375ef2b7e349561ae8eee45f7c762c3e_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

375ef2b7e349561ae8eee45f7c762c3e_JaffaCakes118
Size

188KB
MD5

375ef2b7e349561ae8eee45f7c762c3e
SHA1

9d872ac32a401137c53fe4a6da8beb07e793028a
SHA256

681fe7dd2d3f8c05196ecabfcf5cafe03bf1795cef2f0821a7bb0dc1ed6d19d4
SHA512

c859605bc9f7a0be4dc1fdd826d61ebb693c7f252fe44ef58fa6666c61760575199a36032ec8ea077fad5e732e23a795c1551a5cdf0dec8fcbfe3dea7f11480f
SSDEEP

3072:QTSaJ22Emo4VEY7Ia6Cc9GGlVPNmRqKt3rDoRaSTZ8fMZYr2XYDokydjfksS6tpv:GSaJPEmo4WuV/c9lP4PtDXmZBZYqQobP

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
375ef2b7e349561ae8eee45f7c762c3e_JaffaCakes118

Files

375ef2b7e349561ae8eee45f7c762c3e_JaffaCakes118
.exe windows:4 windows x86 arch:x86

d613cbe6e61dfdbcde12c30ecead8b8e

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

SetTapeParameters
GetCurrentProcessId
ClearCommError
FindClose
Sleep
GetVersion
InterlockedExchange
EnumResourceNamesA
GetLocalTime
ExitProcess
GetWindowsDirectoryA
FindFirstFileA

shell32

SHGetPathFromIDListA
SHGetMalloc
SHGetSpecialFolderLocation

advapi32

RegDeleteKeyA
RegCreateKeyExA
RegEnumKeyExA
RegOpenKeyA
RegOpenKeyExA
RegQueryValueExA
RegCloseKey
RegSetValueExA

gdi32

DeleteObject
CreateFontIndirectA
GetStockObject
BitBlt
GetDeviceCaps
SelectObject
SetTextColor
EnumFontFamiliesExA
DeleteMetaFile
GetTextExtentPoint32A
SaveDC
Rectangle
SetBkMode
TextOutA
CreateRectRgn
GetObjectA
CreateSolidBrush
CreateCompatibleDC
DeleteDC
RestoreDC
CreateCompatibleBitmap

user32

GetSysColor
SetCursor
SetWindowPos
GetDC
FillRect
GetWindowInfo
GetWindowLongA
SetWindowLongA
MoveWindow
LoadCursorA
ReleaseDC
IsWindow
GetDlgItem
ReleaseCapture
SetCapture

oleacc

LresultFromObject
CreateStdAccessibleObject

ole32

ProgIDFromCLSID
CoTaskMemFree
StringFromCLSID

winmm

mciSendCommandA
sndPlaySoundA

version

GetFileVersionInfoA
VerQueryValueA
GetFileVersionInfoSizeA

Sections

.text
Size: 159KB - Virtual size: 159KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 25KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.lib
Size: 512B - Virtual size: 356KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d613cbe6e61dfdbcde12c30ecead8b8e

Headers

File Characteristics

Imports

kernel32

shell32

advapi32

gdi32

user32

oleacc

ole32

winmm

version

Sections

.text Size: 159KB - Virtual size: 159KB

.rdata Size: 2KB - Virtual size: 2KB

.data Size: 25KB - Virtual size: 24KB

.lib Size: 512B - Virtual size: 356KB

.text
Size: 159KB - Virtual size: 159KB

.rdata
Size: 2KB - Virtual size: 2KB

.data
Size: 25KB - Virtual size: 24KB

.lib
Size: 512B - Virtual size: 356KB