25b1497aac715f56633f622fffbde9ef_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

25b1497aac715f56633f622fffbde9ef_JaffaCakes118
Size

199KB
MD5

25b1497aac715f56633f622fffbde9ef
SHA1

dfebbb0a00ede5758a33008987812b051b0cbef5
SHA256

14d910a26228947263279a553398326917a182bcaf3887fd36b6c0032a414836
SHA512

c20e781e6ddb5cec6f28dad2125464e716061fc82b2e54e23f58beaa1b57d3116ebe211658f10d6b457b6273c93078b2b1cbf51576ad4cf19f391a6e878e7653
SSDEEP

6144:USEdY7+LKg2ZQM1zoZdX96EwWGCMljF93D6dpdT:PE2ZZoZz6E/kjbzkT

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
25b1497aac715f56633f622fffbde9ef_JaffaCakes118

Files

25b1497aac715f56633f622fffbde9ef_JaffaCakes118
.exe windows:4 windows x86 arch:x86

b84fc3d2e3cff3830f0d321b81bc83c8

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_DEBUG_STRIPPED

Imports

version

VerQueryValueA
GetFileVersionInfoA
GetFileVersionInfoSizeA

oleacc

LresultFromObject
CreateStdAccessibleObject

ole32

ProgIDFromCLSID
CoTaskMemFree
StringFromCLSID

gdi32

SaveDC
CreateCompatibleDC
DeleteDC
CreateRectRgn
EnumFontFamiliesExA
GetTextExtentPoint32A
CreateSolidBrush
GetDeviceCaps
CreateFontIndirectA
DeleteMetaFile
SetTextColor
RestoreDC
DeleteObject
BitBlt
Rectangle
GetObjectA
SelectObject
GetStockObject
TextOutA
SetBkMode
CreateCompatibleBitmap

advapi32

RegQueryValueExA
RegOpenKeyA
RegDeleteKeyA
RegCloseKey
RegOpenKeyExA
RegEnumKeyExA
RegCreateKeyExA
RegSetValueExA

kernel32

SetTapeParameters
GetWindowsDirectoryA
ClearCommError
GetCurrentProcessId
Sleep
GetLocalTime
FindClose
EnumResourceNamesA
GetVersion
ExitProcess
InterlockedExchange
FindFirstFileA

user32

SetWindowLongA
GetWindowLongA
GetWindowInfo
GetDC
FillRect
MoveWindow
ReleaseCapture
LoadCursorA
GetDlgItem
SetWindowPos
IsWindow
SetCursor
ReleaseDC
GetSysColor
SetCapture

shell32

SHGetMalloc
SHGetPathFromIDListA
SHGetSpecialFolderLocation

winmm

mciSendCommandA
sndPlaySoundA

Sections

.text
Size: 169KB - Virtual size: 168KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 26KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.lib
Size: 512B - Virtual size: 100KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b84fc3d2e3cff3830f0d321b81bc83c8

Headers

File Characteristics

Imports

version

oleacc

ole32

gdi32

advapi32

kernel32

user32

shell32

winmm

Sections

.text Size: 169KB - Virtual size: 168KB

.rdata Size: 2KB - Virtual size: 2KB

.data Size: 26KB - Virtual size: 26KB

.lib Size: 512B - Virtual size: 100KB

.text
Size: 169KB - Virtual size: 168KB

.rdata
Size: 2KB - Virtual size: 2KB

.data
Size: 26KB - Virtual size: 26KB

.lib
Size: 512B - Virtual size: 100KB