d843ed7797a1b6badb49e470fc1c3bf5_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

d843ed7797a1b6badb49e470fc1c3bf5_JaffaCakes118
Size

188KB
MD5

d843ed7797a1b6badb49e470fc1c3bf5
SHA1

52677bf39bf135cc1ba20bf977a9d7a66380a275
SHA256

bcc0d4497e6ac32a89d86f2c74576f8e9d6b0fb2c2cc1de9c990da62efbf0c4d
SHA512

52ccc0c1f91c3fa40792b6de56739d06841970b05545a95b1def99c7ff19d110fc461ccc50f6d0362f4787944d8e7c34067d9ac3b14850affed251e1e1ebc7c0
SSDEEP

3072:QTSaJ22Emo4VEY7Ia6Cc9GGlVPNmRqKt3rDoRaSTZ8fMZYr2XYDokydjfksS6tpv:GSaJPEmo4WuV/c9lP4PtDXmZBZYqQobP

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d843ed7797a1b6badb49e470fc1c3bf5_JaffaCakes118

Files

d843ed7797a1b6badb49e470fc1c3bf5_JaffaCakes118
.exe windows:4 windows x86 arch:x86

d613cbe6e61dfdbcde12c30ecead8b8e

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

SetTapeParameters
GetCurrentProcessId
ClearCommError
FindClose
Sleep
GetVersion
InterlockedExchange
EnumResourceNamesA
GetLocalTime
ExitProcess
GetWindowsDirectoryA
FindFirstFileA

shell32

SHGetPathFromIDListA
SHGetMalloc
SHGetSpecialFolderLocation

advapi32

RegDeleteKeyA
RegCreateKeyExA
RegEnumKeyExA
RegOpenKeyA
RegOpenKeyExA
RegQueryValueExA
RegCloseKey
RegSetValueExA

gdi32

DeleteObject
CreateFontIndirectA
GetStockObject
BitBlt
GetDeviceCaps
SelectObject
SetTextColor
EnumFontFamiliesExA
DeleteMetaFile
GetTextExtentPoint32A
SaveDC
Rectangle
SetBkMode
TextOutA
CreateRectRgn
GetObjectA
CreateSolidBrush
CreateCompatibleDC
DeleteDC
RestoreDC
CreateCompatibleBitmap

user32

GetSysColor
SetCursor
SetWindowPos
GetDC
FillRect
GetWindowInfo
GetWindowLongA
SetWindowLongA
MoveWindow
LoadCursorA
ReleaseDC
IsWindow
GetDlgItem
ReleaseCapture
SetCapture

oleacc

LresultFromObject
CreateStdAccessibleObject

ole32

ProgIDFromCLSID
CoTaskMemFree
StringFromCLSID

winmm

mciSendCommandA
sndPlaySoundA

version

GetFileVersionInfoA
VerQueryValueA
GetFileVersionInfoSizeA

Sections

.text
Size: 159KB - Virtual size: 159KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 25KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.lib
Size: 512B - Virtual size: 356KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d613cbe6e61dfdbcde12c30ecead8b8e

Headers

File Characteristics

Imports

kernel32

shell32

advapi32

gdi32

user32

oleacc

ole32

winmm

version

Sections

.text Size: 159KB - Virtual size: 159KB

.rdata Size: 2KB - Virtual size: 2KB

.data Size: 25KB - Virtual size: 24KB

.lib Size: 512B - Virtual size: 356KB

.text
Size: 159KB - Virtual size: 159KB

.rdata
Size: 2KB - Virtual size: 2KB

.data
Size: 25KB - Virtual size: 24KB

.lib
Size: 512B - Virtual size: 356KB