18635e935399262a8f8ff975c435edc5_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

18635e935399262a8f8ff975c435edc5_JaffaCakes118
Size

180KB
MD5

18635e935399262a8f8ff975c435edc5
SHA1

417a02d7fde37bee7da6447eba739b09ecbb93f4
SHA256

5925956158f3ca1ac91ceae6e866b344de8fe633884246e4dffe4c40ed36d42f
SHA512

97b027321c809744332b6127f057fee3e7365f6a012a365e17c5dabb754b6ff10dad01d08b9d0e525a4a4c8d7e86def4900f2dd17b754f1daeab5e9b143a4d6e
SSDEEP

3072:v8p2qXjl3h6R93JQ8vmOKO9eim1tvOSroicVJDll1bg:vPCaR3eiItFrotPpg

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
18635e935399262a8f8ff975c435edc5_JaffaCakes118

Files

18635e935399262a8f8ff975c435edc5_JaffaCakes118
.exe windows:4 windows x86 arch:x86

58a0393175deb1e85234ce0819542e8f

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

PostMessageA
EnumWindows
MessageBoxA
ShowWindow
EnumThreadWindows
GetWindowTextA
GetWindowPlacement
SetForegroundWindow

version

GetFileVersionInfoA
GetFileVersionInfoSizeA
VerQueryValueA

advapi32

OpenProcessToken
FreeSid
RegOpenKeyA
RegEnumKeyA
GetTokenInformation
AllocateAndInitializeSid
EqualSid
RegEnumKeyExA
RegQueryValueExA
RegQueryInfoKeyA
RegOpenKeyExA
OpenThreadToken
RegCloseKey
RegEnumValueA

kernel32

GetOEMCP
SetEndOfFile
CompareStringA
CompareStringW
SetEnvironmentVariableA
QueryPerformanceCounter
GetACP
VirtualProtect
CloseHandle
WriteFile
GetLastError
WideCharToMultiByte
ReadFile
CreateFileA
FileTimeToSystemTime
FileTimeToLocalFileTime
GlobalMemoryStatus
GetFileSize
FindFirstFileA
GetProcessTimes
OpenProcess
GetCurrentProcessId
GetSystemDirectoryA
GetCurrentProcess
GetCurrentThread
GetProcAddress
LoadLibraryA
FreeLibrary
GetTickCount
WaitForSingleObject
ReleaseMutex
MapViewOfFile
CreateFileMappingA
CreateMutexA
CreateSemaphoreA
GetDriveTypeA
GetLogicalDrives
GetVolumeInformationA
DeviceIoControl
CreateEventA
GetModuleHandleA
GetVersionExA
GetTimeZoneInformation
FindClose
UnmapViewOfFile
SetLastError
RtlUnwind
FindNextFileA
RaiseException
GetStartupInfoA
GetCommandLineA
HeapFree
HeapAlloc
GetSystemTimeAsFileTime
ExitProcess
TerminateProcess
LCMapStringA
MultiByteToWideChar
LCMapStringW
SetHandleCount
GetStdHandle
GetFileType
SetFilePointer
VirtualAlloc
GetSystemInfo
VirtualQuery
SetUnhandledExceptionFilter
GetModuleFileNameA
UnhandledExceptionFilter
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
HeapDestroy
HeapCreate
VirtualFree
HeapReAlloc
IsBadWritePtr
FlushFileBuffers
InterlockedExchange
HeapSize
SetStdHandle
GetLocaleInfoA
GetCPInfo
GetStringTypeA
GetStringTypeW
IsBadReadPtr
IsBadCodePtr
GetCurrentThreadId

shell32

ShellExecuteA

Sections

.text
Size: 124KB - Virtual size: 121KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 28KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 8KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 800B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 12KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.xur
Size: - Virtual size: 1B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

58a0393175deb1e85234ce0819542e8f

Headers

File Characteristics

Imports

user32

version

advapi32

kernel32

shell32

Sections

.text Size: 124KB - Virtual size: 121KB

.rdata Size: 28KB - Virtual size: 26KB

.data Size: 8KB - Virtual size: 20KB

.rsrc Size: 4KB - Virtual size: 800B

.reloc Size: 12KB - Virtual size: 10KB

.xur Size: - Virtual size: 1B

.text
Size: 124KB - Virtual size: 121KB

.rdata
Size: 28KB - Virtual size: 26KB

.data
Size: 8KB - Virtual size: 20KB

.rsrc
Size: 4KB - Virtual size: 800B

.reloc
Size: 12KB - Virtual size: 10KB

.xur
Size: - Virtual size: 1B