18d08478c4a6083a4566d401d961c016_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

18d08478c4a6083a4566d401d961c016_JaffaCakes118
Size

195KB
MD5

18d08478c4a6083a4566d401d961c016
SHA1

ec89092e7387e0333cfe161c4d2f11bce988e56a
SHA256

1c4c482558f46c0f8a9a4622f8d1df9f2b526294251597249620dc42b66eecfc
SHA512

7e89c3ea4ccdee4f5c4f55c8739e25c96e5a6ae84e19850caca01bf4300827d0abe235c7780b3c8d12a7b6cced7bfd9683c04be0127c30ce52d37e69e903136a
SSDEEP

6144:b14ylU0n9o8N3rpYSeHHHYZBiVqocO1JwWV6l3o:RxicRVFenQEV/FJwWVX

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
18d08478c4a6083a4566d401d961c016_JaffaCakes118

Files

18d08478c4a6083a4566d401d961c016_JaffaCakes118
.exe windows:4 windows x86 arch:x86

8fac99e8f4a0c65d3e6cb55720e8b5df

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RegSetValueA
RegQueryValueExW

user32

SetWindowsHookExW
SetCursorPos
GetWindowLongW
DestroyAcceleratorTable
DefWindowProcW
GetClientRect
BeginPaint
FillRect
LoadAcceleratorsW
SystemParametersInfoW
GetSystemMetrics
SetWindowLongW
SetWindowRgn
MessageBeep
GetUpdateRect
TranslateMessage
SendMessageW
VkKeyScanW
DrawTextW
AdjustWindowRectEx
SetParent
HideCaret
IsClipboardFormatAvailable
PeekMessageW
SetWindowTextW
GetWindow
KillTimer
CloseClipboard
GetMessagePos
CallNextHookEx
GetWindowTextLengthW
EnumDisplaySettingsW
GetFocus
InsertMenuW
CreateDialogParamW
OpenClipboard
RedrawWindow
GetCapture
EmptyClipboard
GetMenuState
ChangeDisplaySettingsW
IsWindowVisible

kernel32

InterlockedDecrement
InterlockedIncrement
HeapReAlloc
GetOEMCP
VirtualAlloc
HeapAlloc
GetCPInfo
GetACP
LCMapStringA
MultiByteToWideChar
GetProcAddress
LoadLibraryA
GetStringTypeA
LCMapStringW
GetStringTypeW
SetLastError
TlsAlloc
GetStartupInfoA
GetCurrentThreadId
TlsSetValue
GetEnvironmentStrings
WideCharToMultiByte
FreeEnvironmentStringsA
FreeEnvironmentStringsW
SetHandleCount
GetEnvironmentStringsW
GetStdHandle
GetFileType
HeapDestroy
GetEnvironmentVariableA
GetVersionExA
GetLastError
TlsGetValue
GetModuleHandleA
RtlUnwind
HeapFree
HeapCreate
VirtualFree
EnterCriticalSection
WriteFile
LeaveCriticalSection
GetModuleFileNameA
GetCurrentProcess
UnhandledExceptionFilter
GetVersion
GetCommandLineA
ExitProcess
TerminateProcess
CreateThread
InitializeCriticalSection
CreateFileW
UnmapViewOfFile
MapViewOfFile
CloseHandle

Sections

.text
Size: 40KB - Virtual size: 37KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 54KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

8fac99e8f4a0c65d3e6cb55720e8b5df

Headers

File Characteristics

Imports

advapi32

user32

kernel32

Sections

.text Size: 40KB - Virtual size: 37KB

.rdata Size: 4KB - Virtual size: 3KB

.data Size: 12KB - Virtual size: 54KB

.rsrc Size: 4KB - Virtual size: 1KB

.text
Size: 40KB - Virtual size: 37KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 12KB - Virtual size: 54KB

.rsrc
Size: 4KB - Virtual size: 1KB