2e35edaa58c6c9d60d57ac5b1e809942_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

2e35edaa58c6c9d60d57ac5b1e809942_JaffaCakes118
Size

199KB
MD5

2e35edaa58c6c9d60d57ac5b1e809942
SHA1

4321b3386bb0d7119456138e305167713f1d3a0b
SHA256

99b2c6d5a52df44d5bb5750a5a0ca7d7f1b80aea1e886ae0b124fca341e4d931
SHA512

664b34ba7bd7d104c4a72206c1f472f20b5ca8bec1c51beb52e8c612182c678a8437e6debcce9d3eba952e962018ec0e04a155e31e24f7759fcaced8aa6096d7
SSDEEP

6144:YfK8JJ5deDZLTxdpJUulU6p8kCvdY+ynwFA72dmT:8K8RYDJG62kC1Y+ynr2C

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2e35edaa58c6c9d60d57ac5b1e809942_JaffaCakes118

Files

2e35edaa58c6c9d60d57ac5b1e809942_JaffaCakes118
.exe windows:4 windows x86 arch:x86

6efeece7445b135b854675cf7a017852

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_DEBUG_STRIPPED

Imports

gdi32

EnumFontFamiliesExA
TextOutA
GetStockObject
DeleteMetaFile
GetObjectA
SetTextColor
CreateFontIndirectA
BitBlt
SelectObject
GetTextExtentPoint32A
SetBkMode
DeleteDC
CreateCompatibleDC
SaveDC
GetDeviceCaps
CreateRectRgn
Rectangle
DeleteObject
CreateSolidBrush
RestoreDC
CreateCompatibleBitmap

user32

SetWindowPos
GetWindowInfo
GetDlgItem
IsWindow
FillRect
ReleaseDC
SetCursor
GetSysColor
ReleaseCapture
LoadCursorA
GetWindowLongA
MoveWindow
GetDC
SetWindowLongA
SetCapture

kernel32

SetTapeParameters
GetLocalTime
ClearCommError
Sleep
FindClose
GetWindowsDirectoryA
EnumResourceNamesA
GetCurrentProcessId
ExitProcess
GetVersion
InterlockedExchange
FindFirstFileA

advapi32

RegDeleteKeyA
RegCloseKey
RegEnumKeyExA
RegOpenKeyA
RegQueryValueExA
RegOpenKeyExA
RegCreateKeyExA
RegSetValueExA

oleacc

LresultFromObject
CreateStdAccessibleObject

shell32

SHGetPathFromIDListA
SHGetMalloc
SHGetSpecialFolderLocation

version

GetFileVersionInfoA
VerQueryValueA
GetFileVersionInfoSizeA

winmm

mciSendCommandA
sndPlaySoundA

ole32

ProgIDFromCLSID
CoTaskMemFree
StringFromCLSID

Sections

.text
Size: 167KB - Virtual size: 167KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 27KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.lib
Size: 512B - Virtual size: 104KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

6efeece7445b135b854675cf7a017852

Headers

File Characteristics

Imports

gdi32

user32

kernel32

advapi32

oleacc

shell32

version

winmm

ole32

Sections

.text Size: 167KB - Virtual size: 167KB

.rdata Size: 2KB - Virtual size: 2KB

.data Size: 27KB - Virtual size: 27KB

.lib Size: 512B - Virtual size: 104KB

.text
Size: 167KB - Virtual size: 167KB

.rdata
Size: 2KB - Virtual size: 2KB

.data
Size: 27KB - Virtual size: 27KB

.lib
Size: 512B - Virtual size: 104KB