2ca45484fb0d18bbc1e2ff3d7084b2e5_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

2ca45484fb0d18bbc1e2ff3d7084b2e5_JaffaCakes118
Size

264KB
MD5

2ca45484fb0d18bbc1e2ff3d7084b2e5
SHA1

a554a163d6fbf073badca623556ae355fe57a456
SHA256

e946fe640d6c0ded871aa8fa035db9a8cf47f6876a7a2568066e71f7d3120c6c
SHA512

966b88f9ae72ae11a4e6fb71b3f2d62532c59bf0e6da3449c24fb96e8482e925ec6d123c507d91fd51755d9503f14849dadc8155fa49f42700a648c9e8c16d30
SSDEEP

6144:rWD9iFjxGfLSHEs+1hDUbF+DrpDuyXAYjLGOVgXyqmb:rbxGfWHEsAIWIyXAYjFVIxmb

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2ca45484fb0d18bbc1e2ff3d7084b2e5_JaffaCakes118

Files

2ca45484fb0d18bbc1e2ff3d7084b2e5_JaffaCakes118
.exe windows:4 windows x86 arch:x86

9f831ea24d6ef146b7efa07dcdea8a78

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RegEnumKeyExA
RegLoadKeyA
RegQueryInfoKeyW
RegQueryValueW
RegDeleteValueW
RegCreateKeyW
RegLoadKeyW
RegEnumKeyA
RegQueryValueExA
RegDeleteValueA
RegEnumValueW
RegEnumKeyExW
RegCreateKeyExW
RegReplaceKeyW
RegOpenKeyExW
RegReplaceKeyA
RegOpenKeyExA
RegQueryInfoKeyA
RegQueryInfoKeyA
RegReplaceKeyA
RegCreateKeyExA
RegGetKeySecurity
RegQueryValueA
RegQueryInfoKeyW
RegEnumValueW
RegReplaceKeyW
RegEnumValueA
RegEnumKeyExA
RegDeleteValueW
RegLoadKeyA
RegFlushKey
RegCreateKeyW
RegFlushKey
RegLoadKeyW
RegQueryValueA
RegDeleteKeyW
RegQueryValueExA
RegEnumKeyExA
RegDeleteKeyA
RegCreateKeyW
RegOpenKeyW
RegReplaceKeyA
RegOpenKeyA
RegReplaceKeyW
RegLoadKeyA
RegEnumKe��xWY

kernel32

DeleteFileA
GetUserDefaultLCID
ExitProcess
CreateThread
Sleep
GetConsoleMode
ExitThread
GetLastError
GetCurrentThread
GetCPInfo
GetFileSize
GetCurrentProcessId
GetCommandLineA
CreateProcessA
GetFileTime
DeleteFileW
GetConsoleOutputCP
ExitThread
CreateProcessA
GetConsoleMode
GetCurrentThread
OpenFile
GetCPInfo
GetLastError
ExitProcess
FindAtomA
GetStdHandle
CopyFileW
GetUserDefaultLangID
GetFileSize
CreateProcessA
GetConsoleOutputCP
ExitProcess
GetCurrentProcess
CreateThread
GetConsoleMode
DeleteFileW
GetCommandLineA
DeleteAtom
OpenFile
Sleep
GetFileTime
DeleteFileA
GlobalFree
GetComputerNameA
GetUserDefaultLangID
GetLastError
GetCurrentProcess
ExitThread
GetFileTime
GetConsoleMode
GetCommandLineA
CreateThread
GetStdHandle
Sleep
DeleteFileA
GetCurrentProcessId
DeleteAtom
GetOEMCP
DeleteAtom
GetCurrentProcess
CreateThread
CreateDirectoryA
ExitThread
CopyFileW
GetCurrentProcessId
GetLastError
GetCPInfo
GetOEMCP
ExitProcess
GetCurrentThread
GetCurrentThreadId
DeleteFileA
GetComputerNameA

user32

InsertMenuA
GetMenu
GetDC
AppendMenuA
DrawIcon
GetCursor
GetWindowTextA
IsWindow
GetDlgItem
CreateIcon
AlignRects
CopyRect
DrawTextA
DrawIconEx
LoadMenuA
IsMenu

Sections

.itext
Size: 27KB - Virtual size: 26KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.edata
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bss
Size: 222KB - Virtual size: 586KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

9f831ea24d6ef146b7efa07dcdea8a78

Headers

File Characteristics

Imports

advapi32

kernel32

user32

Sections

.itext Size: 27KB - Virtual size: 26KB

.edata Size: 9KB - Virtual size: 9KB

.bss Size: 222KB - Virtual size: 586KB

.idata Size: 3KB - Virtual size: 3KB

.itext
Size: 27KB - Virtual size: 26KB

.edata
Size: 9KB - Virtual size: 9KB

.bss
Size: 222KB - Virtual size: 586KB

.idata
Size: 3KB - Virtual size: 3KB