18870f176869d0259602129de11aad16_JaffaCakes118

General

Target

18870f176869d0259602129de11aad16_JaffaCakes118
Size

22KB
MD5

18870f176869d0259602129de11aad16
SHA1

a7a13b0fb41c9cfaeeb8479c1e1e8404aacd09fd
SHA256

00f57a4c99edcdc72f10e891e72439bebbb897e2a06693e72fb3d32cbd63d827
SHA512

b035c270bd5dd3e80d5e146ea8d9d3d7805e15d1135c833b526ddb2c064b693a26a130d9985bcf4dcd1380c4473416f885cd7d0417eceee865785a97bb601c2d
SSDEEP

384:CbYrreCFvbZEYz6/+qTIWZtXizO7ymnawz0VSaiWjgp8s2bLLycWl/sl8:XrreCFvlYTTIW3r7ymaa0gWjjWNl/x

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
18870f176869d0259602129de11aad16_JaffaCakes118

Files

18870f176869d0259602129de11aad16_JaffaCakes118
.exe windows:4 windows x86 arch:x86

6dadfa97a3f706ececc4c5a2b9b4255c

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

_ctype
_execve
fgetc
_atoldbl
_futime64
_CIacos
_heapset
fprintf
localeconv
_wcslwr
_tzname
_adj_fdivr_m16i
wcslen
__lconv_init
getwc
__p__acmdln
wcsftime
_CIlog10
_wsplitpath
_lfind
puts
strerror
_access
_mbctolower
_adj_fprem

user32

EnumWindowStationsA
ChangeClipboardChain
ExcludeUpdateRgn

gdi32

SetBitmapDimensionEx
SetFontEnumeration
DeviceCapabilitiesExA
SetBkMode
GetDeviceGammaRamp
StrokePath
AbortPath
SetBrushOrgEx
PolyDraw

kernel32

SetSystemPowerState
GetBinaryTypeA
GetModuleHandleW
SetProcessWorkingSetSize
SetLocaleInfoW
GetStartupInfoW
GenerateConsoleCtrlEvent
SetConsoleDisplayMode
lstrcmpW
ExitVDM
lstrcmpA
VirtualFree
SetFileAttributesW
lstrcmpiW
VirtualAlloc
CmdBatNotification
SetNamedPipeHandleState
GetSystemTime
Sleep
MoveFileWithProgressW
DefineDosDeviceA
lstrlenA
MoveFileA
ExitThread
GetLocalTime
VirtualQuery
lstrcmpiA
GetModuleHandleA
lstrlenW
ExitProcess
FillConsoleOutputAttribute

shell32

InternalExtractIconListW

Sections

.text
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.kbsus
Size: 10KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.mbhf
Size: 6KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

6dadfa97a3f706ececc4c5a2b9b4255c

Headers

File Characteristics

Imports

msvcrt

user32

gdi32

kernel32

shell32

Sections

.text Size: 4KB - Virtual size: 4KB

.kbsus Size: 10KB - Virtual size: 20KB

.mbhf Size: 6KB - Virtual size: 16KB

.reloc Size: 1024B - Virtual size: 1KB

.text
Size: 4KB - Virtual size: 4KB

.kbsus
Size: 10KB - Virtual size: 20KB

.mbhf
Size: 6KB - Virtual size: 16KB

.reloc
Size: 1024B - Virtual size: 1KB