218e3e2d0fd32f44b11dc2427e0f59d0_JaffaCakes118

General

Target

218e3e2d0fd32f44b11dc2427e0f59d0_JaffaCakes118
Size

308KB
MD5

218e3e2d0fd32f44b11dc2427e0f59d0
SHA1

19e7313d12f41329526dd8b7b62bed977ab4a040
SHA256

55bc0c2d420d7dc267d63cc420817f7e9d14ee55c8a6d6c4893e666897cadfaa
SHA512

4c5c624de0f7183f339d4555479a42d78f5f69df9eb91c49f8b916c9fa6aa91936ea9fed0f01566d4dd9dd4dfb9313d8a866b02c5997bcd78f612779d3522900
SSDEEP

6144:8EOuerJRMb6lFuDr7KTdOfYrCa5zqPgBA6dNttoAZJ6RVUzK:7OuelO2mX7KBnOn4BDNtGOYsm

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
218e3e2d0fd32f44b11dc2427e0f59d0_JaffaCakes118

Files

218e3e2d0fd32f44b11dc2427e0f59d0_JaffaCakes118
.exe windows:4 windows x86 arch:x86

3df020d7dad33113890bd3397a9f1050

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LoadLibraryW
SuspendThread
WaitForSingleObject
GetLogicalDrives
GetModuleFileNameW
CancelWaitableTimer
MoveFileW
InterlockedIncrement
WaitForMultipleObjects
FindResourceExW
GetFileSize
FreeLibrary
GetProcessHeap
HeapAlloc
HeapFree
HeapSize
IsBadReadPtr
LoadLibraryA
VirtualAlloc
VirtualFree
VirtualProtect
CreateThread
TerminateThread
ResumeThread
GetCurrentProcessId
GetProcAddress
FileTimeToSystemTime
GlobalFree
GlobalLock
SetFilePointer
ExitProcess
WritePrivateProfileStringW

user32

AppendMenuW
TrackPopupMenu
GetMessageW
SetForegroundWindow
SetCursorPos
GetDlgItem
SetLayeredWindowAttributes
OffsetRect
GetParent
PostThreadMessageW
GetSystemMetrics
RedrawWindow
wsprintfW
EnableWindow
GetWindowTextW
RegisterClassExW

gdi32

BitBlt
CreateRoundRectRgn
GetClipBox
CreateICW
CreateBitmap
GetMapMode

advapi32

RegDeleteValueW
GetUserNameW
RegNotifyChangeKeyValue

shell32

SHChangeNotify

ole32

CoInitializeEx
CoInitialize

oleaut32

OleLoadPicture

Sections

.text
Size: 280KB - Virtual size: 279KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 20KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

3df020d7dad33113890bd3397a9f1050

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

ole32

oleaut32

Sections

.text Size: 280KB - Virtual size: 279KB

.rdata Size: 4KB - Virtual size: 1KB

.data Size: 20KB - Virtual size: 16KB

.text
Size: 280KB - Virtual size: 279KB

.rdata
Size: 4KB - Virtual size: 1KB

.data
Size: 20KB - Virtual size: 16KB