5598ba36f17be2e32d76786eb2d8474a_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

5598ba36f17be2e32d76786eb2d8474a_JaffaCakes118
Size

199KB
MD5

5598ba36f17be2e32d76786eb2d8474a
SHA1

4391ed5a2f656e35e8ffaa40a21ba622ea405142
SHA256

7a52f54bfacd9c43e02049505a7379a4ada349dc8b460cd7ae31969f5387e69b
SHA512

48d1cf644591e299b9168e82c1bc443aad1cac1711b562ee0c9c94ca6bdfebb6641ff51156fa34b47bcf898cde4a822d733543733c69921c7bc9c40f80c30007
SSDEEP

6144:USEdY7+LKg2ZQM1zoZdX96EwWGCMljF93D6dpdT:PE2ZZoZz6E/kjbzkT

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5598ba36f17be2e32d76786eb2d8474a_JaffaCakes118

Files

5598ba36f17be2e32d76786eb2d8474a_JaffaCakes118
.exe windows:4 windows x86 arch:x86

b84fc3d2e3cff3830f0d321b81bc83c8

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_DEBUG_STRIPPED

Imports

version

VerQueryValueA
GetFileVersionInfoA
GetFileVersionInfoSizeA

oleacc

LresultFromObject
CreateStdAccessibleObject

ole32

ProgIDFromCLSID
CoTaskMemFree
StringFromCLSID

gdi32

SaveDC
CreateCompatibleDC
DeleteDC
CreateRectRgn
EnumFontFamiliesExA
GetTextExtentPoint32A
CreateSolidBrush
GetDeviceCaps
CreateFontIndirectA
DeleteMetaFile
SetTextColor
RestoreDC
DeleteObject
BitBlt
Rectangle
GetObjectA
SelectObject
GetStockObject
TextOutA
SetBkMode
CreateCompatibleBitmap

advapi32

RegQueryValueExA
RegOpenKeyA
RegDeleteKeyA
RegCloseKey
RegOpenKeyExA
RegEnumKeyExA
RegCreateKeyExA
RegSetValueExA

kernel32

SetTapeParameters
GetWindowsDirectoryA
ClearCommError
GetCurrentProcessId
Sleep
GetLocalTime
FindClose
EnumResourceNamesA
GetVersion
ExitProcess
InterlockedExchange
FindFirstFileA

user32

SetWindowLongA
GetWindowLongA
GetWindowInfo
GetDC
FillRect
MoveWindow
ReleaseCapture
LoadCursorA
GetDlgItem
SetWindowPos
IsWindow
SetCursor
ReleaseDC
GetSysColor
SetCapture

shell32

SHGetMalloc
SHGetPathFromIDListA
SHGetSpecialFolderLocation

winmm

mciSendCommandA
sndPlaySoundA

Sections

.text
Size: 169KB - Virtual size: 168KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 26KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.lib
Size: 512B - Virtual size: 100KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b84fc3d2e3cff3830f0d321b81bc83c8

Headers

File Characteristics

Imports

version

oleacc

ole32

gdi32

advapi32

kernel32

user32

shell32

winmm

Sections

.text Size: 169KB - Virtual size: 168KB

.rdata Size: 2KB - Virtual size: 2KB

.data Size: 26KB - Virtual size: 26KB

.lib Size: 512B - Virtual size: 100KB

.text
Size: 169KB - Virtual size: 168KB

.rdata
Size: 2KB - Virtual size: 2KB

.data
Size: 26KB - Virtual size: 26KB

.lib
Size: 512B - Virtual size: 100KB