19c261a50bf2f3f6de5aaf4c57be9520_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

19c261a50bf2f3f6de5aaf4c57be9520_JaffaCakes118
Size

52KB
MD5

19c261a50bf2f3f6de5aaf4c57be9520
SHA1

3dee1efff0c6b85c00d8cd419609cd7043ebc90c
SHA256

8da3a9ceaa2afe959c6835c2fa984f25603697329249ab0c65ea0eaa37d69c62
SHA512

e60d835989a1d444f1afc531c7e8f3c1707f6349d2eda29e32bf9bcd29dfc7777f631f3c30cbb589ff828eef1d93f957e746e3d1aab1da146ea0c2b91d38f64c
SSDEEP

1536:GkJ/Avw7SGAMejbnuH0gXmYYmbNnRcHg6dxROsSf:GkJ/AvJjbnATRyg6dxQT

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
19c261a50bf2f3f6de5aaf4c57be9520_JaffaCakes118

Files

19c261a50bf2f3f6de5aaf4c57be9520_JaffaCakes118
.exe windows:4 windows x86 arch:x86

88195200e4f34d14c60adce09dd7f2cf

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ole32

OleCreateEx

advapi32

RegCloseKey
RegSetValueExA
LookupAccountNameW
RegCreateKeyExA

user32

PostMessageA
TranslateMessage
GetDlgItem
CreateWindowExA
DispatchMessageA
SendMessageA
EndDialog
MessageBoxA
ShowWindow
GetMessageA

kernel32

GetCommandLineA
WriteConsoleW
SetFilePointer
LCMapStringA
CreateFileA
FindFirstFileA
CopyFileA
GetCurrentProcessId
GetModuleHandleA
GetModuleFileNameA
TerminateProcess
GetStartupInfoA
ReadFile
DeleteFileA
GetACP
GetConsoleCP
SetFileTime
RemoveDirectoryA
LCMapStringW
GetTempPathA
GetProcAddress
CreateDirectoryA
GetExitCodeThread
GetConsoleOutputCP
SetUnhandledExceptionFilter
GetFileType
SetFileAttributesA
MoveFileA
GetFileAttributesA
FindNextFileA
GetStringTypeW
GetConsoleMode
GetConsoleCommandHistoryA
GetLastError
GetLocaleInfoA
EnterCriticalSection
GetTickCount
CreateThread
GetOEMCP
GetStringTypeA
IsDebuggerPresent
LeaveCriticalSection
WaitForSingleObject
ExitProcess
UnhandledExceptionFilter
InitializeCriticalSection
GetFileSize
HeapAlloc
GetProcessHeap
SetEndOfFile
GetVersionExA
SetStdHandle
GetStdHandle
InterlockedDecrement
RaiseException
HeapSize
DeleteCriticalSection
FindClose
GetCPInfo
GetCurrentThreadId
GetCurrentProcess
LoadLibraryA
HeapFree
GetSystemTimeAsFileTime
CloseHandle
CreateProcessA
WriteFile
FlushFileBuffers
WriteConsoleA
GetDiskFreeSpaceA
SetHandleCount
GetExitCodeProcess
IsValidCodePage

Sections

.text
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 6KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ

.edata
Size: 36KB - Virtual size: 59KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

88195200e4f34d14c60adce09dd7f2cf

Headers

DLL Characteristics

File Characteristics

Imports

ole32

advapi32

user32

kernel32

Sections

.text Size: 7KB - Virtual size: 6KB

.data Size: 6KB - Virtual size: 11KB

.rsrc Size: 2KB - Virtual size: 1KB

.edata Size: 36KB - Virtual size: 59KB

.text
Size: 7KB - Virtual size: 6KB

.data
Size: 6KB - Virtual size: 11KB

.rsrc
Size: 2KB - Virtual size: 1KB

.edata
Size: 36KB - Virtual size: 59KB