38b51f68622e0b525fb9c6913a57e9e8_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

38b51f68622e0b525fb9c6913a57e9e8_JaffaCakes118
Size

65KB
MD5

38b51f68622e0b525fb9c6913a57e9e8
SHA1

72a776fb24d57b6b4987f7303fc99882492243ea
SHA256

0eac115fb06f40e2595afd1b6db198c02867c6e75e54e31f40691b9ad825e702
SHA512

ab97e683f34b34694c554818464b4e9c678870d447d7948a150e308631de3f98283d9073f2eecad41fa5e9e0f147c2f437d445c89b80f6683b7d295f9407ee5d
SSDEEP

1536:coNv0N3WwGuG4xT8OzHrQuJ4gzR8ZEY3x:KJGV4xT5zHUQ49

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
38b51f68622e0b525fb9c6913a57e9e8_JaffaCakes118

Files

38b51f68622e0b525fb9c6913a57e9e8_JaffaCakes118
.exe windows:4 windows x86 arch:x86

a6632ad87cfeb5209be57afcda593ca7

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

dinput

DirectInputCreateEx
DirectInputCreateW
DirectInputCreateA

kernel32

ReadFile
lstrcpynA
WriteFile
UnmapViewOfFile
CloseHandle
ExitProcess
FreeResource
GetModuleHandleA
LeaveCriticalSection
LoadResource
OpenFile
SleepEx

ole32

OleInitialize
CreateStreamOnHGlobal
CreateFileMoniker
RegisterDragDrop
OleUninitialize
CreateDataAdviseHolder
CoFileTimeNow
CoGetClassObject
CoUninitialize
CoInitialize
CoRevokeClassObject
CoCreateInstance

dsound

DirectSoundCaptureEnumerateW
DirectSoundCaptureEnumerateA
DirectSoundCaptureCreate8
DirectSoundEnumerateW

user32

OemToCharW
MessageBoxIndirectA
LoadMenuA
CreateIcon
LoadIconA
IsCharLowerA
CopyRect
GetDlgItem
GetCursor
DispatchMessageA
DestroyCaret
DefDlgProcA
CreateIconFromResource
OffsetRect
CharUpperA
CharToOemBuffA
CharLowerA
BeginPaint
GetFocus
CharNextA

shell32

SHFileOperationA
Shell_NotifyIconA
ShellExecuteW
ShellExecuteExW
ShellExecuteExA
ShellExecuteA
SHGetPathFromIDListA
SHGetMalloc
SHGetFileInfoA
SHGetDesktopFolder
SHBindToParent

msvfw32

DrawDibStop
DrawDibEnd
ICCompressorChoose
MCIWndCreateA
DrawDibDraw

Sections

.text
Size: 30KB - Virtual size: 32KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 17KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 7KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a6632ad87cfeb5209be57afcda593ca7

Headers

File Characteristics

Imports

dinput

kernel32

ole32

dsound

user32

shell32

msvfw32

Sections

.text Size: 30KB - Virtual size: 32KB

.rdata Size: 17KB - Virtual size: 20KB

.data Size: 7KB - Virtual size: 8KB

.idata Size: 2KB - Virtual size: 4KB

.rsrc Size: 8KB - Virtual size: 8KB

.text
Size: 30KB - Virtual size: 32KB

.rdata
Size: 17KB - Virtual size: 20KB

.data
Size: 7KB - Virtual size: 8KB

.idata
Size: 2KB - Virtual size: 4KB

.rsrc
Size: 8KB - Virtual size: 8KB