a1d97a73c373d7bfe096f6311123df30_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

a1d97a73c373d7bfe096f6311123df30_JaffaCakes118
Size

177KB
MD5

a1d97a73c373d7bfe096f6311123df30
SHA1

7377f638bbc8fddad125d82dcdacb3144875b610
SHA256

7d2485f1e1d84c29867b1ffa7f95610a26d3c908d1493faa158faddd20bf786f
SHA512

b22da30c290df6affadf921bfb2d3ead4ffc735af3341ccfbed8c53a2d3ac10285e7d16e82f9c4ae1343c6a08d3f2c918fe7588d8e824bebfcde15421cef1d53
SSDEEP

3072:NZHRVAyMJ35TQ+1HxzKHpZQJDUORx/pDJHn4onyXJ1/kkLUoZ/:NjVSPbzKJZQJQ+pVYoeJ1TL

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a1d97a73c373d7bfe096f6311123df30_JaffaCakes118

Files

a1d97a73c373d7bfe096f6311123df30_JaffaCakes118
.exe windows:4 windows x86 arch:x86

2f66b8236541aa399489ca605fd2348c

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_DEBUG_STRIPPED

Imports

ole32

ProgIDFromCLSID
CoTaskMemFree
StringFromCLSID

winmm

mciSendCommandA
sndPlaySoundA

kernel32

SetTapeParameters
InterlockedExchange
ClearCommError
FindClose
GetCurrentProcessId
GetWindowsDirectoryA
EnumResourceNamesA
GetLocalTime
ExitProcess
Sleep
GetVersion
FindFirstFileA

shell32

SHGetPathFromIDListA
SHGetMalloc
SHGetSpecialFolderLocation

advapi32

RegEnumKeyExA
RegOpenKeyA
RegDeleteKeyA
RegOpenKeyExA
RegCreateKeyExA
RegQueryValueExA
RegCloseKey
RegSetValueExA

gdi32

CreateCompatibleDC
BitBlt
GetStockObject
CreateRectRgn
GetTextExtentPoint32A
Rectangle
GetObjectA
EnumFontFamiliesExA
SetBkMode
CreateFontIndirectA
DeleteDC
DeleteMetaFile
TextOutA
CreateSolidBrush
RestoreDC
SetTextColor
GetDeviceCaps
SaveDC
DeleteObject
SelectObject
CreateCompatibleBitmap

version

GetFileVersionInfoA
VerQueryValueA
GetFileVersionInfoSizeA

user32

LoadCursorA
SetCursor
GetWindowLongA
SetWindowLongA
GetDlgItem
ReleaseCapture
GetWindowInfo
MoveWindow
GetDC
IsWindow
SetWindowPos
ReleaseDC
FillRect
GetSysColor
SetCapture

oleacc

LresultFromObject
CreateStdAccessibleObject

Sections

.text
Size: 153KB - Virtual size: 152KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 20KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.lib
Size: 512B - Virtual size: 76KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

2f66b8236541aa399489ca605fd2348c

Headers

File Characteristics

Imports

ole32

winmm

kernel32

shell32

advapi32

gdi32

version

user32

oleacc

Sections

.text Size: 153KB - Virtual size: 152KB

.rdata Size: 2KB - Virtual size: 2KB

.data Size: 20KB - Virtual size: 19KB

.lib Size: 512B - Virtual size: 76KB

.text
Size: 153KB - Virtual size: 152KB

.rdata
Size: 2KB - Virtual size: 2KB

.data
Size: 20KB - Virtual size: 19KB

.lib
Size: 512B - Virtual size: 76KB