3a06a90262897666084ea4458a6bc4f3_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

3a06a90262897666084ea4458a6bc4f3_JaffaCakes118
Size

272KB
MD5

3a06a90262897666084ea4458a6bc4f3
SHA1

5eb592b1eb681c96e6834bffbca33b5ebfe82d89
SHA256

dc62b916259e3b9ab5da1ddeff1b6c7b9d7839a82eeee9ee7bfb82456cd1257d
SHA512

15d8694d407621b622fbf6549cb08b7deb29473707732cd0d32113eda43e866a3ca274dc762f9beea5d97e6ec868356fd9320e31a830fef57b68fdd17c53b1ec
SSDEEP

6144:HamyjX0x405XnmwQ+7MQlPQ4KIoG0e3k0WPmzPT45fIDoOZ4+fh:6myjn0xn375PboRmwfIDx4+

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3a06a90262897666084ea4458a6bc4f3_JaffaCakes118

Files

3a06a90262897666084ea4458a6bc4f3_JaffaCakes118
.exe windows:4 windows x86 arch:x86

19f047adff58c78c55fc3b0727688a70

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RegOpenKeyExW
RegCreateKeyExA
RegCreateKeyW
RegReplaceKeyW
RegOpenKeyW
RegDeleteKeyW
RegQueryValueExW
RegQueryValueW
RegEnumValueW
RegQueryInfoKeyA
RegReplaceKeyA
RegFlushKey
RegCreateKeyExW
RegCreateKeyA
RegDeleteValueW
RegOpenKeyExA
RegLoadKeyA
RegQueryInfoKeyA
RegOpenKeyExA
RegFlushKey
RegEnumValueA
RegOpenKeyExW
RegLoadKeyW
RegDeleteKeyA
RegOpenKeyA
RegQueryValueA
RegQueryInfoKeyW
RegOpenKeyW
RegCreateKeyA
RegReplaceKeyW
RegQueryValueExW
RegGetKeySecurity
RegEnumKeyW

kernel32

GlobalFree
DeleteAtom
DeleteFileA
FreeResource
OpenFile
OpenFileMappingA
GetLastError
GetFileType
FindAtomA
CopyFileA
CopyFileExW
CopyFileExA
GetPriorityClass
CopyFileExW
ExitThread
GetLocalTime
CreateDirectoryA
FlushFileBuffers
GetFileType
AddAtomA
DeleteFileW
FreeResource
GetFileTime
GetStdHandle
CopyFileA
DeleteFileA
ExitProcess
GetCommandLineA
GetLastError
GetPriorityClass
OpenFileMappingA
AddAtomA
GetCommandLineA
OpenFile
FindClose
FlushFileBuffers
FreeResource
FindAtomW
GetFileTime
FindAtomA
GetPriorityClass
WriteFile
ExitThread
ExitProcess
GetStdHandle
FatalExit
DeleteFileA
DeleteAtom
GetCPInfo

user32

CopyImage
CopyRect
LoadCursorA
IsMenu
AppendMenuW
GetFocus
CreateIcon
BlockInput
BeginPaint
DrawIconEx
CalcMenuBar
GetCursor
DialogBoxParamA
CopyRect
DrawTextW
CopyIcon
CloseWindow
DrawIcon
DrawIconEx
CalcMenuBar
DialogBoxParamW
GetMenu
GetWindowTextA
GetWindowTextLengthA
AlignRects
IsMenu
InsertMenuA
AppendMenuA
CreateIcon
LoadCursorA

Sections

.rdata
Size: 30KB - Virtual size: 29KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.bss
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.itext
Size: 229KB - Virtual size: 605KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 930B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

19f047adff58c78c55fc3b0727688a70

Headers

File Characteristics

Imports

advapi32

kernel32

user32

Sections

.rdata Size: 30KB - Virtual size: 29KB

.bss Size: 6KB - Virtual size: 5KB

.itext Size: 229KB - Virtual size: 605KB

.idata Size: 5KB - Virtual size: 4KB

.rsrc Size: 1024B - Virtual size: 930B

.rdata
Size: 30KB - Virtual size: 29KB

.bss
Size: 6KB - Virtual size: 5KB

.itext
Size: 229KB - Virtual size: 605KB

.idata
Size: 5KB - Virtual size: 4KB

.rsrc
Size: 1024B - Virtual size: 930B