308daf7217beee0a6ba9fd0eab8faa42_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

308daf7217beee0a6ba9fd0eab8faa42_JaffaCakes118
Size

178KB
MD5

308daf7217beee0a6ba9fd0eab8faa42
SHA1

ebc98acb37aef5820c5e701011ffe610a561fed6
SHA256

7d2a2be3656b0b6c21d5a8d021e034e7690d0781299179672f9d4b80a852d769
SHA512

5bc457edf54dfdadc5671d14f8d6df7754fecda505480009a4b748569f649f6fbfc206dd3cadd8622d30e1f15333e96835eec9abb971e7b219ead1fb63236f4f
SSDEEP

3072:97B9kcuss1TrYHXtzVNho+opqRTj6dQ5TONpYzqF9or0/L9U9BR2RD4oXl+7WI:ZHuJrIforpqRCdQRYp45IzsmdV+R

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/muzyika__na_teplohode_muzyika_igraet.exe

Files

308daf7217beee0a6ba9fd0eab8faa42_JaffaCakes118
.zip
muzyika__na_teplohode_muzyika_igraet.exe
.exe windows:4 windows x86 arch:x86

5cc99798277b0bbaeeddeb9eee21ce60

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetStartupInfoW
VirtualAlloc
LoadLibraryA

user32

LoadIconA
LoadCursorW
LoadCursorA

msvcrt

__argv
toupper
_ftol
__getmainargs
_acmdln
exit
_cexit
_XcptFilter
_exit
_c_exit
strncpy
_controlfp
__set_app_type
__p__fmode

advapi32

RegOpenKeyA
RegQueryValueExW

Sections

.data
Size: 1024B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata52
Size: 30KB - Virtual size: 30KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata51
Size: 1024B - Virtual size: 1000B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata5
Size: 184KB - Virtual size: 184KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

ggg11
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

ggg10
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

ggg9
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

ggg8
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

ggg7
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

ggg6
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_READ

.rsrc
Size: 49KB - Virtual size: 48KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 48KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
readme.txt

Sharing

General

Malware Config

Signatures

Files

5cc99798277b0bbaeeddeb9eee21ce60

Headers

File Characteristics

Imports

kernel32

user32

msvcrt

advapi32

Sections

.data Size: 1024B - Virtual size: 1KB

.rdata52 Size: 30KB - Virtual size: 30KB

.rdata51 Size: 1024B - Virtual size: 1000B

.rdata5 Size: 184KB - Virtual size: 184KB

.text Size: 4KB - Virtual size: 3KB

ggg11 Size: 2KB - Virtual size: 1KB

ggg10 Size: 2KB - Virtual size: 1KB

ggg9 Size: 2KB - Virtual size: 1KB

ggg8 Size: 2KB - Virtual size: 1KB

ggg7 Size: 2KB - Virtual size: 1KB

ggg6 Size: 2KB - Virtual size: 2KB

.rsrc Size: 49KB - Virtual size: 48KB

.reloc Size: 512B - Virtual size: 48KB

.data
Size: 1024B - Virtual size: 1KB

.rdata52
Size: 30KB - Virtual size: 30KB

.rdata51
Size: 1024B - Virtual size: 1000B

.rdata5
Size: 184KB - Virtual size: 184KB

.text
Size: 4KB - Virtual size: 3KB

ggg11
Size: 2KB - Virtual size: 1KB

ggg10
Size: 2KB - Virtual size: 1KB

ggg9
Size: 2KB - Virtual size: 1KB

ggg8
Size: 2KB - Virtual size: 1KB

ggg7
Size: 2KB - Virtual size: 1KB

ggg6
Size: 2KB - Virtual size: 2KB

.rsrc
Size: 49KB - Virtual size: 48KB

.reloc
Size: 512B - Virtual size: 48KB