17a9e73be93e1b3e12bec7031e1e9ce5_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

17a9e73be93e1b3e12bec7031e1e9ce5_JaffaCakes118
Size

121KB
MD5

17a9e73be93e1b3e12bec7031e1e9ce5
SHA1

a2826fdc73aa8721fe5fa9fdf727bb4992bf32f5
SHA256

12d80c668bc1a75c5bdff4cd0d01fffa11b5f8ec78a638cc01e8dbba1a93cebb
SHA512

f72eac83d1e87f6e6c3b294c7512b7068174617e7f36960ebc120fbb201a64f77cd494ea275558ec2dca93d43c0061e73698d47e813050ad1fb3a184305f9682
SSDEEP

3072:Sexn19i7/bWURuPgaVSpGguINECtFUG6:L9ObWURuYbx1Xt2G6

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
17a9e73be93e1b3e12bec7031e1e9ce5_JaffaCakes118

Files

17a9e73be93e1b3e12bec7031e1e9ce5_JaffaCakes118
.exe windows:4 windows x86 arch:x86

ab8011891cd3f73ff55761f08e0c21d0

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

comctl32

ImageList_BeginDrag
ImageList_Copy
ImageList_DrawIndirect
ImageList_AddMasked
ImageList_GetImageCount
ImageList_DragEnter
ImageList_GetImageInfo
ImageList_LoadImageW
ImageList_GetIcon
ImageList_DrawEx
ImageList_Draw
ImageList_GetIconSize
ImageList_AddIcon
ImageList_DragMove
ImageList_EndDrag
ImageList_Remove
ImageList_Merge
ImageList_LoadImage
ImageList_ReplaceIcon
ImageList_GetDragImage

user32

GetFocus
DrawTextA
AlignRects
GetDlgItem
DialogBoxParamA
AppendMenuW
DrawIcon
CloseWindow
CopyIcon
BlockInput
AppendMenuA
GetWindowTextLengthA
EndDialog
LoadCursorA
DrawIconEx
GetWindowTextA
DrawTextW
GetDC
LoadMenuA
DrawTextA
EndDialog
AlignRects
GetDlgItem
CloseWindow
CreateIcon
GetWindowTextLengthA
DialogBoxParamA
CopyImage
IsMenu
GetFocus
GetDC
GetCursor
DrawIcon
CalcMenuBar
BlockInput
IsWindow
CopyIcon

kernel32

Sleep
GetFileType
FreeLibrary
lstrcpyA
GetCPInfo
GetStringTypeA
lstrcatA
GetLastError
CloseHandle
WideCharToMultiByte
GetModuleFileNameA
lstrcpynA
HeapFree
GetDateFormatA
GetStdHandle
GetLocalTime

advapi32

RegQueryInfoKeyA
RegEnumKeyW
RegReplaceKeyA
RegEnumKeyExA
RegGetKeySecurity
RegCreateKeyExA
RegDeleteValueA
RegEnumKeyExW
RegFlushKey
RegDeleteKeyW
RegLoadKeyW
RegReplaceKeyW
RegCreateKeyW
RegQueryValueExA
RegEnumKeyA
RegQueryValueA
RegQueryInfoKeyW

Sections

.ugmB
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.sehPFU
Size: 103KB - Virtual size: 103KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.HaywLK
Size: 4KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.FgfFj
Size: - Virtual size: 2KB

IMAGE_SCN_MEM_READ

.MstA
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ab8011891cd3f73ff55761f08e0c21d0

Headers

File Characteristics

Imports

comctl32

user32

kernel32

advapi32

Sections

.ugmB Size: 6KB - Virtual size: 6KB

.sehPFU Size: 103KB - Virtual size: 103KB

.HaywLK Size: 4KB - Virtual size: 32KB

.FgfFj Size: - Virtual size: 2KB

.MstA Size: 3KB - Virtual size: 2KB

.ugmB
Size: 6KB - Virtual size: 6KB

.sehPFU
Size: 103KB - Virtual size: 103KB

.HaywLK
Size: 4KB - Virtual size: 32KB

.FgfFj
Size: - Virtual size: 2KB

.MstA
Size: 3KB - Virtual size: 2KB