480f5c4083c00b6b4793c76211d014ee_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

480f5c4083c00b6b4793c76211d014ee_JaffaCakes118
Size

173KB
MD5

480f5c4083c00b6b4793c76211d014ee
SHA1

397b9626ffc14adeea60923ff8da52f0b335075e
SHA256

d5ae43181c7b2f7ed3df61a9934e4044ba46933216d43bf32ea9c1b19851e1ea
SHA512

0e8a7e1108d54f94fba31abca31a7ac76b2a30e7e3c4bd69e992d6f823b4893db104d0f729967c938f766ed3af31f48eae70aa775fba9188c89d3d5cc9c3baf0
SSDEEP

3072:CvSdqV1ETuK98dtGL1v4Ss6JGnzXJEyHWazF0FrQN/irHK7Um9OFGk7XtjnqtpUo:CKIdML1v4R6MzJbH9h0WN6rHKAm0FltM

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
480f5c4083c00b6b4793c76211d014ee_JaffaCakes118

Files

480f5c4083c00b6b4793c76211d014ee_JaffaCakes118
.exe windows:4 windows x86 arch:x86

2401dc4df8dfaaf904396515f5631df8

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_DEBUG_STRIPPED

Imports

gdi32

DeleteDC
EnumFontFamiliesExA
SaveDC
GetDeviceCaps
SetBkMode
CreateRectRgn
Rectangle
GetStockObject
CreateSolidBrush
SetTextColor
BitBlt
TextOutA
GetTextExtentPoint32A
DeleteMetaFile
SelectObject
CreateCompatibleDC
CreateFontIndirectA
GetObjectA
DeleteObject
RestoreDC
CreateCompatibleBitmap

advapi32

RegOpenKeyExA
RegEnumKeyExA
RegCreateKeyExA
RegQueryValueExA
RegDeleteKeyA
RegOpenKeyA
RegCloseKey
RegSetValueExA

user32

MoveWindow
LoadCursorA
SetWindowLongA
GetWindowInfo
GetSysColor
GetDlgItem
SetCursor
SetWindowPos
GetDC
FillRect
IsWindow
GetWindowLongA
ReleaseDC
ReleaseCapture
SetCapture

ole32

CoTaskMemFree
ProgIDFromCLSID
StringFromCLSID

version

GetFileVersionInfoA
VerQueryValueA
GetFileVersionInfoSizeA

shell32

SHGetMalloc
SHGetPathFromIDListA
SHGetSpecialFolderLocation

kernel32

SetTapePosition
GetVersion
ClearCommError
FindClose
GetCurrentProcessId
Sleep
EnumResourceNamesA
GetWindowsDirectoryA
FatalExit
InterlockedExchange
GetLocalTime
FindFirstFileA

winmm

mciSendCommandA
sndPlaySoundA

oleacc

LresultFromObject
CreateStdAccessibleObject

Sections

.text
Size: 141KB - Virtual size: 141KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 28KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.lib
Size: 512B - Virtual size: 80KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

2401dc4df8dfaaf904396515f5631df8

Headers

File Characteristics

Imports

gdi32

advapi32

user32

ole32

version

shell32

kernel32

winmm

oleacc

Sections

.text Size: 141KB - Virtual size: 141KB

.rdata Size: 2KB - Virtual size: 2KB

.data Size: 28KB - Virtual size: 27KB

.lib Size: 512B - Virtual size: 80KB

.text
Size: 141KB - Virtual size: 141KB

.rdata
Size: 2KB - Virtual size: 2KB

.data
Size: 28KB - Virtual size: 27KB

.lib
Size: 512B - Virtual size: 80KB