4ab43cb00d6a42457e54c4b2f7fa06c8_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

4ab43cb00d6a42457e54c4b2f7fa06c8_JaffaCakes118
Size

180KB
MD5

4ab43cb00d6a42457e54c4b2f7fa06c8
SHA1

cfb071f070349d69ae0ab44087d9a4f73da90b08
SHA256

d2975f2001a203288f886c1d4658ea259a5b503e2a208cae7ce7ccd8edd6d24e
SHA512

241db07d67c06d75c0c0c70111f3c41199bb4f719e54896bde77afead635fea632abdbae808883034c9ed7c149a243afd61d15e4b3935c9fd59da06ca9b82ca3
SSDEEP

3072:6CJ9hL38oNg7mrC3vUIgZxu9/ZNR33/2U7vvosyJqN:6CJ9J3n3W3ngZxE3/DN

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4ab43cb00d6a42457e54c4b2f7fa06c8_JaffaCakes118

Files

4ab43cb00d6a42457e54c4b2f7fa06c8_JaffaCakes118
.exe windows:4 windows x86 arch:x86

010ea2fc28837c7304e99a7dd6360657

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

SetTapeParameters
GetCurrentProcessId
ClearCommError
Sleep
GetLocalTime
GetVersion
FindClose
EnumResourceNamesA
GetWindowsDirectoryA
ExitProcess
InterlockedExchange
FindFirstFileA

user32

IsWindow
GetDlgItem
ReleaseCapture
GetWindowInfo
GetSysColor
SetWindowPos
ReleaseDC
MoveWindow
SetCursor
LoadCursorA
FillRect
SetWindowLongA
GetDC
GetWindowLongA
SetCapture

oleacc

LresultFromObject
CreateStdAccessibleObject

shell32

SHGetPathFromIDListA
SHGetMalloc
SHGetSpecialFolderLocation

winmm

mciSendCommandA
sndPlaySoundA

ole32

CoTaskMemFree
ProgIDFromCLSID
StringFromCLSID

advapi32

RegCloseKey
RegEnumKeyExA
RegDeleteKeyA
RegOpenKeyA
RegQueryValueExA
RegOpenKeyExA
RegCreateKeyExA
RegSetValueExA

gdi32

DeleteMetaFile
SaveDC
SetTextColor
BitBlt
Rectangle
DeleteObject
CreateSolidBrush
GetTextExtentPoint32A
GetStockObject
GetDeviceCaps
CreateFontIndirectA
CreateCompatibleDC
EnumFontFamiliesExA
CreateRectRgn
TextOutA
SetBkMode
RestoreDC
DeleteDC
SelectObject
GetObjectA
CreateCompatibleBitmap

version

VerQueryValueA
GetFileVersionInfoA
GetFileVersionInfoSizeA

Sections

.text
Size: 155KB - Virtual size: 154KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 21KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.lib
Size: 512B - Virtual size: 76KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

010ea2fc28837c7304e99a7dd6360657

Headers

File Characteristics

Imports

kernel32

user32

oleacc

shell32

winmm

ole32

advapi32

gdi32

version

Sections

.text Size: 155KB - Virtual size: 154KB

.rdata Size: 2KB - Virtual size: 2KB

.data Size: 21KB - Virtual size: 20KB

.lib Size: 512B - Virtual size: 76KB

.text
Size: 155KB - Virtual size: 154KB

.rdata
Size: 2KB - Virtual size: 2KB

.data
Size: 21KB - Virtual size: 20KB

.lib
Size: 512B - Virtual size: 76KB