df31cff2d8ac144efd2ac5eeba14f27e_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

df31cff2d8ac144efd2ac5eeba14f27e_JaffaCakes118
Size

197KB
MD5

df31cff2d8ac144efd2ac5eeba14f27e
SHA1

af17395efb7d677962daa589ad035240d96098f2
SHA256

bb3598874075cdc293c0aaa900b2efa29ff79c2adf3137da621544aaf8bdcaf6
SHA512

8332dfe419738f31b11b7c2db3e9e6edd7603df477aa18b2ce30b3dc7a9f667d1e0e61ba8de65c234e780141084582d0bc7f19de0ff37b681b4555b2946654d6
SSDEEP

6144:ZhGOF3Gh261K8G+mmWgGajCAB/rZmID2pNw:ZhGig1G0GajCAB/IDpNw

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
df31cff2d8ac144efd2ac5eeba14f27e_JaffaCakes118

Files

df31cff2d8ac144efd2ac5eeba14f27e_JaffaCakes118
.exe windows:4 windows x86 arch:x86

4871c6225a710aeda9451ed5e8336f45

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

SetTapeParameters
GetCurrentProcessId
ClearCommError
Sleep
GetWindowsDirectoryA
GetLocalTime
FindClose
EnumResourceNamesA
ExitProcess
GetVersion
InterlockedExchange
FindFirstFileA

shell32

SHGetMalloc
SHGetPathFromIDListA
SHGetSpecialFolderLocation

oleacc

LresultFromObject
CreateStdAccessibleObject

user32

LoadCursorA
FillRect
ReleaseCapture
GetDlgItem
SetWindowLongA
IsWindow
GetWindowLongA
GetWindowInfo
SetCursor
SetWindowPos
MoveWindow
ReleaseDC
GetDC
GetSysColor
SetCapture

advapi32

RegOpenKeyExA
RegOpenKeyA
RegCloseKey
RegEnumKeyExA
RegDeleteKeyA
RegQueryValueExA
RegCreateKeyExA
RegSetValueExA

winmm

mciSendCommandA
sndPlaySoundA

version

GetFileVersionInfoA
VerQueryValueA
GetFileVersionInfoSizeA

gdi32

Rectangle
SelectObject
SetTextColor
SetBkMode
DeleteDC
DeleteObject
CreateCompatibleDC
GetObjectA
BitBlt
GetDeviceCaps
CreateFontIndirectA
DeleteMetaFile
CreateSolidBrush
SaveDC
TextOutA
GetTextExtentPoint32A
EnumFontFamiliesExA
CreateRectRgn
RestoreDC
GetStockObject
CreateCompatibleBitmap

ole32

ProgIDFromCLSID
CoTaskMemFree
StringFromCLSID

Sections

.text
Size: 161KB - Virtual size: 161KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 32KB - Virtual size: 31KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.lib
Size: 512B - Virtual size: 104KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

4871c6225a710aeda9451ed5e8336f45

Headers

File Characteristics

Imports

kernel32

shell32

oleacc

user32

advapi32

winmm

version

gdi32

ole32

Sections

.text Size: 161KB - Virtual size: 161KB

.rdata Size: 2KB - Virtual size: 2KB

.data Size: 32KB - Virtual size: 31KB

.lib Size: 512B - Virtual size: 104KB

.text
Size: 161KB - Virtual size: 161KB

.rdata
Size: 2KB - Virtual size: 2KB

.data
Size: 32KB - Virtual size: 31KB

.lib
Size: 512B - Virtual size: 104KB