4013d635781a4d6525402a3db8bc8055_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

4013d635781a4d6525402a3db8bc8055_JaffaCakes118
Size

148KB
MD5

4013d635781a4d6525402a3db8bc8055
SHA1

695cae31106d573e77bd32bb4c9c22c7c6d0941b
SHA256

dbd8b847bb2a9732e4e6c50514b8e82044c32fc8fbaa1870fe320b66dd87fd75
SHA512

b8f8010311ff95ab7e9196ab48265388a013780fab128ca90177aa6586b466a5ce3728e5e6ebbf16a859b6fa8021d696a5fe4ade20aceadf783b3dd70e4c301e
SSDEEP

3072:blaIkvVjGcMCbUGpm2b/kXV341falnrRKRKhkyel8aeih:bk9jG4UGpm2bMXBialnrRZkff

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4013d635781a4d6525402a3db8bc8055_JaffaCakes118

Files

4013d635781a4d6525402a3db8bc8055_JaffaCakes118
.exe windows:4 windows x86 arch:x86

9f5ca2d34ef184708096ce254d8d5fd6

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RegEnumKeyA
RegCreateKeyExW
RegQueryInfoKeyW
RegEnumValueA
RegDeleteValueA
RegQueryValueExW
RegCreateKeyExA
RegOpenKeyExA
RegQueryValueA
RegGetKeySecurity
RegEnumKeyExW
RegEnumKeyW
RegDeleteKeyW
RegEnumKeyExA
RegQueryInfoKeyA
RegOpenKeyA
RegQueryValueExA

user32

GetDC
CalcMenuBar
AppendMenuW
DialogBoxParamW
LoadMenuA
GetMenu
AppendMenuA
DrawTextA
CopyImage
DrawIcon
DrawIconEx
GetWindowTextLengthA
CopyRect
EndDialog
AlignRects
IsMenu
IsWindow
InsertMenuA
LoadCursorA
GetWindowTextA
BlockInput
InsertMenuA
GetMenu
CopyImage
GetFocus
DrawIconEx
AppendMenuA
GetDlgItem
LoadCursorA
GetWindowTextLengthA
DrawTextA
CopyIcon
EndDialog
CopyRect
DialogBoxParamW
CalcMenuBar
GetWindowTextA
IsMenu

comctl32

ImageList_Create
ImageList_DragMove
ImageList_DragLeave
ImageList_AddIcon
ImageList_GetImageCount
ImageList_EndDrag
ImageList_GetIcon
ImageList_GetImageInfo
ImageList_Read
ImageList_LoadImageA
ImageList_Merge
ImageList_ReplaceIcon
ImageList_DrawEx
ImageList_GetImageRect
InitCommonControls
ImageList_Copy
ImageList_LoadImage

kernel32

DeleteFileA
lstrlenA
GetCPInfo
GetStringTypeA
CloseHandle
HeapAlloc
lstrcatA
HeapFree
FreeLibrary
GetCommandLineA
GetModuleFileNameA
lstrcmpiA
GetFileSize
GetFileAttributesA
lstrcpyA
GetLocalTime
GetFileType
lstrcmpA
GetModuleHandleA

Sections

.uJxr
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.LeXu
Size: 122KB - Virtual size: 122KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.FxFqZ
Size: 2KB - Virtual size: 50KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.vEhH
Size: 2KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.jnBpD
Size: 1024B - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

9f5ca2d34ef184708096ce254d8d5fd6

Headers

File Characteristics

Imports

advapi32

user32

comctl32

kernel32

Sections

.uJxr Size: 16KB - Virtual size: 15KB

.LeXu Size: 122KB - Virtual size: 122KB

.FxFqZ Size: 2KB - Virtual size: 50KB

.vEhH Size: 2KB - Virtual size: 3KB

.jnBpD Size: 1024B - Virtual size: 2KB

.uJxr
Size: 16KB - Virtual size: 15KB

.LeXu
Size: 122KB - Virtual size: 122KB

.FxFqZ
Size: 2KB - Virtual size: 50KB

.vEhH
Size: 2KB - Virtual size: 3KB

.jnBpD
Size: 1024B - Virtual size: 2KB