419c9b51b5c320bc71ff8077db31db35_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

419c9b51b5c320bc71ff8077db31db35_JaffaCakes118
Size

87KB
MD5

419c9b51b5c320bc71ff8077db31db35
SHA1

a6600f300f9c0276c34198515d026f0ac52193ef
SHA256

1e5a4bc9cd0bd6d98344d701fd325c6d36098e741101729c67f601e86212ecdd
SHA512

dfe900f2e9449c62374b6e1b543e48621cf69beac35b377fecee3f72cce3341cef54c03bf9d906d30dd75872c72d0ec6113e0e3abca814fc18094ab1cce278e0
SSDEEP

1536:vxTePoMsQ/Q/k7iwMBy0GN8Zpm/VXVdErzTlPP:vp4obo0VpoVDEvTJ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
419c9b51b5c320bc71ff8077db31db35_JaffaCakes118

Files

419c9b51b5c320bc71ff8077db31db35_JaffaCakes118
.exe windows:4 windows x86 arch:x86

9516c748dd3070d94d1e8963603ed75e

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

Sleep
GetLogicalDrives
GetFileAttributesA
WideCharToMultiByte
GlobalFree
GetFileSize
GetLastError
DeleteFileA
HeapFree
GetOEMCP
GetFileType
GetModuleFileNameA
GetCommandLineA
lstrcmpiA
GetCPInfo
lstrcmpA
HeapAlloc
FreeLibrary
lstrcpyA
lstrcatA
GetModuleHandleA
FreeConsole
GetLocalTime
FreeConsole
GetStringTypeA
FreeConsole
GetLastError
FreeConsole
lstrcatA
FreeConsole
GlobalAlloc
FreeConsole
GetLogicalDrives
FreeConsole
GetCPInfo
FreeConsole
GetFileSize
FreeConsole
GetCommandLineW
FreeConsole

user32

BlockInput
GetFocus
CloseWindow
IsMenu
DialogBoxParamW
AppendMenuA
AlignRects
GetDlgItem
DialogBoxParamA
CopyRect
GetMenu
DrawIcon
IsWindow
CalcMenuBar
LoadMenuA
CopyIcon
CopyImage
DrawIconEx

advapi32

RegOpenKeyW
RegDeleteKeyA
RegOpenKeyExA
RegOpenKeyExW
RegDeleteKeyW
RegEnumValueA
RegCreateKeyExW
RegOpenKeyA
RegEnumKeyExW
RegDeleteValueA
RegGetKeySecurity
RegEnumKeyW
RegEnumValueW
RegQueryInfoKeyW
RegQueryValueExA
RegQueryValueExW
RegQueryInfoKeyA
RegDeleteValueW

Sections

.tdxt
Size: 18KB - Virtual size: 18KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdaaa
Size: 45KB - Virtual size: 45KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 11KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.raaoc
Size: 4KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idaaa
Size: 3KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

9516c748dd3070d94d1e8963603ed75e

Headers

File Characteristics

Imports

kernel32

user32

advapi32

Sections

.tdxt Size: 18KB - Virtual size: 18KB

.rdaaa Size: 45KB - Virtual size: 45KB

.edata Size: 11KB - Virtual size: 26KB

.raaoc Size: 4KB - Virtual size: 7KB

.idaaa Size: 3KB - Virtual size: 1KB

.rsrc Size: 1024B - Virtual size: 4KB

.tdxt
Size: 18KB - Virtual size: 18KB

.rdaaa
Size: 45KB - Virtual size: 45KB

.edata
Size: 11KB - Virtual size: 26KB

.raaoc
Size: 4KB - Virtual size: 7KB

.idaaa
Size: 3KB - Virtual size: 1KB

.rsrc
Size: 1024B - Virtual size: 4KB