284d340ca8aa6db1c29587a208c3a4a5_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

284d340ca8aa6db1c29587a208c3a4a5_JaffaCakes118
Size

74KB
MD5

284d340ca8aa6db1c29587a208c3a4a5
SHA1

d21db5ab4911bc55c8d3ac4112e66d2e841a70b7
SHA256

5db8e6889085507badce363f5a42e64d0bc2449d89b67208fa4c47c704d8f569
SHA512

0b5b0ea30ebb4ad8953b7451f7c8f706871ccde781ac166cd778441e35470ceee22ca2d767ebdc7a55d7dc8dafc9546f148c77f67dbf0265c66d128e80a7bbfc
SSDEEP

1536:IT4lFO+r2pK/2a7DebUGwH0i1d1FfwaCIH/CbxffW:IqJrEK572eU+d1FoEfCbk

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
284d340ca8aa6db1c29587a208c3a4a5_JaffaCakes118

Files

284d340ca8aa6db1c29587a208c3a4a5_JaffaCakes118
.exe windows:4 windows x86 arch:x86

03de8e10860e17c54e4703ad84baefaf

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RegEnumKeyExW
RegEnumKeyA
RegDeleteValueA
RegQueryValueA
RegEnumValueW
RegEnumValueA
RegOpenKeyW
RegQueryValueW
RegDeleteKeyA
RegCreateKeyExW
RegOpenKeyExA
RegOpenKeyExW
RegEnumKeyExA
RegReplaceKeyA
RegCreateKeyExA
RegLoadKeyW
RegCreateKeyW
RegEnumKeyW
RegQueryValueExA
RegGetKeySecurity
RegReplaceKeyW
RegQueryInfoKeyA
RegDeleteValueW
RegQueryInfoKeyW
RegLoadKeyA
RegDeleteKeyW
RegQueryValueExW
RegFlushKey
RegOpenKeyA
RegDeleteKeyW
RegDeleteValueA
RegLoadKeyA
RegCreateKeyExA
RegQueryInfoKeyA
RegQueryValueExW
RegQueryValueW
RegLoadKeyW
RegQueryValueA
RegEnumValueW
RegEnumKeyExA
RegOpenKeyExA
RegEnumValueA
RegCreateKeyExW
RegCreateKeyW
RegEnumKeyExW
RegFlushKey
RegGetKeySecurity
RegOpenKeyA
RegQueryInfoKeyW
RegReplaceKeyA
RegOpenKeyExW
RegDeleteValueW
RegEnumKeyA
RegReplaceKeyW
RegEnumKeyW
RegQueryValueExA
RegDeleteKeyA
RegOpenKeyW

user32

CopyImage
DialogBoxParamW
GetWindowTextLengthA
IsMenu
LoadMenuA
DrawTextW
CreateIcon
GetWindowTextA
DrawIcon
DrawTextA
GetCursor
CopyIcon
IsWindow
DrawIconEx
CloseWindow
EndDialog
AlignRects
GetDC
CopyRect
DialogBoxParamA
InsertMenuA
BlockInput
GetFocus
AppendMenuW
AppendMenuA
GetDlgItem
CalcMenuBar
LoadCursorA
GetMenu

kernel32

GetConsoleCP
GetFileSize
GetConsoleCP
lstrcpynA
GetConsoleCP
GetModuleFileNameA
GetConsoleCP
lstrlenA
GetConsoleCP
lstrcmpA
GetConsoleCP
Sleep
GetConsoleCP
GetStringTypeA
GetConsoleCP
HeapAlloc
GetConsoleCP
ExitProcess
GetConsoleCP

Sections

.tedt
Size: 18KB - Virtual size: 18KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 45KB - Virtual size: 45KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.eaata
Size: 2KB - Virtual size: 29KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reaoc
Size: 2KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.iddaa
Size: 1024B - Virtual size: 639B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

03de8e10860e17c54e4703ad84baefaf

Headers

File Characteristics

Imports

advapi32

user32

kernel32

Sections

.tedt Size: 18KB - Virtual size: 18KB

.rdata Size: 45KB - Virtual size: 45KB

.eaata Size: 2KB - Virtual size: 29KB

.reaoc Size: 2KB - Virtual size: 3KB

.iddaa Size: 1024B - Virtual size: 639B

.rsrc Size: 1024B - Virtual size: 4KB

.tedt
Size: 18KB - Virtual size: 18KB

.rdata
Size: 45KB - Virtual size: 45KB

.eaata
Size: 2KB - Virtual size: 29KB

.reaoc
Size: 2KB - Virtual size: 3KB

.iddaa
Size: 1024B - Virtual size: 639B

.rsrc
Size: 1024B - Virtual size: 4KB