3a66bb4d73282758ad4653640f3c5dba_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

3a66bb4d73282758ad4653640f3c5dba_JaffaCakes118
Size

1.1MB
MD5

3a66bb4d73282758ad4653640f3c5dba
SHA1

1520eb788087d37337fb76c52d4c78b3f5d129e2
SHA256

e75944fe6ea18d3e3aa7f8bdc74fd0bf4df565d1848663b3c7b01bd265f0464d
SHA512

5dfa37a8b71340ab63715ce8c90f8a3857ed6d9ebd6b4e696e685e3dd338e3b1b2e03b21a87bd7a8067c25cb8c9c00205ad402527dad01eeba3de19444f78855
SSDEEP

24576:UlTRdq4mWx2eeJJTV62C4gQiF4NsLOTMEG:sNmWGPRi2Kun

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3a66bb4d73282758ad4653640f3c5dba_JaffaCakes118

Files

3a66bb4d73282758ad4653640f3c5dba_JaffaCakes118
.exe windows:4 windows x86 arch:x86

abcae9280e39d5d585d020b69ffc8c6d

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FindAtomA
CreateThread
FindFirstFileA
CreateDirectoryA
CopyFileA
SetLastError
GetStdHandle
CreateProcessA
GlobalFree
ReadFile
OpenFile
GetConsoleMode
CopyFileExW
CopyFileExA
GetCommandLineA
GetLastError
DeleteFileA
GetCPInfo
DeleteFileW
CreateDirectoryA
FindFirstFileA
FindAtomA
OpenFileMappingA
ExitThread
ReadConsoleA
Sleep
GetStdHandle
CopyFileExW
DeleteAtom
ReadFile
SetLastError
WriteFile
CopyFileW
CreateThread
CopyFileExA
GetFileSize
GetLastError
ExitThread
DeleteAtom
DeleteFileW
GetCPInfo
GetFileTime
CopyFileExA
CreateDirectoryA
DeleteFileA
CopyFileA
CreateProcessA
SetLastError
FindFirstFileA
CopyFileW
GetComputerNameA
GetCommandLineA
Sleep
ReadFile

user32

GetWindowTextA
DialogBoxParamW
LoadMenuA
IsMenu
DrawTextW
CopyIcon
AlignRects
GetWindowTextLengthA
IsWindow
DialogBoxParamA
GetCursor
CloseWindow
GetMenu
GetDlgItem
GetCursor
CloseWindow
DialogBoxParamA
CopyImage
DrawIcon
DrawIconEx
CopyRect
GetDC
BlockInput
GetWindowTextLengthA
CreateIcon
GetFocus
DialogBoxParamW
GetWindowTextA
AppendMenuW
IsMenu
CalcMenuBar
GetMenu
AppendMenuA
CopyImage
GetCursor
CopyIcon
CloseWindow
IsWindow
CopyRect
InsertMenuA
GetFocus
EndDialog
CreateIcon

comctl32

ImageList_AddMasked
ImageList_Draw
ImageList_Destroy
ImageList_GetImageCount
ImageList_Merge
ImageList_GetImageRect
InitCommonControls
ImageList_AddIcon
ImageList_DrawEx
ImageList_LoadImage
ImageList_LoadImageW
ImageList_BeginDrag
ImageList_Create
ImageList_EndDrag
ImageList_GetDragImage
ImageList_GetImageInfo
ImageList_DrawIndirect
ImageList_DragEnter

advapi32

RegDeleteKeyA
RegDeleteValueA
RegLoadKeyW
RegOpenKeyW
RegEnumKeyExW
RegQueryValueExW
RegOpenKeyA
RegQueryValueW
RegQueryValueExA
RegCreateKeyW
RegEnumKeyExA
RegReplaceKeyA
RegEnumKeyExW
RegOpenKeyW
RegOpenKeyA
RegCreateKeyExW
RegQueryValueExW
RegDeleteValueW
RegReplaceKeyW
RegEnumKeyA
RegEnumValueW
RegGetKeySecurity
RegOpenKeyExW
RegEnumValueA

Sections

.text
Size: 132KB - Virtual size: 131KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 940KB - Virtual size: 936KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 4KB - Virtual size: 1.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

abcae9280e39d5d585d020b69ffc8c6d

Headers

File Characteristics

Imports

kernel32

user32

comctl32

advapi32

Sections

.text Size: 132KB - Virtual size: 131KB

.data Size: 940KB - Virtual size: 936KB

.tls Size: 4KB - Virtual size: 4KB

.rdata Size: 8KB - Virtual size: 7KB

.idata Size: 8KB - Virtual size: 4KB

.rsrc Size: 4KB - Virtual size: 1.6MB

.text
Size: 132KB - Virtual size: 131KB

.data
Size: 940KB - Virtual size: 936KB

.tls
Size: 4KB - Virtual size: 4KB

.rdata
Size: 8KB - Virtual size: 7KB

.idata
Size: 8KB - Virtual size: 4KB

.rsrc
Size: 4KB - Virtual size: 1.6MB