0e28ca497bdd421facc4452cf146aa76_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

0e28ca497bdd421facc4452cf146aa76_JaffaCakes118
Size

74KB
MD5

0e28ca497bdd421facc4452cf146aa76
SHA1

ba12096eb00e86f3fe3f5a44d6a8acebd0f292f5
SHA256

05b4959309251f49a3ab3ddf42490a60a3eddbd045695ad7ba1719d5cd622fac
SHA512

d3c348178991770aaaab8749487ed046451660660832564a14e8f5eda41e472afbfda089d41d8f763e0698c01b5508bb11a37d5c2328e7f471df135f06606fa4
SSDEEP

1536:IT4lFO+r2pK/2a7DebUGwH0i1d1FfwaCIH/Cbxff6:IqJrEK572eU+d1FoEfCbo

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0e28ca497bdd421facc4452cf146aa76_JaffaCakes118

Files

0e28ca497bdd421facc4452cf146aa76_JaffaCakes118
.exe windows:4 windows x86 arch:x86

03de8e10860e17c54e4703ad84baefaf

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RegEnumKeyExW
RegEnumKeyA
RegDeleteValueA
RegQueryValueA
RegEnumValueW
RegEnumValueA
RegOpenKeyW
RegQueryValueW
RegDeleteKeyA
RegCreateKeyExW
RegOpenKeyExA
RegOpenKeyExW
RegEnumKeyExA
RegReplaceKeyA
RegCreateKeyExA
RegLoadKeyW
RegCreateKeyW
RegEnumKeyW
RegQueryValueExA
RegGetKeySecurity
RegReplaceKeyW
RegQueryInfoKeyA
RegDeleteValueW
RegQueryInfoKeyW
RegLoadKeyA
RegDeleteKeyW
RegQueryValueExW
RegFlushKey
RegOpenKeyA
RegDeleteKeyW
RegDeleteValueA
RegLoadKeyA
RegCreateKeyExA
RegQueryInfoKeyA
RegQueryValueExW
RegQueryValueW
RegLoadKeyW
RegQueryValueA
RegEnumValueW
RegEnumKeyExA
RegOpenKeyExA
RegEnumValueA
RegCreateKeyExW
RegCreateKeyW
RegEnumKeyExW
RegFlushKey
RegGetKeySecurity
RegOpenKeyA
RegQueryInfoKeyW
RegReplaceKeyA
RegOpenKeyExW
RegDeleteValueW
RegEnumKeyA
RegReplaceKeyW
RegEnumKeyW
RegQueryValueExA
RegDeleteKeyA
RegOpenKeyW

user32

CopyImage
DialogBoxParamW
GetWindowTextLengthA
IsMenu
LoadMenuA
DrawTextW
CreateIcon
GetWindowTextA
DrawIcon
DrawTextA
GetCursor
CopyIcon
IsWindow
DrawIconEx
CloseWindow
EndDialog
AlignRects
GetDC
CopyRect
DialogBoxParamA
InsertMenuA
BlockInput
GetFocus
AppendMenuW
AppendMenuA
GetDlgItem
CalcMenuBar
LoadCursorA
GetMenu

kernel32

GetConsoleCP
GetFileSize
GetConsoleCP
lstrcpynA
GetConsoleCP
GetModuleFileNameA
GetConsoleCP
lstrlenA
GetConsoleCP
lstrcmpA
GetConsoleCP
Sleep
GetConsoleCP
GetStringTypeA
GetConsoleCP
HeapAlloc
GetConsoleCP
ExitProcess
GetConsoleCP

Sections

.tedt
Size: 18KB - Virtual size: 18KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 45KB - Virtual size: 45KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.eaata
Size: 2KB - Virtual size: 29KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reaoc
Size: 2KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.iddaa
Size: 1024B - Virtual size: 639B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

03de8e10860e17c54e4703ad84baefaf

Headers

File Characteristics

Imports

advapi32

user32

kernel32

Sections

.tedt Size: 18KB - Virtual size: 18KB

.rdata Size: 45KB - Virtual size: 45KB

.eaata Size: 2KB - Virtual size: 29KB

.reaoc Size: 2KB - Virtual size: 3KB

.iddaa Size: 1024B - Virtual size: 639B

.rsrc Size: 1024B - Virtual size: 4KB

.tedt
Size: 18KB - Virtual size: 18KB

.rdata
Size: 45KB - Virtual size: 45KB

.eaata
Size: 2KB - Virtual size: 29KB

.reaoc
Size: 2KB - Virtual size: 3KB

.iddaa
Size: 1024B - Virtual size: 639B

.rsrc
Size: 1024B - Virtual size: 4KB