19d366287fd301f972f9a14159ce9f7a_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

19d366287fd301f972f9a14159ce9f7a_JaffaCakes118
Size

136KB
MD5

19d366287fd301f972f9a14159ce9f7a
SHA1

39c77e43285fcbcf85052931339d1873e5581471
SHA256

188018889594e85feab4285021ade1c8f2bdfb089c6aad3b08f4d2008a33dfda
SHA512

abb82c739c9a75efe92f377573dcf4cb548412fb1fd3b3dbbd85a7a97a27ae9ed70f94eee4950d31665b45223a376103a4e599023f0db694b8001d7d4f91f975
SSDEEP

3072:Ark+zUNGfMiCOQibXjFyZ25m8LFnWHOv0fuT4:4fM34Xjoam8LFw1uT

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
19d366287fd301f972f9a14159ce9f7a_JaffaCakes118

Files

19d366287fd301f972f9a14159ce9f7a_JaffaCakes118
.exe windows:5 windows x86 arch:x86

7e199c2de7e2d0a3edd8d0f27883fa71

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

shlwapi

ord156
StrCmpNW
SHRegEnumUSKeyW
StrFormatByteSizeW
PathIsContentTypeA

shell32

ord173
SHBrowseForFolderA

kernel32

GetModuleHandleA
lstrcatW
lstrcpyW
lstrcpyA
OpenFile
SetFilePointer
SetFilePointerEx
_lclose
ClearCommBreak
EnumResourceTypesA
SetProcessPriorityBoost
TerminateThread
lstrcmpiW
GetAtomNameW
GetHandleInformation
LocalAlloc
WaitForMultipleObjects
GetProcessAffinityMask
CreateMailslotA
GetFileTime
_lopen
CloseHandle
DeleteFileW
CopyFileExA
GetLocalTime
GetProcAddress
lstrcmpiA
GetTempPathW
FileTimeToDosDateTime
LoadLibraryW
FormatMessageA
FindResourceW
LocalFileTimeToFileTime
FileTimeToSystemTime
FormatMessageW
_lcreat
DosDateTimeToFileTime
HeapDestroy

user32

EndPaint
DestroyIcon
DlgDirListW
IsWindowVisible
GetActiveWindow
CharLowerBuffA
CharUpperBuffA
GetWindowPlacement
SetForegroundWindow
EnumPropsW
RemovePropW
PostMessageW
SetMenuItemBitmaps
InvalidateRgn
SendMessageA
BeginPaint
TranslateMessage
LockWindowUpdate
GetCursorInfo
SetPropA
SetScrollPos
PeekMessageA
ReleaseDC
TranslateAcceleratorA
GetWindowRgn
LoadAcceleratorsA
DispatchMessageA
SetMenuItemInfoA
GetPropW
LoadCursorFromFileA
GetDC
GetDesktopWindow
SetWindowTextW

gdi32

CreateCompatibleBitmap
CreateCompatibleDC
DeleteDC
GetBitmapBits
GetSystemPaletteEntries
LineTo
SetBoundsRect
GetCharWidth32W
ExtCreateRegion
SetViewportOrgEx
GetTextExtentPoint32W
SetBkColor
AngleArc
OffsetClipRgn
SetTextCharacterExtra
CreateScalableFontResourceW
UpdateColors

advapi32

ObjectDeleteAuditAlarmA
GetSidLengthRequired
EqualPrefixSid
EqualSid
PrivilegedServiceAuditAlarmW

Exports

Exports

_Copy_Ico@12
_Create_Ico@12
_Set_Ico@12
_Update_Ico@12

Sections

.text
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.code
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 160B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.vars
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.zero
Size: 512B - Virtual size: 512B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.const
Size: 512B - Virtual size: 44B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 116KB - Virtual size: 115KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 672B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

7e199c2de7e2d0a3edd8d0f27883fa71

Headers

File Characteristics

Imports

shlwapi

shell32

kernel32

user32

gdi32

advapi32

Exports

Exports

Sections

.text Size: 5KB - Virtual size: 5KB

.code Size: 7KB - Virtual size: 7KB

.data Size: - Virtual size: 160B

.vars Size: 4KB - Virtual size: 3KB

.zero Size: 512B - Virtual size: 512B

.const Size: 512B - Virtual size: 44B

.rsrc Size: 116KB - Virtual size: 115KB

.reloc Size: 1024B - Virtual size: 672B

.text
Size: 5KB - Virtual size: 5KB

.code
Size: 7KB - Virtual size: 7KB

.data
Size: - Virtual size: 160B

.vars
Size: 4KB - Virtual size: 3KB

.zero
Size: 512B - Virtual size: 512B

.const
Size: 512B - Virtual size: 44B

.rsrc
Size: 116KB - Virtual size: 115KB

.reloc
Size: 1024B - Virtual size: 672B