afc0b19317abebe44158ada6a68c9a17_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

afc0b19317abebe44158ada6a68c9a17_JaffaCakes118
Size

179KB
MD5

afc0b19317abebe44158ada6a68c9a17
SHA1

f1b5ac816261357bd913f2271fe2f37b62a8f44d
SHA256

1bc1fb0a2519915403eeab75d6c8286a339a26446378af42e14cb482c2ec08a5
SHA512

8bd92578247403bc4d1fec14ca94a1d2db51440953d46922a6ddd22c60e4819c85703dd495c479cf9ccaa2b3bb59378572f58a3bb313329a8d17257893ad47e9
SSDEEP

3072:lIotXDNcWCAV1yq5a459SF52TqlaeJTjvAqFwT:lIUXDeqvyTiSR3jvVF

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
afc0b19317abebe44158ada6a68c9a17_JaffaCakes118

Files

afc0b19317abebe44158ada6a68c9a17_JaffaCakes118
.exe windows:4 windows x86 arch:x86

831e3302ac3a42ad2d5e83905cc16b3a

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_DEBUG_STRIPPED

Imports

oleacc

LresultFromObject
CreateStdAccessibleObject

version

VerQueryValueA
GetFileVersionInfoA
GetFileVersionInfoSizeA

kernel32

SetTapeParameters
GetVersion
ClearCommError
Sleep
GetCurrentProcessId
InterlockedExchange
EnumResourceNamesA
GetLocalTime
GetWindowsDirectoryA
ExitProcess
FindClose
FindFirstFileA

ole32

CoTaskMemFree
ProgIDFromCLSID
StringFromCLSID

shell32

SHGetPathFromIDListA
SHGetMalloc
SHGetSpecialFolderLocation

user32

IsWindow
GetSysColor
GetWindowLongA
LoadCursorA
MoveWindow
GetDC
ReleaseDC
GetWindowInfo
SetWindowLongA
ReleaseCapture
GetDlgItem
SetWindowPos
FillRect
SetCursor
SetCapture

gdi32

DeleteMetaFile
GetObjectA
CreateFontIndirectA
Rectangle
SetTextColor
DeleteDC
DeleteObject
CreateSolidBrush
SetBkMode
BitBlt
RestoreDC
TextOutA
SelectObject
GetDeviceCaps
EnumFontFamiliesExA
SaveDC
CreateRectRgn
CreateCompatibleDC
GetStockObject
GetTextExtentPoint32A
CreateCompatibleBitmap

advapi32

RegOpenKeyA
RegEnumKeyExA
RegDeleteKeyA
RegQueryValueExA
RegCreateKeyExA
RegOpenKeyExA
RegCloseKey
RegSetValueExA

winmm

mciSendCommandA
sndPlaySoundA

Sections

.text
Size: 154KB - Virtual size: 153KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 21KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.lib
Size: 512B - Virtual size: 76KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

831e3302ac3a42ad2d5e83905cc16b3a

Headers

File Characteristics

Imports

oleacc

version

kernel32

ole32

shell32

user32

gdi32

advapi32

winmm

Sections

.text Size: 154KB - Virtual size: 153KB

.rdata Size: 2KB - Virtual size: 2KB

.data Size: 21KB - Virtual size: 21KB

.lib Size: 512B - Virtual size: 76KB

.text
Size: 154KB - Virtual size: 153KB

.rdata
Size: 2KB - Virtual size: 2KB

.data
Size: 21KB - Virtual size: 21KB

.lib
Size: 512B - Virtual size: 76KB