e4129dd49a25fed941390c3c868a00b6_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

e4129dd49a25fed941390c3c868a00b6_JaffaCakes118
Size

189KB
MD5

e4129dd49a25fed941390c3c868a00b6
SHA1

fef286ad794c1030b0d13c35352f955a9675e3e7
SHA256

b97ce8b785b7796c78e436357781c54c139750744a2e48221c5e11291df644dd
SHA512

68c692c3a2fea5130c43f4fbdaf36f18f67719b44f2ac558c8ed32fec80e010ce3dac3848c62054907671d356707e155d33d2e2fd5a7497d1e0c65e224f873d3
SSDEEP

3072:XhYBm4OJInA3dDresjpTliQEZoSbzj4za1uJTNUGe18XtkOxgxxNWTrCIIgm:XhOm4AInA3dXeSVUQEZ/bzolzVVO8q

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
e4129dd49a25fed941390c3c868a00b6_JaffaCakes118

Files

e4129dd49a25fed941390c3c868a00b6_JaffaCakes118
.exe windows:4 windows x86 arch:x86

85f05b26be6fbab2bba116cbfcb6698e

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_DEBUG_STRIPPED

Imports

ole32

ProgIDFromCLSID
CoTaskMemFree
StringFromCLSID

winmm

mciSendCommandA
sndPlaySoundA

oleacc

LresultFromObject
CreateStdAccessibleObject

kernel32

SetTapeParameters
InterlockedExchange
ClearCommError
FindClose
Sleep
GetWindowsDirectoryA
EnumResourceNamesA
GetVersion
GetLocalTime
ExitProcess
GetCurrentProcessId
FindFirstFileA

gdi32

GetStockObject
CreateFontIndirectA
CreateRectRgn
CreateSolidBrush
TextOutA
GetObjectA
GetTextExtentPoint32A
Rectangle
SetTextColor
RestoreDC
SetBkMode
SaveDC
DeleteDC
GetDeviceCaps
DeleteMetaFile
BitBlt
EnumFontFamiliesExA
DeleteObject
CreateCompatibleDC
SelectObject
CreateCompatibleBitmap

user32

ReleaseDC
SetWindowPos
MoveWindow
SetWindowLongA
GetDC
IsWindow
FillRect
GetDlgItem
LoadCursorA
GetWindowInfo
ReleaseCapture
GetSysColor
SetCursor
GetWindowLongA
SetCapture

version

GetFileVersionInfoA
VerQueryValueA
GetFileVersionInfoSizeA

advapi32

RegDeleteKeyA
RegQueryValueExA
RegCreateKeyExA
RegOpenKeyExA
RegEnumKeyExA
RegCloseKey
RegOpenKeyA
RegSetValueExA

shell32

SHGetMalloc
SHGetPathFromIDListA
SHGetSpecialFolderLocation

Sections

.text
Size: 156KB - Virtual size: 155KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 29KB - Virtual size: 29KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.lib
Size: 512B - Virtual size: 232KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

85f05b26be6fbab2bba116cbfcb6698e

Headers

File Characteristics

Imports

ole32

winmm

oleacc

kernel32

gdi32

user32

version

advapi32

shell32

Sections

.text Size: 156KB - Virtual size: 155KB

.rdata Size: 2KB - Virtual size: 2KB

.data Size: 29KB - Virtual size: 29KB

.lib Size: 512B - Virtual size: 232KB

.text
Size: 156KB - Virtual size: 155KB

.rdata
Size: 2KB - Virtual size: 2KB

.data
Size: 29KB - Virtual size: 29KB

.lib
Size: 512B - Virtual size: 232KB