18a752131bf9770050613d030dc62125_JaffaCakes118

General

Target

18a752131bf9770050613d030dc62125_JaffaCakes118
Size

60KB
MD5

18a752131bf9770050613d030dc62125
SHA1

ba8150c2f8d2d3af1686a3379c731dd953ba676c
SHA256

9e9e3bda2d3d5eab139e58aa54b92b4efb871f78fe28dd6eff430acd4fdf2664
SHA512

ceab12caaedf56efdd984fafb52fce5bdf20d102ad8e08d3eefb2c3257555f455eec950d9dc46008ce28d549a2378e5c1883c8ea5fca4533ba85f54d4f913284
SSDEEP

1536:PHrdMt13ncUi/Zz87audJ1tdCvhJfMp/LsHSXEKLc+2SdW1:fhMttcUiBz2zhdCZJfMOSrLW

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
18a752131bf9770050613d030dc62125_JaffaCakes118

Files

18a752131bf9770050613d030dc62125_JaffaCakes118
.exe windows:4 windows x86 arch:x86

e8c9cfe00f86544cf23e8a9a9bce46d6

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

WideCharToMultiByte
GlobalLock
GetProcAddress
GetCurrentThread
GetPrivateProfileStringW
lstrlenW
LoadLibraryA
Sleep
SetThreadPriority
GetUserDefaultLangID
GetCurrentThreadId
GlobalUnlock
FreeLibrary
GetFileAttributesExW
GetCurrentProcess
FindResourceExW
GlobalDeleteAtom
SetLastError
FindClose
InterlockedIncrement
GlobalAddAtomW
CancelWaitableTimer
SuspendThread
CreateWaitableTimerW
GetCurrentProcessId
GlobalAlloc

user32

GetClassNameW
EnableWindow
GetKeyState
SetWindowTextW
DrawTextW
SetCursorPos
WindowFromPoint
GetWindowThreadProcessId
MessageBoxW
DestroyIcon
LoadStringW
SetCursor
PostMessageW
FillRect
EndDialog
UpdateWindow
VkKeyScanW
GetMessageW
GetDlgItem
DefWindowProcW
PostThreadMessageW
RedrawWindow
LoadIconW
DialogBoxParamW
DestroyMenu
GetWindowRect
SystemParametersInfoW

gdi32

GetObjectW
CreateDCW
CreateBitmap
CreateFontIndirectW
SetBkColor
GetDeviceCaps

advapi32

RegDeleteValueW
InitializeSecurityDescriptor

Sections

.text
Size: 48KB - Virtual size: 46KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 1016B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

e8c9cfe00f86544cf23e8a9a9bce46d6

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

Sections

.text Size: 48KB - Virtual size: 46KB

.rdata Size: 4KB - Virtual size: 1KB

.data Size: 4KB - Virtual size: 1016B

.text
Size: 48KB - Virtual size: 46KB

.rdata
Size: 4KB - Virtual size: 1KB

.data
Size: 4KB - Virtual size: 1016B