af2acdb10c7d2ee694623c84a089e863_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

af2acdb10c7d2ee694623c84a089e863_JaffaCakes118
Size

1.6MB
MD5

af2acdb10c7d2ee694623c84a089e863
SHA1

330c4cb35c3872c61b636b83c61dcd10b0924429
SHA256

c3138726112d64e3bca9cc9bf53af07888a0e9a58a29cd11462cff9df48a673c
SHA512

7a5aeaf7797a619b061d98acebc2cc5678975aab524e5a46958ab25c97ffd545feadd6a0aac03fe3bae30466c5b1f2aca23130c8655cf3bbfaa47768de66e4dd
SSDEEP

24576:03evf87FyrgyM/p2wmnUAPuybzOOb6RFKghTgMlmLn20hZjoFoD:03ev07kM/gwBxOWR1hvt0hIe

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
af2acdb10c7d2ee694623c84a089e863_JaffaCakes118

Files

af2acdb10c7d2ee694623c84a089e863_JaffaCakes118
.exe windows:4 windows x86 arch:x86

ae8b23f451199931da9aac7d07dadc04

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

comdlg32

GetSaveFileNameA
ChooseColorA

version

GetFileVersionInfoA
VerInstallFileA
GetFileVersionInfoSizeA

advapi32

RegFlushKey
RegSetValueA
GetNamedSecurityInfoW
IsValidAcl
GetUserNameA
GetLengthSid
EnumDependentServicesA
RegOpenKeyA
CryptCreateHash
RegQueryValueW
RegDeleteKeyA
SetSecurityDescriptorOwner
RegQueryInfoKeyW

kernel32

SwitchToFiber
SetProcessShutdownParameters
GlobalUnlock
ExpandEnvironmentStringsW
GetTapeParameters
MoveFileExA
EraseTape
ExitProcess
ReadFileScatter
EnumResourceLanguagesW
SetEnvironmentVariableA
AreFileApisANSI
SetNamedPipeHandleState
GetSystemDefaultLangID
IsBadReadPtr
_llseek
lstrcpyA
SetConsoleCursorPosition
FormatMessageW
SetEndOfFile
EnumTimeFormatsW
WritePrivateProfileStructA
ScrollConsoleScreenBufferA
VirtualProtect
CreateEventA
SetConsoleOutputCP
ReadConsoleOutputA
TryEnterCriticalSection
SetConsoleTitleA
DosDateTimeToFileTime
CompareStringW
FindFirstFileW
GetLongPathNameA
LoadLibraryExA
SizeofResource
UnmapViewOfFile
GetOverlappedResult
GetProfileStringA
FindResourceExW

user32

SendNotifyMessageW
ValidateRgn
ChangeMenuA
FindWindowExA
RegisterClipboardFormatA
TileWindows
NotifyWinEvent
UpdateWindow
SetCursorPos
EnumClipboardFormats
CharUpperA
CreateDialogIndirectParamW
DrawTextExW
DialogBoxIndirectParamW
CheckMenuRadioItem
MapWindowPoints
CharToOemA
SetWindowPlacement
CreateIconIndirect
ChangeMenuW
GetTitleBarInfo
ScreenToClient
EnumDisplaySettingsA

Sections

.text
Size: 2KB - Virtual size: 218KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1.3MB - Virtual size: 1.3MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 17KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ae8b23f451199931da9aac7d07dadc04

Headers

File Characteristics

Imports

comdlg32

version

advapi32

kernel32

user32

Sections

.text Size: 2KB - Virtual size: 218KB

.rdata Size: 2KB - Virtual size: 2KB

.data Size: 1.3MB - Virtual size: 1.3MB

.rsrc Size: 17KB - Virtual size: 16KB

.text
Size: 2KB - Virtual size: 218KB

.rdata
Size: 2KB - Virtual size: 2KB

.data
Size: 1.3MB - Virtual size: 1.3MB

.rsrc
Size: 17KB - Virtual size: 16KB