2a18ec79050da69d06d4a9047f327c04_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

2a18ec79050da69d06d4a9047f327c04_JaffaCakes118
Size

59KB
MD5

2a18ec79050da69d06d4a9047f327c04
SHA1

082d2c0574277502c53bb40e68e356e8d97377c0
SHA256

0221d08d463da67745d0d4f8fcd92e67faca6871f20c7f8bae80fe6623afa239
SHA512

54a26ef6cdf3bbb73a1e177939ae3ebb260050029248ba3090304e5f5c8fe9aeaad3bf15cc1498aacc00a09d57ebad053767672729c9f019de936c37ae836e67
SSDEEP

768:/AiXfj4mVXiDK1wA2+6fMFwkLIB3LgxPBgom5FvANxear7vDEpD85QDqJf2869Rd:Y6EmVBKNMFw4ItE8var7L8Y5MqtODd

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2a18ec79050da69d06d4a9047f327c04_JaffaCakes118

Files

2a18ec79050da69d06d4a9047f327c04_JaffaCakes118
.exe windows:5 windows x86 arch:x86

d9c6bfac4cd9706c4e790f1e131312fc

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

GetWindow
GetSysColorBrush
DestroyMenu
SetWindowLongW
GetSysColor
DispatchMessageW
GetWindowLongW
InvalidateRect
GetDlgItem
GetCursorPos
PtInRect
DrawIcon
CheckMenuItem
GetSystemMetrics
LoadStringA
SetWindowRgn
LoadBitmapA
OffsetRect
GetDlgItemTextW
MoveWindow
CheckRadioButton
GetWindowRect
SetTimer
IsIconic
TrackPopupMenu

gdi32

DeleteObject
GetMapMode
OffsetWindowOrgEx
SetDIBColorTable
SetEnhMetaFileBits
GetTextExtentPointW
SetTextColor
PlayEnhMetaFile
OffsetViewportOrgEx
CreateSolidBrush
GetTextMetricsW
DeleteDC
CreateHalftonePalette
PlayMetaFileRecord
CreateICW
GetClipRgn
GetWindowOrgEx
SetICMMode
GetDeviceCaps
Escape

BeginPath
GDI32.dll
SetTextAlign
DrawEscape
SetROP2
UpdateColors
version.dll
SetBoundsRect
msvcrt.dll

version

GetFileVersionInfoSizeA
GetFileVersionInfoSizeW
VerQueryValueA
GetFileVersionInfoW
GetFileVersionInfoA

msvcrt

_mbsicmp
_ftol
_itoa
wcstol
_wtol
abort
_timezone
__p__commode
fputs
_wcsnicmp
__setusermatherr
time
strrchr
_mbscmp
_chsize
_iob
__getmainargs
fprintf
memmove
realloc
wcslen
_purecall
swscanf
_wsplitpath
atol
malloc

ntdll

RtlIntegerToUnicodeString
RtlCopyUnicodeString
NtQueryVolumeInformationFile
RtlCreateAcl
NtQueryInformationProcess
NtQueryInformationToken
RtlFreeAnsiString
RtlEqualUnicodeString
RtlInitAnsiString
RtlAnsiStringToUnicodeString
NtCreateEvent
NtFsControlFile
RtlGetNtProductType
RtlInitUnicodeString

kernel32

ExitProcess
SearchPathA
VirtualFree
LockResource
CreateFileW
GetVersionExA
ReleaseMutex
ProcessIdToSessionId
GetSystemTimeAsFileTime
LeaveCriticalSection
InterlockedCompareExchange
lstrcmpiW
VirtualAlloc
GetModuleHandleA
CopyFileA
CreateProcessA
GetLastError
LCMapStringA
GetStringTypeA
CreateFileA
SetPriorityClass
lstrcpyA
FreeLibrary
ExpandEnvironmentStringsA
GetACP
HeapAlloc
GetFileSize
GetModuleHandleW
GetThreadTimes
GetShortPathNameW
GlobalLock
Sleep

advapi32

RegDeleteKeyW
RegCreateKeyExW
CloseServiceHandle
RegQueryInfoKeyA
RegQueryValueW
GetSecurityDescriptorControl
FreeSid
EqualSid
RegEnumKeyExW
RegSetValueExA
RegCloseKey
RegOpenKeyExA
RegQueryValueExA
RegEnumValueA
RegEnumValueW
RegOpenKeyW
RegCreateKeyW
RegDeleteKeyA
LookupAccountSidW
RegFlushKey
RegCreateKeyExA
LockServiceDatabase
RegEnumKeyExA
ChangeServiceConfigA
AllocateAndInitializeSid
LookupPrivilegeValueA
RegDeleteValueW

Sections

.text
Size: 38KB - Virtual size: 38KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 5KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d9c6bfac4cd9706c4e790f1e131312fc

Headers

File Characteristics

Imports

user32

gdi32

version

msvcrt

ntdll

kernel32

advapi32

Sections

.text Size: 38KB - Virtual size: 38KB

.data Size: 2KB - Virtual size: 1KB

.rdata Size: 12KB - Virtual size: 27KB

.idata Size: 5KB - Virtual size: 20KB

.rsrc Size: 512B - Virtual size: 16B

.text
Size: 38KB - Virtual size: 38KB

.data
Size: 2KB - Virtual size: 1KB

.rdata
Size: 12KB - Virtual size: 27KB

.idata
Size: 5KB - Virtual size: 20KB

.rsrc
Size: 512B - Virtual size: 16B