JaffaCakes118_148ac484c89df27a5a766c954ae361f9

Sharing

Copy URL

Twitter E-mail

General

Target

JaffaCakes118_148ac484c89df27a5a766c954ae361f9
Size

178KB
MD5

148ac484c89df27a5a766c954ae361f9
SHA1

a76406d0d20bca331b6310d25abd86a0e6c9f2be
SHA256

6a3c0b2f9a5378997508abfc9f5faa733f34c388265594be563fb096fc7937ce
SHA512

e2eee495826673beffd1dff60c37a6ab318ed2676583e52275c2f0ee10b6a7448929e4d3c0d224d776af1d77f0362faebc173688a642a9ca75aa0004e33eb8ab
SSDEEP

3072:s61jUe7LdHTNkbi12FMZ8/R4o4bQpGSOBYamGLd+9q9mLkOkl1kDtq+zIkWd3NIj:swjUoVJz12iu/R4HSOBQGx6krj+z6Nq

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
JaffaCakes118_148ac484c89df27a5a766c954ae361f9

Files

JaffaCakes118_148ac484c89df27a5a766c954ae361f9
.exe windows:4 windows x86 arch:x86

222bcb06af935cdde3621cb862380edd

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_DEBUG_STRIPPED

Imports

advapi32

RegEnumKeyExA
RegCreateKeyExA
RegQueryValueExA
RegOpenKeyExA
RegOpenKeyA
RegCloseKey
RegDeleteKeyA
RegSetValueExA

oleacc

LresultFromObject
CreateStdAccessibleObject

user32

GetWindowLongA
ReleaseCapture
GetDC
ReleaseDC
MoveWindow
SetWindowLongA
GetSysColor
SetWindowPos
GetDlgItem
SetCursor
GetWindowInfo
FillRect
LoadCursorA
IsWindow
SetCapture

kernel32

SetTapeParameters
Sleep
ClearCommError
GetVersion
GetLocalTime
GetWindowsDirectoryA
EnumResourceNamesA
FindClose
ExitProcess
InterlockedExchange
GetCurrentProcessId
FindFirstFileA

gdi32

Rectangle
BitBlt
CreateRectRgn
CreateCompatibleDC
GetTextExtentPoint32A
DeleteObject
SelectObject
CreateSolidBrush
TextOutA
SetTextColor
DeleteDC
CreateFontIndirectA
EnumFontFamiliesExA
RestoreDC
GetObjectA
GetStockObject
GetDeviceCaps
SetBkMode
SaveDC
DeleteMetaFile
CreateCompatibleBitmap

ole32

ProgIDFromCLSID
CoTaskMemFree
StringFromCLSID

version

GetFileVersionInfoA
VerQueryValueA
GetFileVersionInfoSizeA

winmm

mciSendCommandA
sndPlaySoundA

shell32

SHGetPathFromIDListA
SHGetMalloc
SHGetSpecialFolderLocation

Sections

.text
Size: 154KB - Virtual size: 153KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 20KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.lib
Size: 512B - Virtual size: 72KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

222bcb06af935cdde3621cb862380edd

Headers

File Characteristics

Imports

advapi32

oleacc

user32

kernel32

gdi32

ole32

version

winmm

shell32

Sections

.text Size: 154KB - Virtual size: 153KB

.rdata Size: 2KB - Virtual size: 2KB

.data Size: 20KB - Virtual size: 20KB

.lib Size: 512B - Virtual size: 72KB

.text
Size: 154KB - Virtual size: 153KB

.rdata
Size: 2KB - Virtual size: 2KB

.data
Size: 20KB - Virtual size: 20KB

.lib
Size: 512B - Virtual size: 72KB