18a05f0b23b322b6ea216e769e6cc480_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

18a05f0b23b322b6ea216e769e6cc480_JaffaCakes118
Size

207KB
MD5

18a05f0b23b322b6ea216e769e6cc480
SHA1

e65535665478bbb16094289e7243fb36712f5134
SHA256

81c9814c73c0e57ffd2415018a309fa3c0fff5f36f1750bd345fee22a1d3f3d5
SHA512

970cbba2961c8af49e6abfadd1f24cea09d6ca1f200e76f82ce5426fdb99ce33c739bd7a4eeeab44e93c8e2e22d7a999ae22a755b8197744b81de5a34bf0463d
SSDEEP

6144:F+urmAw8qouGsZO7fpAS8MiqHaOxKgbrSzOPLj5Z:MuaAwvPA7fpAmiq1J/kOPz

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
18a05f0b23b322b6ea216e769e6cc480_JaffaCakes118

Files

18a05f0b23b322b6ea216e769e6cc480_JaffaCakes118
.exe windows:4 windows x86 arch:x86

df2838d1aa63dd16c7457f4703923c8f

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LoadLibraryA
GetThreadLocale
GetLastError
GetLocalTime
VirtualAllocEx
GetFullPathNameA

user32

GetForegroundWindow
CharNextA
TranslateMDISysAccel
SetWindowsHookExA
PtInRect
RedrawWindow
EqualRect
GetDC
RegisterClassA
SetMenuItemInfoA
GetWindowThreadProcessId
GetClientRect
wsprintfA
RemoveMenu
GetTopWindow
IsDlgButtonChecked
WaitMessage
EnumWindows
CharUpperA
EnableMenuItem
IsWindowUnicode
IsWindowVisible
GetActiveWindow
SendMessageW
CloseClipboard
AdjustWindowRectEx
GetPropA
IsDialogMessageW
IsChild
IsDialogMessageA
IsRectEmpty
SetScrollPos
IsMenu
MessageBoxA
IsCharUpperA
GetWindowTextLengthA
GetCursorPos
LoadIconA
SetMenu
DrawIconEx
GetMenu
SetCapture
CallNextHookEx
DeleteMenu
GetClipboardData
GetKeyState
OemToCharA
KillTimer
InvalidateRect
MapWindowPoints
GetIconInfo
FrameRect
GetScrollRange
OffsetRect
CreateIcon
MapVirtualKeyA
UpdateWindow
InflateRect
GetKeyboardLayoutNameA
GetClassLongA
PeekMessageA
ClientToScreen
IsIconic
LoadKeyboardLayoutA

Exports

Exports

AKlfB6CkNaFF
SaLzqdcs75@20
_LFxjap
_ekLCPMGokVsoP@8
zCMEoRt0Y4
_X19jVXEQI7pJ
_xIM9vB@8

Sections

.text
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 189KB - Virtual size: 189KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data
.rdata
.rsrc/0/DIALOG/TEXTFILEDLG
.rsrc/0/MANIFEST/1
.xml
.rsrc/0/RCDATA/DVCLAL
.rsrc/0/STRING/4094
.rsrc/0/STRING/4095
.rsrc/1033/BITMAP/BBABORT.bmp
.rsrc/1033/version.txt
.text

Sharing

General

Malware Config

Signatures

Files

df2838d1aa63dd16c7457f4703923c8f

Headers

File Characteristics

Imports

kernel32

user32

Exports

Exports

Sections

.text Size: 8KB - Virtual size: 7KB

.rdata Size: 3KB - Virtual size: 3KB

.data Size: 189KB - Virtual size: 189KB

.rsrc Size: 5KB - Virtual size: 4KB

.text
Size: 8KB - Virtual size: 7KB

.rdata
Size: 3KB - Virtual size: 3KB

.data
Size: 189KB - Virtual size: 189KB

.rsrc
Size: 5KB - Virtual size: 4KB