2b76b719926666c82579fce92ee4978d_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

2b76b719926666c82579fce92ee4978d_JaffaCakes118
Size

72KB
MD5

2b76b719926666c82579fce92ee4978d
SHA1

f0e981996d70cb13afa9819e27075377a6686464
SHA256

1a2a42606f3b50a3f2234d0c23b39b79197db9c1b40de084c5d13293a327bfee
SHA512

181f492eedfdd0586e497902297b8712d52ca9fb9bca0bb5b23e12ee51c4bfb2780fb63e6ada3c45b222d90d0c785e9ed8d75c88eb5e317605163c0f81653efa
SSDEEP

1536:Fhv3MZWtPZrejbLWM39qGFr0dmi2E8VTRoy:FhaWtPZSf9oGWdPwR1

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2b76b719926666c82579fce92ee4978d_JaffaCakes118

Files

2b76b719926666c82579fce92ee4978d_JaffaCakes118
.exe windows:4 windows x86 arch:x86

4b5019d5e3dd81614f38c20dc5bfb945

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RegDeleteValueW
RegOpenKeyExA
RegQueryInfoKeyW
RegDeleteKeyA
RegQueryValueExA
RegOpenKeyExW
RegDeleteValueA
RegEnumKeyExW
RegReplaceKeyW
RegQueryValueExW
RegLoadKeyW
RegCreateKeyExA
RegOpenKeyA
RegReplaceKeyA
RegDeleteKeyW
RegLoadKeyA
RegQueryValueA
RegEnumValueW
RegEnumValueA
RegEnumKeyExA
RegFlushKey
RegCreateKeyExW
RegGetKeySecurity
RegQueryValueW
RegCreateKeyW
RegQueryInfoKeyA
RegEnumKeyA
RegOpenKeyW
RegEnumKeyW
RegGetKeySecurity
RegFlushKey
RegQueryValueA
RegEnumKeyExW
RegOpenKeyA
RegOpenKeyExW
RegEnumValueA
RegDeleteKeyA
RegQueryValueW
RegEnumValueW
RegOpenKeyExA
RegReplaceKeyA
RegEnumKeyW
RegQueryInfoKeyW
RegEnumKeyA
RegOpenKeyW
RegCreateKeyExW
RegCreateKeyExA
RegCreateKeyW
RegLoadKeyW
RegEnumKeyExA
RegReplaceKeyW
RegQueryValueExA
RegLoadKeyA
RegDeleteValueW
RegDeleteValueA
RegQueryValueExW
RegQueryInfoKeyA
RegDeleteKeyW

kernel32

CloseHandle
HeapFree
CloseHandle
GetModuleHandleA
CloseHandle
lstrcpyA
CloseHandle
DeleteFileA
CloseHandle
GetCommandLineA
CloseHandle
lstrlenA
CloseHandle
lstrcmpiA
CloseHandle
lstrcpynA
CloseHandle

user32

GetFocus
GetDlgItem
CreateIcon
DrawTextW
IsMenu
CopyImage
AppendMenuW
GetWindowTextLengthA
CloseWindow
BlockInput
LoadMenuA
GetDC
GetMenu
DrawIcon
CalcMenuBar
DialogBoxParamW
IsWindow
CopyRect
DrawTextA
InsertMenuA
CopyIcon
EndDialog
DialogBoxParamA
LoadCursorA
GetWindowTextA
AlignRects
AppendMenuA
DrawIconEx
GetCursor

Sections

.text
Size: 15KB - Virtual size: 14KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rddta
Size: 45KB - Virtual size: 45KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.eadta
Size: 1KB - Virtual size: 43KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idaaa
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

4b5019d5e3dd81614f38c20dc5bfb945

Headers

File Characteristics

Imports

advapi32

kernel32

user32

Sections

.text Size: 15KB - Virtual size: 14KB

.rddta Size: 45KB - Virtual size: 45KB

.eadta Size: 1KB - Virtual size: 43KB

.idaaa Size: 5KB - Virtual size: 5KB

.rsrc Size: 1024B - Virtual size: 4KB

.text
Size: 15KB - Virtual size: 14KB

.rddta
Size: 45KB - Virtual size: 45KB

.eadta
Size: 1KB - Virtual size: 43KB

.idaaa
Size: 5KB - Virtual size: 5KB

.rsrc
Size: 1024B - Virtual size: 4KB