4168711b589d31b65aa0defe11db9a3a_JaffaCakes118

General

Target

4168711b589d31b65aa0defe11db9a3a_JaffaCakes118
Size

178KB
MD5

4168711b589d31b65aa0defe11db9a3a
SHA1

203879fd64e7da522c84b532bc6717e78fd1cce4
SHA256

e44ac7b5a37ccff4bfe2232e8096b4ecb5b868f026f681e093ded7d8e0a8e02b
SHA512

ec817a1d5ac91a2448a9bd4e4f51f9070b6729c5432455705bab3ac29deb9d1baae2fd88eb8b54bb9397addff76af13c42b124764ed84c27c33e6cb69252ef18
SSDEEP

3072:QYw7LN+zqrR/uP5OstwayEn92tw2b1AO9rZIF:a7+qEP5Q6ww2pASY

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4168711b589d31b65aa0defe11db9a3a_JaffaCakes118

Files

4168711b589d31b65aa0defe11db9a3a_JaffaCakes118
.exe windows:5 windows x86 arch:x86

3c8daa27da60320eb1d605999afbe227

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ExitThread
DeleteFileW
ExitProcess

advapi32

RegQueryValueA
RegOpenKeyA
RegEnumValueW
RegCreateKeyA
RegOpenKeyExA
RegEnumKeyExA
RegFlushKey
RegDeleteValueW
RegQueryInfoKeyA
RegOpenKeyW
RegGetKeySecurity
RegDeleteKeyA
RegCreateKeyA
RegQueryValueExA
RegCreateKeyExA
RegEnumKeyExW
RegCreateKeyW
RegCreateKeyA
RegCreateKeyA
RegEnumKeyA
RegEnumKeyExA
RegCreateKeyExA
RegOpenKeyExW
RegOpenKeyA
RegQueryInfoKeyA
RegGetKeySecurity
RegDeleteKeyW
RegQueryValueW
RegGetKeySecurity
RegCreateKeyA
RegQueryValueExA
RegOpenKeyExW
RegDeleteKeyA
RegDeleteValueA
RegCreateKeyExW
RegEnumKeyW
RegFlushKey

user32

IsMenu
GetScrollInfo
IsWindow
CloseWindow
DialogBoxParamA
GetWindowTextA
CopyIcon
CopyRect

Sections

.ggdi
Size: 13KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.leih
Size: 24KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.fbng
Size: 129KB - Virtual size: 409KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ

.cdhp
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.ddla
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

3c8daa27da60320eb1d605999afbe227

Headers

File Characteristics

Imports

kernel32

advapi32

user32

Sections

.ggdi Size: 13KB - Virtual size: 12KB

.leih Size: 24KB - Virtual size: 24KB

.fbng Size: 129KB - Virtual size: 409KB

.cdhp Size: 3KB - Virtual size: 3KB

.ddla Size: 7KB - Virtual size: 6KB

.ggdi
Size: 13KB - Virtual size: 12KB

.leih
Size: 24KB - Virtual size: 24KB

.fbng
Size: 129KB - Virtual size: 409KB

.cdhp
Size: 3KB - Virtual size: 3KB

.ddla
Size: 7KB - Virtual size: 6KB