f8a3e16655064047f563909ea5e52a2c_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

f8a3e16655064047f563909ea5e52a2c_JaffaCakes118
Size

186KB
MD5

f8a3e16655064047f563909ea5e52a2c
SHA1

6c7ce5f8326e35d370eab49cacf123cd8981ac8d
SHA256

b2da32e33435a9f1fafb1543caedbc801eb724e27c7ee2cad8632d4f08936395
SHA512

f7fec25e61d8847090bd72e2859c1a15553c16fd8e797248f55ec88c9814fbd902bc6539482844005605535a49e5a63f4b23b9ed9da43aa1e44d37098b11cbff
SSDEEP

3072:gZJTJ/b0p/7fmFcOakMuxzKhqIsNyerGlOjkJNrCPn9ad+xZSzdJt4gaS6I0:gZH/b0p/ieOkuxzsqnNySG2+NuPn9adb

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f8a3e16655064047f563909ea5e52a2c_JaffaCakes118

Files

f8a3e16655064047f563909ea5e52a2c_JaffaCakes118
.exe windows:4 windows x86 arch:x86

cf9c8363d18d43f3a0002c26fee2168c

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_DEBUG_STRIPPED

Imports

winmm

mciSendCommandA
sndPlaySoundA

ole32

CoTaskMemFree
ProgIDFromCLSID
StringFromCLSID

shell32

SHGetMalloc
SHGetPathFromIDListA
SHGetSpecialFolderLocation

kernel32

SetTapeParameters
GetCurrentProcessId
ClearCommError
InterlockedExchange
Sleep
GetLocalTime
EnumResourceNamesA
FindClose
GetVersion
ExitProcess
GetWindowsDirectoryA
FindFirstFileA

oleacc

LresultFromObject
CreateStdAccessibleObject

advapi32

RegEnumKeyExA
RegCreateKeyExA
RegCloseKey
RegDeleteKeyA
RegQueryValueExA
RegOpenKeyExA
RegOpenKeyA
RegSetValueExA

version

VerQueryValueA
GetFileVersionInfoA
GetFileVersionInfoSizeA

gdi32

SetTextColor
SetBkMode
CreateSolidBrush
GetDeviceCaps
GetObjectA
RestoreDC
EnumFontFamiliesExA
CreateRectRgn
SelectObject
GetTextExtentPoint32A
TextOutA
GetStockObject
CreateFontIndirectA
DeleteMetaFile
CreateCompatibleDC
Rectangle
SaveDC
DeleteObject
BitBlt
DeleteDC
CreateCompatibleBitmap

user32

SetCursor
ReleaseDC
IsWindow
MoveWindow
ReleaseCapture
GetSysColor
FillRect
SetWindowLongA
GetWindowLongA
GetDlgItem
LoadCursorA
SetWindowPos
GetWindowInfo
GetDC
SetCapture

Sections

.text
Size: 160KB - Virtual size: 160KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 22KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.lib
Size: 512B - Virtual size: 220KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

cf9c8363d18d43f3a0002c26fee2168c

Headers

File Characteristics

Imports

winmm

ole32

shell32

kernel32

oleacc

advapi32

version

gdi32

user32

Sections

.text Size: 160KB - Virtual size: 160KB

.rdata Size: 2KB - Virtual size: 2KB

.data Size: 22KB - Virtual size: 21KB

.lib Size: 512B - Virtual size: 220KB

.text
Size: 160KB - Virtual size: 160KB

.rdata
Size: 2KB - Virtual size: 2KB

.data
Size: 22KB - Virtual size: 21KB

.lib
Size: 512B - Virtual size: 220KB