18ecea51beb882df51fc9badeb782780_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

18ecea51beb882df51fc9badeb782780_JaffaCakes118
Size

83KB
MD5

18ecea51beb882df51fc9badeb782780
SHA1

50b644602fce840d65e59fd07611a2a2cc174ce4
SHA256

117b93719f8cb7d9778b8c2ac72cf5fbacac3b082b3718a7858e769258f91308
SHA512

82791d3be29a69e5b9d383b82dd18fcfa38eb3862b4e39b2d01154daf0c8f805ce755a1eb125cb530e2fc37dd57c68ab0cc8f5581db14833116abbf68fe34bfe
SSDEEP

1536:22/92ujfq3+4JuHrZavkXtWJWfswk8AhRzbjx9vhC53FouLPLZyI7nDj/AWk3:22/kujfq3NSav2tRwzvz598RFZXZyI7g

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
18ecea51beb882df51fc9badeb782780_JaffaCakes118

Files

18ecea51beb882df51fc9badeb782780_JaffaCakes118
.exe windows:4 windows x86 arch:x86

d4a0a3f75a5dacaa3b665d56c8ff7bc6

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

user32

GetScrollPos
GetMessageA
EnableMenuItem
FrameRect
EnumWindows
PostQuitMessage
SetWindowPos
EqualRect
SetWindowTextA
GetSubMenu
GetSysColor
GetSysColorBrush
UnhookWindowsHookEx

kernel32

GetThreadLocale
GetCurrentProcessId
VirtualAllocEx
InterlockedExchange
GetFileAttributesA
GetTempPathA
GetSystemTime
SetUnhandledExceptionFilter
GetACP
QueryPerformanceCounter
GetTickCount
RtlUnwind
GetOEMCP
FileTimeToSystemTime
GetStartupInfoA
GetTimeZoneInformation
ExitProcess

gdi32

GetMapMode
FillRgn
SelectClipPath
SetViewportExtEx
CreateICW
ExcludeClipRect
DPtoLP
CopyEnhMetaFileA
CreateCompatibleBitmap

ole32

CoRevokeClassObject
StgOpenStorage
CoInitialize
CoTaskMemRealloc
DoDragDrop
CoInitializeSecurity
CoCreateInstance
OleRun
StringFromGUID2

advapi32

RegCreateKeyExW
CheckTokenMembership
GetSecurityDescriptorDacl
RegCreateKeyA
AdjustTokenPrivileges
QueryServiceStatus
RegQueryValueExW
CryptHashData
GetUserNameA
FreeSid

msvcrt

_fdopen
_strdup
fflush
_lock
_CIpow
signal
__initenv
_flsbuf
iswspace
fprintf
_mbscmp
__setusermatherr
puts
strcspn
strlen
__getmainargs
strncpy
raise

comctl32

ImageList_GetIcon
ImageList_LoadImageW
InitCommonControls
ImageList_GetIconSize
ImageList_LoadImageA
ImageList_Write
ImageList_DragEnter
ImageList_Destroy
CreatePropertySheetPageA
ImageList_ReplaceIcon
ImageList_DrawEx
ImageList_GetBkColor
ImageList_SetIconSize

shell32

DragAcceptFiles
SHBrowseForFolderA
ExtractIconExW
DragQueryFileW
DoEnvironmentSubstW
CommandLineToArgvW
DragQueryFileA
ExtractIconW
SHGetPathFromIDList
ShellExecuteW
ShellExecuteEx

oleaut32

SafeArrayPtrOfIndex
VariantCopy
SafeArrayCreate
SafeArrayPutElement
SysReAllocStringLen
SafeArrayRedim
SafeArrayGetUBound
SafeArrayUnaccessData

Sections

.text
Size: 35KB - Virtual size: 34KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 41KB - Virtual size: 40KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 6KB - Virtual size: 34KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

d4a0a3f75a5dacaa3b665d56c8ff7bc6

Headers

File Characteristics

Imports

user32

kernel32

gdi32

ole32

advapi32

msvcrt

comctl32

shell32

oleaut32

Sections

.text Size: 35KB - Virtual size: 34KB

.data Size: 41KB - Virtual size: 40KB

.rsrc Size: 6KB - Virtual size: 34KB

.text
Size: 35KB - Virtual size: 34KB

.data
Size: 41KB - Virtual size: 40KB

.rsrc
Size: 6KB - Virtual size: 34KB