2702fbb7d369022c12f5f8b3b9ca4e38_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

2702fbb7d369022c12f5f8b3b9ca4e38_JaffaCakes118
Size

198KB
MD5

2702fbb7d369022c12f5f8b3b9ca4e38
SHA1

cf0cc056e346fec17dd3f81b6ddc64433f63d376
SHA256

a0f7f466c5a13b3ea41768b024fa10714b8d45ee9d79f681e063884eeae0f6a8
SHA512

2246340594894b871ff19cdab9e8aab6542e6fcc6ed73bd9c2fbf6b22a53c64b6aab3fb1b504869e9d91709af915ec385839e154788287fdcf5f13975a9b1ba2
SSDEEP

3072:EneBdWhS/bT2OluVmTBjA75BDCKahMANLzq4LblqQbd7MTZO7trGNnYH7ieewPiD:bBdWs/emnhMOztLBqMNG9wOYinzFeW

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2702fbb7d369022c12f5f8b3b9ca4e38_JaffaCakes118

Files

2702fbb7d369022c12f5f8b3b9ca4e38_JaffaCakes118
.exe windows:4 windows x86 arch:x86

05fa2a6b5bf3a39d2539568c4bbefd24

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

SetTapePosition
GetWindowsDirectoryA
ClearCommError
GetVersion
GetLocalTime
GetCurrentProcessId
InterlockedExchange
EnumResourceNamesA
FindClose
FatalExit
Sleep
FindFirstFileA

user32

GetSysColor
SetWindowPos
FillRect
LoadCursorA
IsWindow
GetDC
SetWindowLongA
GetDlgItem
ReleaseCapture
MoveWindow
ReleaseDC
GetWindowLongA
SetCursor
GetWindowInfo
SetCapture

oleacc

LresultFromObject
CreateStdAccessibleObject

shell32

SHGetPathFromIDListA
SHGetMalloc
SHGetSpecialFolderLocation

gdi32

DeleteObject
EnumFontFamiliesExA
CreateCompatibleDC
TextOutA
CreateRectRgn
BitBlt
Rectangle
CreateFontIndirectA
SetTextColor
GetDeviceCaps
SetBkMode
DeleteDC
GetStockObject
RestoreDC
GetTextExtentPoint32A
CreateSolidBrush
SaveDC
DeleteMetaFile
GetObjectA
SelectObject
CreateCompatibleBitmap

advapi32

RegCreateKeyExA
RegOpenKeyA
RegCloseKey
RegEnumKeyExA
RegQueryValueExA
RegDeleteKeyA
RegOpenKeyExA
RegSetValueExA

version

GetFileVersionInfoA
VerQueryValueA
GetFileVersionInfoSizeA

ole32

ProgIDFromCLSID
CoTaskMemFree
StringFromCLSID

winmm

mciSendCommandA
sndPlaySoundA

Sections

.text
Size: 164KB - Virtual size: 163KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 30KB - Virtual size: 29KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.lib
Size: 512B - Virtual size: 104KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

05fa2a6b5bf3a39d2539568c4bbefd24

Headers

File Characteristics

Imports

kernel32

user32

oleacc

shell32

gdi32

advapi32

version

ole32

winmm

Sections

.text Size: 164KB - Virtual size: 163KB

.rdata Size: 2KB - Virtual size: 2KB

.data Size: 30KB - Virtual size: 29KB

.lib Size: 512B - Virtual size: 104KB

.text
Size: 164KB - Virtual size: 163KB

.rdata
Size: 2KB - Virtual size: 2KB

.data
Size: 30KB - Virtual size: 29KB

.lib
Size: 512B - Virtual size: 104KB