292d70e08d500412ccabfd883f6e7f39_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

292d70e08d500412ccabfd883f6e7f39_JaffaCakes118
Size

177KB
MD5

292d70e08d500412ccabfd883f6e7f39
SHA1

f6bc6df7da60cc166f1e1e80b6761da9e13d9192
SHA256

ce678a4c4dc9a4e90ba0ee2d57670ee5b3e3229d94bfe4b1ca71b195ba1a403d
SHA512

e925833db858fc541ecfe935e42913ca979476942e28cd440a33c32252af2529a35bcca7b625b745e628b71ab5a0595253c44ad4b4bf62476181af31c45e9a46
SSDEEP

3072:NZHRVAyMJ35TQ+1HxzKHpZQJDUORx/pDJHn4onyXJ1/kkLUoZ/:NjVSPbzKJZQJQ+pVYoeJ1TL

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
292d70e08d500412ccabfd883f6e7f39_JaffaCakes118

Files

292d70e08d500412ccabfd883f6e7f39_JaffaCakes118
.exe windows:4 windows x86 arch:x86

2f66b8236541aa399489ca605fd2348c

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_DEBUG_STRIPPED

Imports

ole32

ProgIDFromCLSID
CoTaskMemFree
StringFromCLSID

winmm

mciSendCommandA
sndPlaySoundA

kernel32

SetTapeParameters
InterlockedExchange
ClearCommError
FindClose
GetCurrentProcessId
GetWindowsDirectoryA
EnumResourceNamesA
GetLocalTime
ExitProcess
Sleep
GetVersion
FindFirstFileA

shell32

SHGetPathFromIDListA
SHGetMalloc
SHGetSpecialFolderLocation

advapi32

RegEnumKeyExA
RegOpenKeyA
RegDeleteKeyA
RegOpenKeyExA
RegCreateKeyExA
RegQueryValueExA
RegCloseKey
RegSetValueExA

gdi32

CreateCompatibleDC
BitBlt
GetStockObject
CreateRectRgn
GetTextExtentPoint32A
Rectangle
GetObjectA
EnumFontFamiliesExA
SetBkMode
CreateFontIndirectA
DeleteDC
DeleteMetaFile
TextOutA
CreateSolidBrush
RestoreDC
SetTextColor
GetDeviceCaps
SaveDC
DeleteObject
SelectObject
CreateCompatibleBitmap

version

GetFileVersionInfoA
VerQueryValueA
GetFileVersionInfoSizeA

user32

LoadCursorA
SetCursor
GetWindowLongA
SetWindowLongA
GetDlgItem
ReleaseCapture
GetWindowInfo
MoveWindow
GetDC
IsWindow
SetWindowPos
ReleaseDC
FillRect
GetSysColor
SetCapture

oleacc

LresultFromObject
CreateStdAccessibleObject

Sections

.text
Size: 153KB - Virtual size: 152KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 20KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.lib
Size: 512B - Virtual size: 76KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

2f66b8236541aa399489ca605fd2348c

Headers

File Characteristics

Imports

ole32

winmm

kernel32

shell32

advapi32

gdi32

version

user32

oleacc

Sections

.text Size: 153KB - Virtual size: 152KB

.rdata Size: 2KB - Virtual size: 2KB

.data Size: 20KB - Virtual size: 19KB

.lib Size: 512B - Virtual size: 76KB

.text
Size: 153KB - Virtual size: 152KB

.rdata
Size: 2KB - Virtual size: 2KB

.data
Size: 20KB - Virtual size: 19KB

.lib
Size: 512B - Virtual size: 76KB