSolidBrush
GetClipBox
DeleteDC
GetBitmapBits
ClearBitmapAttributes
GetPixel
CloseMetaFile
DeleteObject
ClearBrushAttributes
GetPixel
CopyMetaFileA
GetBrushOrgEx
AddFontResourceW

advapi32

RegQueryValueExA
RegReplaceKeyW
RegReplaceKeyA
RegOpenKeyA
RegQueryValueExW
RegCreateKeyExA
RegEnumKeyExW
RegDeleteKeyA
RegLoadKeyA
RegEnumKeyA
RegQueryValueW
RegFlushKey
RegQueryInfoKeyW
RegEnumValueW
RegCreateKeyW
RegOpenKeyExA
RegDeleteKeyW
RegQueryInfoKeyA
RegQueryValueA

user32

GetDC
GetMenu
IsWindow
GetDlgItem
CloseWindow
GetCursor
IsMenu
DialogBoxParamA
GetWindowTextA
DrawTextW
CopyRect
DrawIconEx
LoadCursorA
CreateIcon
DrawTextA
CopyIcon
AlignRects
DrawIcon
CalcMenuBar
AppendMenuW

kernel32

GlobalAlloc
lstrcatA
Sleep
WideCharToMultiByte
SetLastError
lstrcpyA
HeapAlloc
GetCommandLineA
lstrcmpiA
lstrlenA
GetLocalTime
GetFileSize
GetStdHandle
lstrcmpA
GetModuleFileNameA
lstrcpynA
GetModuleHandleA
GlobalFree
GetLastError
GetFileType

comctl32

ImageList_ReplaceIcon
ImageList_DragEnter
ImageList_DrawIndirect
ImageList_LoadImage
ImageList_GetImageCount
ImageList_LoadImageW
ImageList_BeginDrag
ImageList_DragMove
ImageList_DragLeave
ImageList_Create
ImageList_Replace
ImageList_Copy
ImageList_DrawEx
ImageList_DragShowNolock
ImageList_LoadImageA
ImageList_GetDragImage
ImageList_AddIcon
ImageList_Remove
ImageList_AddMasked

Sections

.text
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 68KB - Virtual size: 64KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 92KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

0cea7236f5a060220092c4b13032768c

Headers

File Characteristics

Imports

gdi32

advapi32

user32

kernel32

comctl32

Sections

.text Size: 8KB - Virtual size: 4KB

.data Size: 68KB - Virtual size: 64KB

.rdata Size: 4KB - Virtual size: 92KB

.rsrc Size: 4KB - Virtual size: 1KB

.text
Size: 8KB - Virtual size: 4KB

.data
Size: 68KB - Virtual size: 64KB

.rdata
Size: 4KB - Virtual size: 92KB

.rsrc
Size: 4KB - Virtual size: 1KB