5749266f7e06935bc85f5d4e50c049e8_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

5749266f7e06935bc85f5d4e50c049e8_JaffaCakes118
Size

215KB
MD5

5749266f7e06935bc85f5d4e50c049e8
SHA1

02d7c8bfc7e16dc960fb34ea5d5ae9fcbb555566
SHA256

7980b3de042b8f38480f206a79b5f276742a9898ccc63c67e05be15eb749f016
SHA512

26c6c509194135d6c31e8cb1c275f933ecfcacaf5775996c2cc3ff30bef14bab7e675c20c81742ecacac68fabe959b58853e098f206a20c5269bc05c180ac683
SSDEEP

3072:T3GDyPXPqE+y+uPX1CDTy9cxdENTBPIuoxjaMnel7WSTfC1CErgFjkP:HPfqE+yLX1CDgc7Ef8xja/9TfYCEra4

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5749266f7e06935bc85f5d4e50c049e8_JaffaCakes118

Files

5749266f7e06935bc85f5d4e50c049e8_JaffaCakes118
.exe windows:4 windows x86 arch:x86

3e5d4a74a8f4bb90fe9bd361a8943d70

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

advapi32

RegCreateKeyExW
RegOpenKeyExA
RegQueryValueExA
RegQueryValueW

kernel32

ConvertThreadToFiber
CreateFileW
ExitProcess
InitializeCriticalSection
SetUnhandledExceptionFilter
TlsSetValue

msvcrt

__getmainargs
__p__environ
__p__fmode
__set_app_type
_cexit
_iob
_onexit
_setmode
abort
atexit
memcpy
signal
strcpy
wcscpy

user32

AppendMenuW
ChildWindowFromPoint
CreateIconIndirect
CreatePopupMenu
DefMDIChildProcW
DestroyCursor
DestroyIcon
DispatchMessageW
DrawFrameControl
DrawStateW
EnableMenuItem
EndPaint
EnumClipboardFormats
EnumWindows
GetCapture
GetClassNameW
GetClipboardData
GetClipboardFormatNameW
GetDC
GetFocus
GetForegroundWindow
GetKeyState
GetMessagePos
GetSysColor
GetSystemMenu
GetUpdateRect
GetWindowTextW
InvalidateRect
IsDialogMessageW
IsWindow
LoadImageW
MessageBeep
MessageBoxW
MoveWindow
OffsetRect
OpenClipboard
PostMessageW
PtInRect
RedrawWindow
RegisterClassW
ReleaseCapture
SetCapture
SetForegroundWindow
SetParent
SetWindowPos
ShowWindow
UnregisterHotKey
UpdateWindow
ValidateRect

Sections

.text
Size: 15KB - Virtual size: 15KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 148B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 1024B - Virtual size: 576B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 32KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

3e5d4a74a8f4bb90fe9bd361a8943d70

Headers

File Characteristics

Imports

advapi32

kernel32

msvcrt

user32

Sections

.text Size: 15KB - Virtual size: 15KB

.data Size: 512B - Virtual size: 148B

.idata Size: 2KB - Virtual size: 2KB

.rdata Size: 1024B - Virtual size: 576B

.bss Size: - Virtual size: 32KB

.rsrc Size: 4KB - Virtual size: 3KB

.text
Size: 15KB - Virtual size: 15KB

.data
Size: 512B - Virtual size: 148B

.idata
Size: 2KB - Virtual size: 2KB

.rdata
Size: 1024B - Virtual size: 576B

.bss
Size: - Virtual size: 32KB

.rsrc
Size: 4KB - Virtual size: 3KB