28f62187dd377318fde19823160d8698_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

28f62187dd377318fde19823160d8698_JaffaCakes118
Size

158KB
MD5

28f62187dd377318fde19823160d8698
SHA1

8d0f1679ba9452413ba2cc28c7ecbbe72d57f949
SHA256

1a494a1ffb2ec749ea4431f8a4ca1b71b983d474ffc666ae832260b8f82a2cf2
SHA512

510c1216ee05928d045ba0314a93c0c331463ac97ce2fba57aeafff5d60f889001569835de3e29827ea8098e3ab7dc6ace71222869cbc573321c256eb9e180be
SSDEEP

3072:Zdnkkh3e9h6xjUKmKyaAF6RA4Bxw7AA8itnF:jkk66x3mTF6RA4B67+0

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
28f62187dd377318fde19823160d8698_JaffaCakes118

Files

28f62187dd377318fde19823160d8698_JaffaCakes118
.exe windows:4 windows x86 arch:x86

31a5a2844f7172ce84b28d8760a3c33c

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CloseHandle
ExitProcess
CloseHandle
GetLocalTime
CloseHandle
GlobalAlloc
CloseHandle
lstrcpyA
CloseHandle
DeleteFileA
CloseHandle
GetLastError
CloseHandle
GetLastError
CloseHandle
lstrcatA
CloseHandle
lstrcmpA
CloseHandle

advapi32

RegDeleteValueA
RegOpenKeyExW
RegEnumKeyA
RegQueryInfoKeyA
RegLoadKeyA
RegCreateKeyExA
RegQueryValueExW
RegDeleteKeyA
RegGetKeySecurity
RegDeleteKeyW
RegFlushKey
RegOpenKeyExA
RegEnumValueW
RegQueryValueA
RegEnumKeyW
RegQueryValueW
RegDeleteValueW
RegCreateKeyExW
RegEnumKeyExW
RegQueryValueExA
RegLoadKeyW
RegQueryInfoKeyW
RegOpenKeyA
RegCreateKeyW
RegOpenKeyW
RegReplaceKeyA
RegEnumValueA
RegEnumKeyExA
RegReplaceKeyW
RegGetKeySecurity
RegCreateKeyExA
RegQueryInfoKeyA
RegDeleteKeyA
RegQueryValueExA
RegEnumKeyExW
RegReplaceKeyA
RegQueryInfoKeyW
RegDeleteValueA
RegDeleteValueW
RegEnumKeyW
RegLoadKeyW
RegEnumKeyA
RegQueryValueExW
RegOpenKeyExA
RegOpenKeyA
RegEnumValueW
RegQueryValueW
RegCreateKeyW
RegReplaceKeyW
RegOpenKeyW
RegCreateKeyExW
RegEnumKeyExA
RegOpenKeyExW
RegDeleteKeyW
RegEnumValueA
RegLoadKeyA
RegFlushKey
RegQueryValueA

user32

DrawTextW
DrawIcon
DialogBoxParamA
LoadCursorA
InsertMenuA
AlignRects
CloseWindow
IsMenu
CopyImage
CreateIcon
CalcMenuBar
EndDialog
GetWindowTextA
GetWindowTextLengthA
GetDC
BlockInput
GetDlgItem
LoadMenuA
AppendMenuW
CopyRect
GetMenu
IsWindow
GetFocus
DrawTextA
DrawIconEx
CopyIcon
GetCursor
DialogBoxParamW
AppendMenuA

Sections

.t25t
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.d7ta
Size: 126KB - Virtual size: 125KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.r08ta
Size: 11KB - Virtual size: 156KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

31a5a2844f7172ce84b28d8760a3c33c

Headers

File Characteristics

Imports

kernel32

advapi32

user32

Sections

.t25t Size: 11KB - Virtual size: 10KB

.d7ta Size: 126KB - Virtual size: 125KB

.r08ta Size: 11KB - Virtual size: 156KB

.rsrc Size: 6KB - Virtual size: 5KB

.t25t
Size: 11KB - Virtual size: 10KB

.d7ta
Size: 126KB - Virtual size: 125KB

.r08ta
Size: 11KB - Virtual size: 156KB

.rsrc
Size: 6KB - Virtual size: 5KB