3bfc72ddc7173b9ad89160ba9978ac89_JaffaCakes118

General

Target

3bfc72ddc7173b9ad89160ba9978ac89_JaffaCakes118
Size

128KB
MD5

3bfc72ddc7173b9ad89160ba9978ac89
SHA1

74866f502f23690219a12775a0dc6307bdbb4f59
SHA256

dd6b3e09c243fea70b8b2ea7186da6a7665c56750c6a565e604324c2196f22c9
SHA512

24864431d5992461659d41a5d92d1ece371c5570ccff2c9c4c6bbca939d289333ce2def06763d60ca7c70177775f9b472e22f7b15ef8780bdc2e102978f2f825
SSDEEP

1536:NX7Q4xVbn6qXZ6HjUE0tUHMxejaTpYDTdK6kU+j:xE4t6qgjaxSwYDTAVl

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3bfc72ddc7173b9ad89160ba9978ac89_JaffaCakes118

Files

3bfc72ddc7173b9ad89160ba9978ac89_JaffaCakes118
.exe windows:5 windows x86 arch:x86

26f9142db598f88f98830421fcf06de3

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RegDeleteKeyW
RegCreateKeyA
RegOpenKeyExW
RegQueryValueW
RegCreateKeyA
RegGetKeySecurity
RegEnumValueW
RegEnumValueA
RegLoadKeyW

kernel32

ExitProcess
FormatMessageA
DeleteFileW
GetFileType
lstrcmpA
GetCPInfo
GetLastError
lstrlenA
WriteFile
CreateDirectoryA
GetCPInfo
CompareStringA
HeapFree
HeapAlloc
GetFileType
GetLastError
GetFileTime
DeleteFileW

user32

GetMenu
GetCursor
IsWindow
GetDC
CopyIcon
DialogBoxParamA
DrawTextA
GetFocus
AlignRects
CloseWindow
DialogBoxParamW
LoadCursorA
AppendMenuW
CopyIcon
DrawTextW
InsertMenuA
IsMenu

Sections

.ndnm
Size: 13KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.pgllj
Size: 26KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.eebn
Size: 79KB - Virtual size: 351KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.doafb
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.eenek
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 571B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

26f9142db598f88f98830421fcf06de3

Headers

File Characteristics

Imports

advapi32

kernel32

user32

Sections

.ndnm Size: 13KB - Virtual size: 12KB

.pgllj Size: 26KB - Virtual size: 26KB

.eebn Size: 79KB - Virtual size: 351KB

.doafb Size: 1KB - Virtual size: 1KB

.eenek Size: 5KB - Virtual size: 5KB

.rsrc Size: 1024B - Virtual size: 571B

.ndnm
Size: 13KB - Virtual size: 12KB

.pgllj
Size: 26KB - Virtual size: 26KB

.eebn
Size: 79KB - Virtual size: 351KB

.doafb
Size: 1KB - Virtual size: 1KB

.eenek
Size: 5KB - Virtual size: 5KB

.rsrc
Size: 1024B - Virtual size: 571B