10452f25c2c96498002fd8c63e4f2912_JaffaCakes118

General

Target

10452f25c2c96498002fd8c63e4f2912_JaffaCakes118
Size

74KB
MD5

10452f25c2c96498002fd8c63e4f2912
SHA1

5f1d31588f780ba073233e7c22fe3dcb8c700d0c
SHA256

ed6315ff708a504295ad9edf3afcf3e02ec1ca968645e783c50c0a64ebac53be
SHA512

d4a0f84e0901783adcee63af4b7f5ac56f10a43b4b5d24ebb82ff723d2592da87fde504e99dbcdcaeb45ae4ad1e506712dee270a1b5665f60ed670a3ecad2a8d
SSDEEP

1536:isqi7vxdUJa3gTt8zto5HhC4rHYgcde0qaDO:LZpdJ3gTt8hoXx4gRVaDO

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
10452f25c2c96498002fd8c63e4f2912_JaffaCakes118

Files

10452f25c2c96498002fd8c63e4f2912_JaffaCakes118
.exe windows:4 windows x86 arch:x86

492d05d31c9fa0021a9fbc016f801177

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RegReplaceKeyW
RegEnumValueW
RegQueryInfoKeyA
RegEnumKeyExA
RegQueryValueA
RegCreateKeyExA
RegReplaceKeyA
RegQueryInfoKeyW
RegQueryValueExA
RegDeleteKeyW
RegDeleteValueA
RegGetKeySecurity
RegCreateKeyW
RegQueryValueExW
RegQueryValueW
RegDeleteKeyA
RegOpenKeyW
RegEnumKeyW

user32

GetDC
CopyIcon
AppendMenuW
CopyRect
CalcMenuBar
DrawIcon
DrawTextW
CopyImage
LoadCursorA
LoadMenuA
CreateIcon
InsertMenuA
AlignRects
GetMenu
GetDlgItem
DialogBoxParamA
GetWindowTextLengthA
IsMenu
DrawIconEx
CloseWindow
DialogBoxParamW

kernel32

GetACP
DeleteFileA
GetACP
GetCommandLineA
GetACP
GetFileAttributesA
GetACP
GetFileType
GetACP
GetStringTypeW
GetACP
lstrcpynA
GetACP
lstrcmpA
GetACP
GetModuleFileNameA
WideCharToMultiByte
GlobalFree
GetFileAttributesA
GetCommandLineA
FreeLibrary
lstrcpyA
GetCPInfo
GetLastError
GetModuleFileNameA
lstrcatA
GetFileType
DeleteFileA
ExitProcess
lstrcpynA
GetModuleHandleA
HeapAlloc
WideCharToMultiByte
GetLocalTime
GetModuleFileNameA
GetStringTypeW
GetFileSize
lstrcpynA
GetStdHandle
GetFileType
GetLastError
GetCPInfo
lstrlenA
lstrcatA
GetConsoleCP
lstrcmpA
ExitProcess
FreeLibrary
GetStringTypeA
lstrcmpiA
GetCommandLineA

Sections

.teat
Size: 15KB - Virtual size: 14KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rddta
Size: 46KB - Virtual size: 46KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.eaata
Size: 2KB - Virtual size: 58KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idada
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

492d05d31c9fa0021a9fbc016f801177

Headers

File Characteristics

Imports

advapi32

user32

kernel32

Sections

.teat Size: 15KB - Virtual size: 14KB

.rddta Size: 46KB - Virtual size: 46KB

.eaata Size: 2KB - Virtual size: 58KB

.idada Size: 6KB - Virtual size: 6KB

.rsrc Size: 1024B - Virtual size: 4KB

.teat
Size: 15KB - Virtual size: 14KB

.rddta
Size: 46KB - Virtual size: 46KB

.eaata
Size: 2KB - Virtual size: 58KB

.idada
Size: 6KB - Virtual size: 6KB

.rsrc
Size: 1024B - Virtual size: 4KB