18851f6503bdf2e6a72f8ed0e22cd1f5_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

18851f6503bdf2e6a72f8ed0e22cd1f5_JaffaCakes118
Size

63KB
MD5

18851f6503bdf2e6a72f8ed0e22cd1f5
SHA1

54b89fb910b435b45c798e59e78198c7b2f1fa0c
SHA256

9f3ea3b960720996e18d55ae632a94ab215c636b2a2abd225b2fe302772b212b
SHA512

6e56cf41952116b4ba7209225caec7e971c03091c48774a00e10f81afaf2dc8098a433bf72f1c99ffbb3d94645fb83267c13d86c057f6c27c5ae941bca4a7b51
SSDEEP

1536:h8VJ/G9P1czC4KIJZe2TN0fbcjYuwoZt1gVvFkrKQsnSFG:hIo1SHJZe2TNfwDtkrKQsnSFG

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
18851f6503bdf2e6a72f8ed0e22cd1f5_JaffaCakes118

Files

18851f6503bdf2e6a72f8ed0e22cd1f5_JaffaCakes118
.exe windows:4 windows x86 arch:x86

421e30e565fc1190c43c0505b1031c41

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

ChangeServiceConfig2A
RegCreateKeyExA
RegDeleteKeyA
RegFlushKey
RegOpenKeyA
RegSetValueExA
StartServiceCtrlDispatcherA

kernel32

CloseHandle
CreateDirectoryA
CreateEventA
CreateFileA
CreateMutexA
DeleteAtom
DisableThreadLibraryCalls
EnterCriticalSection
ExitProcess
ExitThread
FindClose
FindFirstFileA
FormatMessageA
FreeLibrary
GetCPInfo
GetCommandLineA
GetConsoleOutputCP
GetCurrentProcess
GetCurrentProcessId
GetCurrentThread
GetCurrentThreadId
GetDateFormatA
GetEnvironmentStringsA
GetFileType
GetFullPathNameA
GetLastError
GetLocaleInfoA
GetModuleFileNameA
GetModuleHandleA
GetPrivateProfileSectionNamesA
GetProcAddress
GetProcessHeap
GetStdHandle
GetSystemDirectoryA
GetThreadLocale
GetTimeZoneInformation
GetVersion
GetVersionExA
GetWindowsDirectoryA
GlobalFree
HeapAlloc
HeapDestroy
HeapFree
HeapReAlloc
InitializeCriticalSection
InterlockedCompareExchange
InterlockedExchange
InterlockedIncrement
IsBadReadPtr
IsDebuggerPresent
IsValidCodePage
LoadLibraryA
LocalFree
Module32First
Module32Next
MoveFileA
OpenEventA
QueryPerformanceCounter
ReleaseMutex
ResetEvent
RtlUnwind
SetCurrentDirectoryA
SetFileTime
SetStdHandle
SetThreadPriority
SizeofResource
Sleep
SuspendThread
TlsGetValue
VirtualAlloc
VirtualFree
WaitForSingleObject
lstrcatA
lstrcmpA
lstrcpyA
lstrlenA

user32

BeginPaint
CallNextHookEx
DefWindowProcA
DialogBoxParamA
DispatchMessageA
DrawTextA
EnableMenuItem
GetActiveWindow
GetDlgCtrlID
GetMessageA
GetSystemMetrics
GetWindowLongA
GetWindowRect
GetWindowTextA
GetWindowTextLengthA
InvalidateRect
IsChild
LoadImageA
MapWindowPoints
MessageBeep
MessageBoxA
OffsetRect
PeekMessageA
RegisterClipboardFormatA
SetFocus
SetWindowLongA
SystemParametersInfoA
UnhookWindowsHookEx
WinHelpA

version

GetFileVersionInfoA
GetFileVersionInfoSizeA
VerQueryValueA

Sections

.text
Size: 26KB - Virtual size: 28KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.CRT
Size: 15KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 3KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.edata
Size: 15KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

421e30e565fc1190c43c0505b1031c41

Headers

File Characteristics

Imports

advapi32

kernel32

user32

version

Sections

.text Size: 26KB - Virtual size: 28KB

.CRT Size: 15KB - Virtual size: 24KB

.data Size: 512B - Virtual size: 4KB

.rdata Size: 512B - Virtual size: 4KB

.idata Size: 3KB - Virtual size: 4KB

.edata Size: 15KB - Virtual size: 16KB

.rsrc Size: 1024B - Virtual size: 4KB

.text
Size: 26KB - Virtual size: 28KB

.CRT
Size: 15KB - Virtual size: 24KB

.data
Size: 512B - Virtual size: 4KB

.rdata
Size: 512B - Virtual size: 4KB

.idata
Size: 3KB - Virtual size: 4KB

.edata
Size: 15KB - Virtual size: 16KB

.rsrc
Size: 1024B - Virtual size: 4KB