JaffaCakes118_67586c09ab6e5c7f83119ba6ace7682b

Sharing

Copy URL

Twitter E-mail

General

Target

JaffaCakes118_67586c09ab6e5c7f83119ba6ace7682b
Size

172KB
MD5

67586c09ab6e5c7f83119ba6ace7682b
SHA1

0f87f9b6fb52dad6a4abaa5ce512901b82f36bef
SHA256

6e445946a7c007df4ca43d3a06b030a4ca0087b1c7fe58dc3ba4788c36542e02
SHA512

58abbe71146eec681092d8f2c3ec015e3f5b3f7791effceefd6b254a22c471eff9d6ef0fcf9126730b609e38e036d679e1c424de7c9934bbe0b432e15af109d5
SSDEEP

3072:Gc0lKMkRoOsxvEbZa7vCEz8ukZ9qVRl2dcYxd+R5LHjoJa9vnWvco:X0AB7uqEguRVXAhxd+R5bV9vWvP

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
JaffaCakes118_67586c09ab6e5c7f83119ba6ace7682b

Files

JaffaCakes118_67586c09ab6e5c7f83119ba6ace7682b
.exe windows:4 windows x86 arch:x86

d75aebb2b0b0382c65cd7d79839ded80

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_DEBUG_STRIPPED

Imports

gdi32

RestoreDC
GetTextExtentPoint32A
DeleteObject
GetObjectA
EnumFontFamiliesExA
SelectObject
CreateSolidBrush
DeleteMetaFile
DeleteDC
SetBkMode
SaveDC
Rectangle
BitBlt
CreateRectRgn
GetStockObject
CreateCompatibleDC
SetTextColor
CreateFontIndirectA
GetDeviceCaps
TextOutA
CreateCompatibleBitmap

shell32

SHGetMalloc
SHGetPathFromIDListA
SHGetSpecialFolderLocation

oleacc

LresultFromObject
CreateStdAccessibleObject

ole32

ProgIDFromCLSID
CoTaskMemFree
StringFromCLSID

version

VerQueryValueA
GetFileVersionInfoA
GetFileVersionInfoSizeA

advapi32

RegEnumKeyExA
RegOpenKeyA
RegCloseKey
RegQueryValueExA
RegOpenKeyExA
RegCreateKeyExA
RegDeleteKeyA
RegSetValueExA

user32

GetWindowLongA
GetWindowInfo
GetDlgItem
GetDC
LoadCursorA
SetWindowPos
ReleaseCapture
SetWindowLongA
IsWindow
SetCursor
GetSysColor
ReleaseDC
FillRect
MoveWindow
SetCapture

winmm

mciSendCommandA
sndPlaySoundA

kernel32

SetTapeParameters
GetCurrentProcessId
ClearCommError
Sleep
FindClose
GetWindowsDirectoryA
GetLocalTime
EnumResourceNamesA
ExitProcess
GetVersion
InterlockedExchange
FindFirstFileA

Sections

.text
Size: 139KB - Virtual size: 139KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 29KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.lib
Size: 512B - Virtual size: 80KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d75aebb2b0b0382c65cd7d79839ded80

Headers

File Characteristics

Imports

gdi32

shell32

oleacc

ole32

version

advapi32

user32

winmm

kernel32

Sections

.text Size: 139KB - Virtual size: 139KB

.rdata Size: 2KB - Virtual size: 2KB

.data Size: 29KB - Virtual size: 28KB

.lib Size: 512B - Virtual size: 80KB

.text
Size: 139KB - Virtual size: 139KB

.rdata
Size: 2KB - Virtual size: 2KB

.data
Size: 29KB - Virtual size: 28KB

.lib
Size: 512B - Virtual size: 80KB