ef8913924aa338b5a3cae3f01e907e75_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

ef8913924aa338b5a3cae3f01e907e75_JaffaCakes118
Size

169KB
MD5

ef8913924aa338b5a3cae3f01e907e75
SHA1

9da1aab2560d09c545a3743bfb10d4186027ac07
SHA256

d9d68d898dd9677a7d979389e5bbb136764de23b2f98fb3c5d35574c33abacdd
SHA512

3f613568abcf4b75fc672a834cbdfcff9a4a6674a1e7789d1d093443914fa422de1a69ec9c954c3516f0113e5ed5138cf9ac14f7321ba8c784948f19105c3950
SSDEEP

3072:1RvGVZmEPb7Zyb2dUxjlFjtPTQHLDskp1eWZ6DuTKV6NZTJ7TyZufDqj:DvAPb7ZmvlBtuLwqeWZJTb9yZ8Dqj

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ef8913924aa338b5a3cae3f01e907e75_JaffaCakes118

Files

ef8913924aa338b5a3cae3f01e907e75_JaffaCakes118
.exe windows:4 windows x86 arch:x86

69dee44f4bf17e77eb400a7d90d5125a

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_DEBUG_STRIPPED

Imports

winmm

timeGetDevCaps
timeBeginPeriod
timeGetTime
timeEndPeriod

ole32

CoInitialize
CoInitializeEx
CoRevokeClassObject
CoUninitialize
CoRegisterClassObject
CoFreeUnusedLibraries
CLSIDFromString
CoCreateInstance
GetRunningObjectTable
StringFromGUID2
CreateItemMoniker
CreateStreamOnHGlobal
CoTaskMemFree
StringFromCLSID
CoTaskMemAlloc

oleacc

LresultFromObject
CreateStdAccessibleObject

advapi32

RegCloseKey
RegCreateKeyA
RegCreateKeyExA
RegSetValueExA
RegQueryValueExA
RegOpenKeyExA
RegDeleteKeyA
RegSetValueA
RegEnumKeyExA

kernel32

HeapFree
ReleaseSemaphore
CreateFileW
SetEvent
LoadResource
lstrlenA
WaitForMultipleObjects
CreateEventA
InterlockedIncrement
ResetEvent
GetTapeParameters
Sleep
MultiByteToWideChar
WideCharToMultiByte
VirtualAlloc
DeleteCriticalSection
LoadLibraryA
InitializeCriticalSection
GlobalAlloc
ClearCommError
SetThreadPriority
GetCurrentThread
LocalFree
GetSystemInfo
CloseHandle
TerminateThread
EnumResourceNamesA
GetACP
EnterCriticalSection
GetCurrentProcessId
ResumeThread
IsBadReadPtr
FreeLibrary
DisableThreadLibraryCalls
GetExitCodeThread
VirtualFree
GetModuleFileNameW
IsBadWritePtr
LoadLibraryW
GetProcAddress
GetSystemTimeAsFileTime
GetModuleFileNameA
CreateSemaphoreA
ReleaseMutex
FindResourceA
GetProcessHeap
FatalExit
GetCurrentThreadId
CreateMutexA
GetSystemTime
LockResource
GetThreadPriority
GetVersionExA
GetLastError
InterlockedDecrement
WaitForSingleObject
CreateThread
GetTickCount
QueryPerformanceCounter
LeaveCriticalSection
ExitProcess

user32

RegisterWindowMessageA
wvsprintfA
CopyRect
MsgWaitForMultipleObjects
GetMessageA
PostThreadMessageA
wsprintfA
CreateWindowExA
DispatchMessageA
LoadStringA
RegisterClassA
GetQueueStatus
MonitorFromWindow
PeekMessageA
DestroyWindow

shell32

SHGetSpecialFolderPathA

Sections

.text
Size: 111KB - Virtual size: 111KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 53KB - Virtual size: 52KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.lib
Size: 512B - Virtual size: 92KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

69dee44f4bf17e77eb400a7d90d5125a

Headers

File Characteristics

Imports

winmm

ole32

oleacc

advapi32

kernel32

user32

shell32

Sections

.text Size: 111KB - Virtual size: 111KB

.rdata Size: 3KB - Virtual size: 3KB

.data Size: 53KB - Virtual size: 52KB

.lib Size: 512B - Virtual size: 92KB

.text
Size: 111KB - Virtual size: 111KB

.rdata
Size: 3KB - Virtual size: 3KB

.data
Size: 53KB - Virtual size: 52KB

.lib
Size: 512B - Virtual size: 92KB