19ff9efabe5f3a6174e8759de368d6d6_JaffaCakes118

General

Target

19ff9efabe5f3a6174e8759de368d6d6_JaffaCakes118
Size

264KB
MD5

19ff9efabe5f3a6174e8759de368d6d6
SHA1

11ce62a5fbf6778f1622abe92023e05a54afcbed
SHA256

a6f838d34d8e3c8f97e36e58ff765cee7c17ce7479045a82f5d384ff8c7ca001
SHA512

19614b85a5b79229d2e39fd27ce5538884947663c402d274b295f7ce6ff0567bc195ff89e072ed1c000c565a0f0ed2c358f686f0563ef0fc085f4d3b30fb12cd
SSDEEP

3072:zAZJ5uoOfydLLhi0iagPVur+tXHRdA7UcuZ66gaepUCfqdNKUzXV8zWK8IvELp8y:zeY+LhiW+cK3k7UcfPGdNK8eC6El8HS

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
19ff9efabe5f3a6174e8759de368d6d6_JaffaCakes118

Files

19ff9efabe5f3a6174e8759de368d6d6_JaffaCakes118
.exe windows:4 windows x86 arch:x86

710855fc1bad69b663259c32a1bc36bd

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

EnumWindows
IsWindowVisible
GetParent
GetWindowRect
GetDC
ReleaseDC
PostMessageA
SetWindowTextA
GetClassNameA
GetWindowThreadProcessId
SendMessageA
GetWindow
GetWindowTextA
ExitWindowsEx

advapi32

AdjustTokenPrivileges
OpenProcessToken
RegCloseKey
RegDeleteKeyA
RegQueryValueExA
RegSetValueExA
RegOpenKeyExA
LookupPrivilegeValueA

gdi32

Polyline
SelectObject
CreatePen
PolyBezier
DeleteObject

kernel32

MultiByteToWideChar
LCMapStringA
LCMapStringW
GetCPInfo
GetACP
GetOEMCP
HeapAlloc
VirtualAlloc
HeapReAlloc
GetProcAddress
LoadLibraryA
GetStringTypeA
GetStringTypeW
GetCurrentProcess
GetVersionExA
DeleteFileA
CopyFileA
FindFirstFileA
GetSystemDirectoryA
CloseHandle
VirtualFreeEx
WriteProcessMemory
VirtualAllocEx
OpenProcess
ReadProcessMemory
Sleep
GetLastError
CreateMutexA
GetModuleHandleA
GetStartupInfoA
GetCommandLineA
GetVersion
ExitProcess
TerminateProcess
UnhandledExceptionFilter
GetModuleFileNameA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
GetFileType
HeapDestroy
HeapCreate
VirtualFree
HeapFree
RtlUnwind
WriteFile

Sections

.text
Size: 20KB - Virtual size: 17KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

710855fc1bad69b663259c32a1bc36bd

Headers

File Characteristics

Imports

user32

advapi32

gdi32

kernel32

Sections

.text Size: 20KB - Virtual size: 17KB

.rdata Size: 4KB - Virtual size: 2KB

.data Size: 4KB - Virtual size: 24KB

.text
Size: 20KB - Virtual size: 17KB

.rdata
Size: 4KB - Virtual size: 2KB

.data
Size: 4KB - Virtual size: 24KB