54b880f7ea9282eadcd5f91bddf2cac8_JaffaCakes118

General

Target

54b880f7ea9282eadcd5f91bddf2cac8_JaffaCakes118
Size

117KB
MD5

54b880f7ea9282eadcd5f91bddf2cac8
SHA1

3197068fa7093fc27efd51cfa6b230f54c8c39a5
SHA256

d6df18d1c29787d6854fcfdc89b305ed15ec5343cd2023faff4acca2b514b3c6
SHA512

b14bf85799850b3a885c8d31053cdd4e4bde29fcc5bb143b1ac11070ccaee1c9cfc7f3cc0d5b241c2b05397e2add98c6eba120577073d4b2a6b15addf128a4a3
SSDEEP

3072:6lfIMKZntzYLrJFOpQjx8/wVERbXiqudg8zlYrmv/:ufMZtzYLrLO+x8IuRbXiLdg8Yiv/

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
54b880f7ea9282eadcd5f91bddf2cac8_JaffaCakes118

Files

54b880f7ea9282eadcd5f91bddf2cac8_JaffaCakes118
.exe windows:4 windows x86 arch:x86

46424c07c994f1880965ee4126a7fc24

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

CopyRect
LoadCursorA
CalcMenuBar
AppendMenuA
AppendMenuW
CreateIcon
InsertMenuA
CopyIcon
DrawTextW
GetDC
DialogBoxParamA
DialogBoxParamW
DrawTextA
EndDialog
GetDlgItem
DrawIcon
IsMenu
BlockInput

advapi32

RegFlushKey
RegQueryValueExW
RegQueryValueA
RegReplaceKeyW
RegCreateKeyExA
RegQueryInfoKeyA
RegDeleteKeyW
RegOpenKeyA
RegEnumKeyA
RegEnumValueW
RegQueryValueW
RegDeleteValueA
RegOpenKeyExA
RegOpenKeyExW
RegGetKeySecurity
RegLoadKeyW

kernel32

GetFileSize
GetStringTypeA
GetLocalTime
GetLastError
CloseHandle
lstrcmpiA
lstrcpyA
lstrcmpA
lstrcpynA
HeapFree
WideCharToMultiByte
GetModuleHandleA
DeleteFileA
GlobalAlloc
GetCommandLineA
lstrcatA
GetStringTypeW

comctl32

ImageList_DragEnter
ImageList_EndDrag
ImageList_LoadImageA
ImageList_DragLeave
ImageList_DrawIndirect
ImageList_ReplaceIcon
ImageList_DragShowNolock
ImageList_DrawEx
ImageList_LoadImageW
InitCommonControls
ImageList_Replace
ImageList_DragMove
ImageList_GetImageCount
ImageList_BeginDrag
ImageList_Copy
ImageList_Remove
ImageList_LoadImage

Sections

.ILcdE
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.zlwVi
Size: 95KB - Virtual size: 94KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.TWRxMi
Size: 4KB - Virtual size: 144KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.QyXgGU
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

46424c07c994f1880965ee4126a7fc24

Headers

File Characteristics

Imports

user32

advapi32

kernel32

comctl32

Sections

.ILcdE Size: 11KB - Virtual size: 10KB

.zlwVi Size: 95KB - Virtual size: 94KB

.TWRxMi Size: 4KB - Virtual size: 144KB

.QyXgGU Size: 2KB - Virtual size: 2KB

.ILcdE
Size: 11KB - Virtual size: 10KB

.zlwVi
Size: 95KB - Virtual size: 94KB

.TWRxMi
Size: 4KB - Virtual size: 144KB

.QyXgGU
Size: 2KB - Virtual size: 2KB