19fc4a846e929ac02c67c6b134a7d822_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

19fc4a846e929ac02c67c6b134a7d822_JaffaCakes118
Size

166KB
MD5

19fc4a846e929ac02c67c6b134a7d822
SHA1

4aea6a3029ab7f80649699122a6b37fafbf380b0
SHA256

f5de758adda0e768baa9ed5117f620401d2cf28e4e804273b751dd9369b49cf5
SHA512

c4a96d1d7b3e781080d7a06f5b40fc55bb3c4fc20a97a8da61f32c930a9c144082500f2b4cbd01bfdae21dbedc51357a460a0c6afaabfe503beba511cf74b877
SSDEEP

3072:0CxgkPkB+sNHY3edWRn795qzFN3El+bLo9LxCVeBUWZu0S6tY:2kP/aHq7U3930S6t

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
19fc4a846e929ac02c67c6b134a7d822_JaffaCakes118

Files

19fc4a846e929ac02c67c6b134a7d822_JaffaCakes118
.exe windows:4 windows x86 arch:x86

bf04060a9fb9d91c2a49c0d94e4a9cda

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

C:\Vodun\Nakiduducy\Heciwy\Cygejoxy\Dazub\Udosuvy\Imucugabe.pdb

Imports

kernel32

CloseHandle
CreateProcessW
DeleteFileW
Sleep
GetTickCount
GetLastError
GetWindowsDirectoryW
CreateFileW
MoveFileExA
GetDateFormatA
FreeResource
SizeofResource
LoadResource
GetVolumeInformationA
QueryPerformanceCounter
GetSystemTime
GetLocalTime
CreateFileA
GetModuleHandleW
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
CopyFileW
CreateDirectoryA
ResetEvent
WaitForMultipleObjects
VirtualFree
VirtualProtect
VirtualAlloc
GetModuleHandleA
GetCurrentThreadId
GetCommandLineA
GetProfileStringW
GetLocaleInfoA
GetStringTypeW
GetStringTypeA
LCMapStringW
MultiByteToWideChar
LCMapStringA
GetSystemTimeAsFileTime
GetCurrentProcessId
HeapSize
VirtualQuery
InterlockedExchange
RtlUnwind
IsBadWritePtr
HeapReAlloc
HeapAlloc
GetCPInfo
GetOEMCP
GetSystemInfo
GetACP
LoadLibraryA
HeapFree
HeapCreate
HeapDestroy
GetFileType
SetHandleCount
GetEnvironmentStringsW
WideCharToMultiByte
FreeEnvironmentStringsW
GetStartupInfoA
GetVersionExA
ExitProcess
GetProcAddress
TerminateProcess
GetCurrentProcess
WriteFile
GetStdHandle
GetModuleFileNameA
UnhandledExceptionFilter
FreeEnvironmentStringsA
GetEnvironmentStrings

user32

FillRect
GetActiveWindow
CreatePopupMenu
GetSysColorBrush
AppendMenuA
DrawFrameControl
PostMessageW
SetWindowLongA
IsDialogMessageW
DialogBoxIndirectParamA
GetForegroundWindow
CreateDialogIndirectParamA
DispatchMessageW
GetSystemMetrics
GetWindowThreadProcessId
GetClientRect
CheckMenuRadioItem
DeferWindowPos
TranslateMessage
IsWindowEnabled
CheckMenuItem
GetClassNameA
GetWindowTextLengthA
SystemParametersInfoW
SetWindowsHookExA
RegisterClassExA
GetWindowRect

Sections

.text
Size: 75KB - Virtual size: 75KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 25KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 64KB - Virtual size: 64KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 960B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

bf04060a9fb9d91c2a49c0d94e4a9cda

Headers

File Characteristics

PDB Paths

Imports

kernel32

user32

Sections

.text Size: 75KB - Virtual size: 75KB

.rdata Size: 25KB - Virtual size: 24KB

.data Size: 64KB - Virtual size: 64KB

.rsrc Size: 1024B - Virtual size: 960B

.text
Size: 75KB - Virtual size: 75KB

.rdata
Size: 25KB - Virtual size: 24KB

.data
Size: 64KB - Virtual size: 64KB

.rsrc
Size: 1024B - Virtual size: 960B