12cb33f8375d05a47025f7ccb5cec640_JaffaCakes118

General

Target

12cb33f8375d05a47025f7ccb5cec640_JaffaCakes118
Size

190KB
MD5

12cb33f8375d05a47025f7ccb5cec640
SHA1

05da147883ca911b293e7dbb18fc7e2fd4e8281e
SHA256

4b5682f69f269cdca91c35eab883d6e51a98d5dad177792462be0bd9d8ef3eaa
SHA512

470da22c43e1806be87a9655578eb2a9b37e215b843e4aa74786178ec1440d138f194c8cf8fe6d6ab3fd4d9926e989413734973d914d2efde141b3c4cc3cfb27
SSDEEP

3072:oPIfXMMdYKEGEJ3Wli6M1XwtygGneVA131BUFjJ24xHYSYggO4vnof3:oQf7aZGliBkytneu13ft8HYBnof3

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
12cb33f8375d05a47025f7ccb5cec640_JaffaCakes118

Files

12cb33f8375d05a47025f7ccb5cec640_JaffaCakes118
.exe windows:4 windows x86 arch:x86

d645b364c322738f8dbd98d37c374807

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

comctl32

ImageList_GetImageInfo
ImageList_Destroy
ImageList_GetIconSize
ImageList_Remove
InitCommonControls
ImageList_ReplaceIcon
ImageList_DrawIndirect
ImageList_GetDragImage
ImageList_DrawEx
ImageList_Copy
ImageList_AddIcon
ImageList_DragLeave
ImageList_DragMove
ImageList_DragShowNolock
ImageList_DragEnter
ImageList_GetImageRect

advapi32

RegEnumKeyExA
RegReplaceKeyW
RegLoadKeyA
RegDeleteValueA
RegReplaceKeyA
RegQueryValueW
RegOpenKeyExA
RegCreateKeyExW
RegOpenKeyW
RegDeleteKeyA
RegEnumValueA
RegCreateKeyExA
RegEnumValueW
RegLoadKeyW
RegOpenKeyExW
RegQueryValueExW

kernel32

CloseHandle
HeapFree
Sleep
FreeLibrary
lstrcatA
GetLastError
GetLocalTime
GlobalAlloc
GetFileAttributesA
lstrcpyA
GlobalFree
GetModuleHandleA
WideCharToMultiByte
GetFileSize
GetModuleFileNameA
GetCommandLineA
GetStringTypeA
lstrlenA

user32

DialogBoxParamA
EndDialog
DrawTextA
DrawIcon
AppendMenuA
AlignRects
IsMenu
BlockInput
GetCursor
CopyRect
LoadMenuA
GetWindowTextA
LoadCursorA
CreateIcon
DrawTextW
GetFocus
CloseWindow
GetMenu
DialogBoxParamW
AppendMenuW

Sections

.joUQk
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.QhdThA
Size: 56KB - Virtual size: 55KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.ncnQ
Size: 6KB - Virtual size: 121KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.JOeenF
Size: - Virtual size: 2KB

IMAGE_SCN_MEM_READ

.UFSWLq
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d645b364c322738f8dbd98d37c374807

Headers

File Characteristics

Imports

comctl32

advapi32

kernel32

user32

Sections

.joUQk Size: 11KB - Virtual size: 11KB

.QhdThA Size: 56KB - Virtual size: 55KB

.ncnQ Size: 6KB - Virtual size: 121KB

.JOeenF Size: - Virtual size: 2KB

.UFSWLq Size: 2KB - Virtual size: 1KB

.joUQk
Size: 11KB - Virtual size: 11KB

.QhdThA
Size: 56KB - Virtual size: 55KB

.ncnQ
Size: 6KB - Virtual size: 121KB

.JOeenF
Size: - Virtual size: 2KB

.UFSWLq
Size: 2KB - Virtual size: 1KB