18b910bbd79596143ce33a47fb7a188e_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

18b910bbd79596143ce33a47fb7a188e_JaffaCakes118
Size

132KB
MD5

18b910bbd79596143ce33a47fb7a188e
SHA1

c106927dcb27239de6b49769966947276d7b9483
SHA256

e299d72737578a422997c6b1dc59e41227a9ca7c6c032714de615b7ee9e2f7b8
SHA512

47426dc3db9067b727f31c6cd45eed3713c48c3ba68bd6c8fc23300d917cb18b248efb0e39509838679ccf8e5edcb139316cf126b4dbbff360fb9e51191b51f3
SSDEEP

3072:n8A0RGMvgkuPbR7vPSmwaaRMAOFghtoN3e3KhUwYBid:8szR7va4/XFgsu3MUwYW

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
18b910bbd79596143ce33a47fb7a188e_JaffaCakes118

Files

18b910bbd79596143ce33a47fb7a188e_JaffaCakes118
.exe windows:5 windows x86 arch:x86

a887645f838549907d771863fbda6b0c

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

msvcrt

strlen
_adjust_fdiv
_isatty
calloc
exit
atof
isspace
__getmainargs
_write
_controlfp
_setmode
_strlwr
log10
_acmdln
_initterm
_XcptFilter
__p__commode
_except_handler3
__p__fmode
__setusermatherr
__set_app_type
_fullpath
__dllonexit
_wfopen
memcpy

kernel32

GetModuleHandleA
GetStringTypeW
SetFilePointer
MultiByteToWideChar
SetStdHandle
ExitProcess
GetStartupInfoA
OutputDebugStringA
GetFileAttributesW
VirtualProtect
SetErrorMode

comctl32

ImageList_DragEnter
CreateStatusWindowA
ImageList_DragShowNolock
CreatePropertySheetPageA
ImageList_Destroy
ImageList_Create
DestroyPropertySheetPage
ImageList_GetIcon
ImageList_EndDrag
CreatePropertySheetPageW

user32

RegisterClipboardFormatA
DrawTextA
SetCursor
SetWindowPlacement
GetMessagePos
SetCapture
SetRect
SetWindowsHookExA
SendMessageA
UnhookWindowsHookEx

oleaut32

SafeArrayPtrOfIndex
SafeArrayPutElement
GetActiveObject
SysAllocStringLen
VariantCopyInd
SafeArrayRedim
SafeArrayGetElement
VariantCopy

gdi32

EnumFontFamiliesW
CreateBitmap
ExtCreatePen
GetCharacterPlacementA
RoundRect
GetNearestColor
MoveToEx
EnumFontsA
PolyDraw
RealizePalette
GdiFlush
GetNearestPaletteIndex
ExcludeClipRect

version

VerFindFileW
VerLanguageNameA
GetFileVersionInfoA
GetFileVersionInfoW
VerQueryValueA
VerInstallFileW

shell32

ExtractIconA
DragQueryFileW
CommandLineToArgvW
DragQueryFile
SHGetSpecialFolderLocation
ShellExecuteExW
Shell_NotifyIconW
SHFileOperationA

ole32

CreateBindCtx
IIDFromString
StringFromCLSID
CoGetMalloc
CoInitializeEx
IsEqualGUID
CoCreateInstance
CoTaskMemAlloc
CoTaskMemRealloc

advapi32

RegOpenKeyW
DeleteService
InitiateSystemShutdownA
ControlService
CopySid
CryptAcquireContextA
QueryServiceStatus
RegCloseKey
RegEnumKeyW

Sections

.text
Size: 17KB - Virtual size: 17KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 17KB - Virtual size: 42KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 96KB - Virtual size: 124KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

iktagum
Size: - Virtual size: 4KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

a887645f838549907d771863fbda6b0c

Headers

File Characteristics

Imports

msvcrt

kernel32

comctl32

user32

oleaut32

gdi32

version

shell32

ole32

advapi32

Sections

.text Size: 17KB - Virtual size: 17KB

.data Size: 17KB - Virtual size: 42KB

.rsrc Size: 96KB - Virtual size: 124KB

iktagum Size: - Virtual size: 4KB

.text
Size: 17KB - Virtual size: 17KB

.data
Size: 17KB - Virtual size: 42KB

.rsrc
Size: 96KB - Virtual size: 124KB

iktagum
Size: - Virtual size: 4KB