18602e3fb8c739feba286d5996a989a9_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

18602e3fb8c739feba286d5996a989a9_JaffaCakes118
Size

176KB
MD5

18602e3fb8c739feba286d5996a989a9
SHA1

56543151b01e9a00dbda836df1d1d718c31c3092
SHA256

d1ce69c5fc34d3416c0eeb8dac05cbc663c36ef6fc130de4fea77a65d5fac902
SHA512

cb794444fbdf057bcc825510dbf017d30c995d1c87ad2f9021d4afe718ce5f52ab93046bb16664800355c922a8b9d3d457836d5d91b8f6aa4125e7c783bcaafa
SSDEEP

3072:+r7X5P0wL4TJgjflt9smv6XQdfZJazLElEzG/71ILqmMiWnkh:mtPtL4TJgj/9ogfuzKz15n6

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
18602e3fb8c739feba286d5996a989a9_JaffaCakes118

Files

18602e3fb8c739feba286d5996a989a9_JaffaCakes118
.exe windows:4 windows x86 arch:x86

6a0a25ebde8be91908a7f126b4237332

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RegQueryValueExW
RegCloseKey
RegSetValueExW
RegCreateKeyW
RegOpenKeyExW
RegSetValueW
RegDeleteKeyW
RegEnumKeyExW

comctl32

ImageList_DragMove
ImageList_DragLeave
ImageList_DragEnter

gdiplus

GdipGetImageWidth
GdipGetImagePixelFormat
GdipGetImageHeight
GdipCreateBitmapFromFile
GdipDisposeImage

gdi32

CreateDCW
SetStretchBltMode
StretchBlt
CreateDIBSection
GetObjectType
BitBlt
SelectObject
LineTo
CreatePen
DeleteDC
CreateCompatibleDC
CreateBitmap

kernel32

LocalFree
WaitCommEvent
CloseHandle
LocalAlloc
GlobalAlloc
GetModuleFileNameA
WaitCommEvent
GetFullPathNameW
CreateFileW
GetVersionExA
ExitProcess
EnumResourceNamesW
DisableThreadLibraryCalls
ReadFile
GetTickCount
GetSystemTimeAsFileTime
GlobalLock
ExitProcess
GetCurrentProcessId
GetCurrentThreadId
LoadLibraryW
GlobalUnlock

user32

ClipCursor
EnableWindow
TrackPopupMenuEx
GetDesktopWindow
CreatePopupMenu
InvalidateRect
RedrawWindow
FindWindowA
GetFocus
DestroyMenu
SetParent
LoadCursorW
SetCursor
SetWindowPos
IsWindow
PtInRect

msimg32

AlphaBlend
TransparentBlt

winmm

timeGetTime

ole32

CoInitialize
CoFreeUnusedLibraries
CoUninitialize
StringFromGUID2
CoCreateInstance

Sections

.text
Size: 134KB - Virtual size: 133KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 38KB - Virtual size: 38KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsr
Size: 512B - Virtual size: 336KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

6a0a25ebde8be91908a7f126b4237332

Headers

File Characteristics

Imports

advapi32

comctl32

gdiplus

gdi32

kernel32

user32

msimg32

winmm

ole32

Sections

.text Size: 134KB - Virtual size: 133KB

.rdata Size: 2KB - Virtual size: 2KB

.data Size: 38KB - Virtual size: 38KB

.rsr Size: 512B - Virtual size: 336KB

.text
Size: 134KB - Virtual size: 133KB

.rdata
Size: 2KB - Virtual size: 2KB

.data
Size: 38KB - Virtual size: 38KB

.rsr
Size: 512B - Virtual size: 336KB