8ab1c7c046ad031e8a5702c8d2afac18_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

8ab1c7c046ad031e8a5702c8d2afac18_JaffaCakes118
Size

192KB
MD5

8ab1c7c046ad031e8a5702c8d2afac18
SHA1

b5198a299de3df0a9e1ef4bd161760e3319b991e
SHA256

17b0be1cf772b80139f4b1b429fa33105c73020ad47da7206586ec69e32bb3f5
SHA512

6b57b7ef9d9f1a8e73a1379078aef9dea9b770ade780ab134685d85c8057357db7b7b673aeaf0cbb7ce3d4f1e5c192e3ef39aa25e98c073ed8275c6eb6a10f0c
SSDEEP

3072:CgIUkEId9mBXyPMr49tKsiX8ogAICwgfBVpwrACgo3cZk6yZ/Ab9tvEK8u17rkps:wUk8gY4tKr8XAIiZ/QcZBytAb9aMYe1

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8ab1c7c046ad031e8a5702c8d2afac18_JaffaCakes118

Files

8ab1c7c046ad031e8a5702c8d2afac18_JaffaCakes118
.exe windows:4 windows x86 arch:x86

406600688c7cc4362b1020b99270e7dd

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_DEBUG_STRIPPED

Imports

version

GetFileVersionInfoA
VerQueryValueA
GetFileVersionInfoSizeA

ole32

CoTaskMemFree
ProgIDFromCLSID
StringFromCLSID

kernel32

SetTapeParameters
InterlockedExchange
ClearCommError
Sleep
GetCurrentProcessId
GetWindowsDirectoryA
EnumResourceNamesA
GetLocalTime
FindClose
ExitProcess
GetVersion
FindFirstFileA

user32

SetWindowPos
SetWindowLongA
ReleaseCapture
GetWindowInfo
SetCursor
GetWindowLongA
GetDC
MoveWindow
ReleaseDC
IsWindow
GetSysColor
LoadCursorA
FillRect
GetDlgItem
SetCapture

winmm

mciSendCommandA
sndPlaySoundA

shell32

SHGetMalloc
SHGetPathFromIDListA
SHGetSpecialFolderLocation

gdi32

RestoreDC
CreateSolidBrush
SelectObject
TextOutA
SaveDC
SetTextColor
Rectangle
GetObjectA
GetTextExtentPoint32A
CreateCompatibleDC
GetStockObject
BitBlt
CreateRectRgn
SetBkMode
CreateFontIndirectA
DeleteDC
EnumFontFamiliesExA
GetDeviceCaps
DeleteMetaFile
DeleteObject
CreateCompatibleBitmap

advapi32

RegOpenKeyExA
RegCreateKeyExA
RegDeleteKeyA
RegQueryValueExA
RegOpenKeyA
RegCloseKey
RegEnumKeyExA
RegSetValueExA

oleacc

LresultFromObject
CreateStdAccessibleObject

Sections

.text
Size: 164KB - Virtual size: 163KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 24KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.lib
Size: 512B - Virtual size: 232KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

406600688c7cc4362b1020b99270e7dd

Headers

File Characteristics

Imports

version

ole32

kernel32

user32

winmm

shell32

gdi32

advapi32

oleacc

Sections

.text Size: 164KB - Virtual size: 163KB

.rdata Size: 2KB - Virtual size: 2KB

.data Size: 24KB - Virtual size: 23KB

.lib Size: 512B - Virtual size: 232KB

.text
Size: 164KB - Virtual size: 163KB

.rdata
Size: 2KB - Virtual size: 2KB

.data
Size: 24KB - Virtual size: 23KB

.lib
Size: 512B - Virtual size: 232KB