9cda6cfd67bb1adea609a7529ff5f279_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

9cda6cfd67bb1adea609a7529ff5f279_JaffaCakes118
Size

173KB
MD5

9cda6cfd67bb1adea609a7529ff5f279
SHA1

fb10ec9626b75287188c7b9ab3b843cc0300dc09
SHA256

cf57c75e84e9657a73f4f4a6c92b5a2acc8564c3c036c8c81835b5693b470ed4
SHA512

fb5cbaf294056c74b01ae326e2a986d7a1e794b8ba8bc1325448341229409fb665873ad2fb81773182615e98a4efdbc1e403ede6ee8c8bf5dae491b1a12204af
SSDEEP

3072:CvSdqV1ETuK98dtGL1v4Ss6JGnzXJEyHWazF0FrQN/irHK7Um9OFGk7XtjnqtpUo:CKIdML1v4R6MzJbH9h0WN6rHKAm0FltM

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
9cda6cfd67bb1adea609a7529ff5f279_JaffaCakes118

Files

9cda6cfd67bb1adea609a7529ff5f279_JaffaCakes118
.exe windows:4 windows x86 arch:x86

2401dc4df8dfaaf904396515f5631df8

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_DEBUG_STRIPPED

Imports

gdi32

DeleteDC
EnumFontFamiliesExA
SaveDC
GetDeviceCaps
SetBkMode
CreateRectRgn
Rectangle
GetStockObject
CreateSolidBrush
SetTextColor
BitBlt
TextOutA
GetTextExtentPoint32A
DeleteMetaFile
SelectObject
CreateCompatibleDC
CreateFontIndirectA
GetObjectA
DeleteObject
RestoreDC
CreateCompatibleBitmap

advapi32

RegOpenKeyExA
RegEnumKeyExA
RegCreateKeyExA
RegQueryValueExA
RegDeleteKeyA
RegOpenKeyA
RegCloseKey
RegSetValueExA

user32

MoveWindow
LoadCursorA
SetWindowLongA
GetWindowInfo
GetSysColor
GetDlgItem
SetCursor
SetWindowPos
GetDC
FillRect
IsWindow
GetWindowLongA
ReleaseDC
ReleaseCapture
SetCapture

ole32

CoTaskMemFree
ProgIDFromCLSID
StringFromCLSID

version

GetFileVersionInfoA
VerQueryValueA
GetFileVersionInfoSizeA

shell32

SHGetMalloc
SHGetPathFromIDListA
SHGetSpecialFolderLocation

kernel32

SetTapePosition
GetVersion
ClearCommError
FindClose
GetCurrentProcessId
Sleep
EnumResourceNamesA
GetWindowsDirectoryA
FatalExit
InterlockedExchange
GetLocalTime
FindFirstFileA

winmm

mciSendCommandA
sndPlaySoundA

oleacc

LresultFromObject
CreateStdAccessibleObject

Sections

.text
Size: 141KB - Virtual size: 141KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 28KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.lib
Size: 512B - Virtual size: 80KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

2401dc4df8dfaaf904396515f5631df8

Headers

File Characteristics

Imports

gdi32

advapi32

user32

ole32

version

shell32

kernel32

winmm

oleacc

Sections

.text Size: 141KB - Virtual size: 141KB

.rdata Size: 2KB - Virtual size: 2KB

.data Size: 28KB - Virtual size: 27KB

.lib Size: 512B - Virtual size: 80KB

.text
Size: 141KB - Virtual size: 141KB

.rdata
Size: 2KB - Virtual size: 2KB

.data
Size: 28KB - Virtual size: 27KB

.lib
Size: 512B - Virtual size: 80KB