18efd8404afc2db2f612684e3d74e209_JaffaCakes118

General

Target

18efd8404afc2db2f612684e3d74e209_JaffaCakes118
Size

61KB
MD5

18efd8404afc2db2f612684e3d74e209
SHA1

d7f5f2b8d0cc07c990c1eac715b1d64704607ed6
SHA256

3de03d6739c3e245d2f0947f94839daf94c48f6053fd60a4f961698faa09302b
SHA512

d721cf203829d31499c6be1da5bdf10ff3660e75a793b36b4b7a3d1e3613f293addf092a8ddc5c13792702a059e98551c8459fad1b65fb47e607d96d3161e290
SSDEEP

768:ybYDm6O9ESKYJRHfGUao4hf5ozzucSEFz3g8PiMWHpNCubfbNyWUupatWJTA3iJW:yCmT9vKI4hf5wuREzV5aCupItiqI

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
18efd8404afc2db2f612684e3d74e209_JaffaCakes118

Files

18efd8404afc2db2f612684e3d74e209_JaffaCakes118
.exe windows:4 windows x86 arch:x86

2d5eb603ee445880d18697d50ef2bd81

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CreateFileA
GetVersion
GetStringTypeW
GetCommandLineA
GetStringTypeA
GetStartupInfoA
lstrcpyA
LCMapStringA
LCMapStringW
GetOEMCP
GetFileType
TerminateProcess
GetCPInfo
GetCurrentProcess
GetStdHandle
GetACP
WriteFile
SetFilePointer
SetHandleCount
GetModuleFileNameA
lstrcpynW
lstrcatA

user32

GetCursor
IsWindow
DialogBoxParamA
CopyImage
GetDlgItem
GetMenu
DrawTextW
EndDialog
CreateIcon
GetDC
GetWindowTextA
DrawIcon
IsMenu
LoadCursorA
CloseWindow
GetWindowTextLengthA
CopyIcon
GetFocus
LoadMenuA
DrawIconEx
InsertMenuA
DrawTextA
DialogBoxParamW

comctl32

ImageList_Destroy
ImageList_DrawEx
CreateMappedBitmap
CreateUpDownControl
ImageList_DragEnter
ImageList_Add
DrawStatusText
ImageList_GetIconSize
ImageList_Create
CreateToolbar
DllGetVersion

advapi32

RegOpenKeyExW
RegSetValueW
RegDeleteValueA
RegEnumKeyExW
RegEnumValueW
RegOpenKeyW
RegDeleteKeyW
RegDeleteValueW
RegQueryValueW
RegDeleteKeyA

Sections

.text
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 51KB - Virtual size: 16.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 5KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

2d5eb603ee445880d18697d50ef2bd81

Headers

File Characteristics

Imports

kernel32

user32

comctl32

advapi32

Sections

.text Size: 2KB - Virtual size: 2KB

.rdata Size: 2KB - Virtual size: 1KB

.data Size: 51KB - Virtual size: 16.6MB

.rsrc Size: 5KB - Virtual size: 8KB

.text
Size: 2KB - Virtual size: 2KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 51KB - Virtual size: 16.6MB

.rsrc
Size: 5KB - Virtual size: 8KB