18396cf73edb521f92eb8538cd9c042d_JaffaCakes118

General

Target

18396cf73edb521f92eb8538cd9c042d_JaffaCakes118
Size

304KB
MD5

18396cf73edb521f92eb8538cd9c042d
SHA1

0e0a0a9c4d48da36a3ee7aebdc2c09737243f3fc
SHA256

b9d32fd9d3e832e42bdbe3eb25b1006522600e8537a9f928699e6ced680cf014
SHA512

2438bb49cf689cc5662109b7b4b494daa3d92b82714a350346ac2a44339f16797cf1fda65deb8469d70d8fe0c9df867fdea7d960efdbd596cd79f44d5431c607
SSDEEP

6144:qcZSGsu+56HEAlHCr0xZ9L3u2U8/vs3hVXh++hAn3MwFjI1cxj48iJtP6:MfEkKbM8/UhVXY+hAn3MGjI1O48

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
18396cf73edb521f92eb8538cd9c042d_JaffaCakes118

Files

18396cf73edb521f92eb8538cd9c042d_JaffaCakes118
.exe windows:4 windows x86 arch:x86

40275a61348febdf3d3ccc240e2c8e89

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrcpyW
SetThreadPriority
ResetEvent
WideCharToMultiByte
WaitForMultipleObjects
GetDriveTypeW
DeleteFileW
GlobalFree
FindFirstChangeNotificationW
SetWaitableTimer
WriteFile
GetCommandLineW
GetProcessHeap
HeapAlloc
HeapFree
HeapSize
IsBadReadPtr
LoadLibraryA
VirtualAlloc
VirtualFree
VirtualProtect
LoadLibraryW
GetModuleFileNameW
FreeResource
GetProcAddress
GetTickCount
GetLocalTime
SetEvent
ReadFile
GlobalAddAtomW
FindResourceExW
CreateFileW
FreeLibrary
lstrlenW
TerminateThread
FindClose
GetFileAttributesW
ExitProcess
GetCurrentProcessId

user32

SetWindowTextW
GetKeyState
DrawTextW
MessageBoxW
SetCursorPos
FillRect
UpdateWindow
TranslateMessage
SetLayeredWindowAttributes
DialogBoxParamW
LoadImageW
DefWindowProcW
VkKeyScanW
RegisterHotKey
RedrawWindow
GetSysColor
SystemParametersInfoW
SetForegroundWindow

gdi32

CreateCompatibleBitmap
SelectObject
BitBlt
SetMapMode
CreateICW
StretchBlt
SetBkColor
LineTo
SetBkMode
CreateSolidBrush
Rectangle
GetObjectW
GetMapMode
GetStockObject

advapi32

StartServiceW
RegSetValueExW

oleaut32

SysFreeString
OleLoadPicture

Sections

.text
Size: 284KB - Virtual size: 283KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

40275a61348febdf3d3ccc240e2c8e89

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

oleaut32

Sections

.text Size: 284KB - Virtual size: 283KB

.rdata Size: 4KB - Virtual size: 1KB

.data Size: 12KB - Virtual size: 8KB

.text
Size: 284KB - Virtual size: 283KB

.rdata
Size: 4KB - Virtual size: 1KB

.data
Size: 12KB - Virtual size: 8KB