2b1001bca649cc97fde06c903bf35f1c_JaffaCakes118

General

Target

2b1001bca649cc97fde06c903bf35f1c_JaffaCakes118
Size

72KB
MD5

2b1001bca649cc97fde06c903bf35f1c
SHA1

5eeaa8d0bc35be420bfe6a69119ad3347b9810b0
SHA256

ea842df1c1fcb6955af174ee6f6d3e00be97f4e203a7914c0240b87dc46ef4b3
SHA512

9a9fce8046658530c228152a2b0536baa0ee98829cd95a474748a258fd25a4295778166180334b4c39da25479a05f40807a64735a1f26a5b07cdceb2e8d824b9
SSDEEP

1536:kWsx4wWNxk4NTSJBM8FnMrb2tAW+XmCog:3sIjk48JBM8yAr+28

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2b1001bca649cc97fde06c903bf35f1c_JaffaCakes118

Files

2b1001bca649cc97fde06c903bf35f1c_JaffaCakes118
.exe windows:4 windows x86 arch:x86

072be41fc85820b1583f2633b9614863

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetConsoleCP
HeapFree
GetConsoleCP
DeleteFileA
GetConsoleCP
GetFileType
GetConsoleCP
ExitProcess
GetConsoleCP
GetFileAttributesA
GetConsoleCP
GetFileSize
GetConsoleCP
GlobalAlloc
GetConsoleCP
GetModuleFileNameA
GetConsoleCP
WideCharToMultiByte
GetConsoleCP
GetCommandLineA
GetModuleFileNameA
HeapAlloc
FreeLibrary
GetDateFormatA
ExitProcess
GetCPInfo
GetStdHandle
GetFileSize
GetFileType
lstrcatA
lstrlenA
GetStringTypeA
GetLastError
Sleep
GetStringTypeW
GlobalAlloc

advapi32

RegReplaceKeyW
RegOpenKeyExW
RegEnumKeyW
RegCreateKeyExW
RegEnumValueA
RegQueryValueA
RegEnumKeyExW
RegQueryInfoKeyA
RegOpenKeyExA
RegCreateKeyW
RegGetKeySecurity
RegReplaceKeyA
RegFlushKey
RegDeleteValueA
RegQueryInfoKeyW
RegEnumKeyA
RegOpenKeyA
RegEnumValueW
RegQueryValueExA

user32

GetWindowTextA
GetDlgItem
BlockInput
GetWindowTextLengthA
DialogBoxParamW
CloseWindow
GetFocus
DrawTextW
CopyImage
CopyRect
GetCursor
AppendMenuW
CalcMenuBar
LoadCursorA
DialogBoxParamA
CreateIcon
DrawIcon
InsertMenuA

Sections

.tdat
Size: 15KB - Virtual size: 14KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 46KB - Virtual size: 45KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.eadta
Size: 1024B - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bds
Size: - Virtual size: 292B

IMAGE_SCN_MEM_READ

.rdrc
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

072be41fc85820b1583f2633b9614863

Headers

File Characteristics

Imports

kernel32

advapi32

user32

Sections

.tdat Size: 15KB - Virtual size: 14KB

.rdata Size: 46KB - Virtual size: 45KB

.eadta Size: 1024B - Virtual size: 14KB

.bds Size: - Virtual size: 292B

.rdrc Size: 5KB - Virtual size: 4KB

.rsrc Size: 1024B - Virtual size: 4KB

.tdat
Size: 15KB - Virtual size: 14KB

.rdata
Size: 46KB - Virtual size: 45KB

.eadta
Size: 1024B - Virtual size: 14KB

.bds
Size: - Virtual size: 292B

.rdrc
Size: 5KB - Virtual size: 4KB

.rsrc
Size: 1024B - Virtual size: 4KB