1b593a35ea05d770842f049ff97dc09b_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

1b593a35ea05d770842f049ff97dc09b_JaffaCakes118
Size

1.6MB
MD5

1b593a35ea05d770842f049ff97dc09b
SHA1

3f7eaeb8760b61455d615a343f1e5c04325f3ac4
SHA256

65dc8f70935747e8f9e7e1133fa6f9517ac0dbb7de8de5600983c06bc7d0fb6e
SHA512

d0d628643c9849046f294a25c2faa1e6253212b9e224e0917b447d289c667419362b7db3ce1790bbd49ad558c39fc02c16609786343967c20e410c17fd5dd38e
SSDEEP

24576:qkk/2RyU+53xrGIzzv9P/ccxiwF9+GnIr2dlhzHNQuEw9ftvc71ElQHMdFbF:yyk1Gszv/xQqdlNHNL9FEBUQS

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1b593a35ea05d770842f049ff97dc09b_JaffaCakes118

Files

1b593a35ea05d770842f049ff97dc09b_JaffaCakes118
.exe windows:4 windows x86 arch:x86

c38b288015564f2e586ae78a60b398a3

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

DeleteCriticalSection
LoadLibraryA
VirtualProtect
GetModuleFileNameA
ExitProcess

user32

GetKeyboardType
MessageBoxA

advapi32

RegQueryValueExA

oleaut32

SysFreeString

version

VerQueryValueA

gdi32

UnrealizeObject

ole32

CreateStreamOnHGlobal

comctl32

ImageList_SetIconSize

shell32

Shell_NotifyIconA

comdlg32

GetSaveFileNameA

winmm

waveOutUnprepareHeader

ws2_32

WSAAccept

msacm32

acmStreamUnprepareHeader

wsock32

WSACleanup

imagehlp

CheckSumMappedFile

Sections

ef#7*=Ct
Size: - Virtual size: 1.2MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

W#WXp$FS
Size: - Virtual size: 314KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Gcea.Qt;
Size: - Virtual size: 28KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

oX(-@7l)
Size: - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Yb`#a$ZK
Size: - Virtual size: 16B

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

#w5hp&tK
Size: - Virtual size: 24B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rPqi:o`
Size: - Virtual size: 74KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

!G;]rNGN
Size: 6KB - Virtual size: 37KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

7`C8]y?)
Size: - Virtual size: 642KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

%r'TGV%l
Size: 1.6MB - Virtual size: 1.6MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

@?#:PS<Q
Size: 512B - Virtual size: 208B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

c38b288015564f2e586ae78a60b398a3

Headers

File Characteristics

Imports

kernel32

user32

advapi32

oleaut32

version

gdi32

ole32

comctl32

shell32

comdlg32

winmm

ws2_32

msacm32

wsock32

imagehlp

Sections

ef#7*=Ct Size: - Virtual size: 1.2MB

W#WXp$FS Size: - Virtual size: 314KB

Gcea.Qt; Size: - Virtual size: 28KB

oX(-@7l) Size: - Virtual size: 12KB

Yb`#a$ZK Size: - Virtual size: 16B

#w5hp&tK Size: - Virtual size: 24B

.rPqi:o` Size: - Virtual size: 74KB

!G;]rNGN Size: 6KB - Virtual size: 37KB

7`C8]y?) Size: - Virtual size: 642KB

%r'TGV%l Size: 1.6MB - Virtual size: 1.6MB

@?#:PS<Q Size: 512B - Virtual size: 208B

ef#7*=Ct
Size: - Virtual size: 1.2MB

W#WXp$FS
Size: - Virtual size: 314KB

Gcea.Qt;
Size: - Virtual size: 28KB

oX(-@7l)
Size: - Virtual size: 12KB

Yb`#a$ZK
Size: - Virtual size: 16B

#w5hp&tK
Size: - Virtual size: 24B

.rPqi:o`
Size: - Virtual size: 74KB

!G;]rNGN
Size: 6KB - Virtual size: 37KB

7`C8]y?)
Size: - Virtual size: 642KB

%r'TGV%l
Size: 1.6MB - Virtual size: 1.6MB

@?#:PS<Q
Size: 512B - Virtual size: 208B