JaffaCakes118_6acba1b2c9296394ac9065daf88da511

Sharing

Copy URL

Twitter E-mail

General

Target

JaffaCakes118_6acba1b2c9296394ac9065daf88da511
Size

179KB
MD5

6acba1b2c9296394ac9065daf88da511
SHA1

3421dff8f94190ff63f7037776ac0c7a68598024
SHA256

4c2bafb2d4176e927a84c61f86305ad04ad48f69bc0d59960e9b2a3eeea187be
SHA512

6543e93de70c1da8ae4d6f022e65a9e659eff8023e23fd72f09cf9852bf50be85b230dff8cd3eaca7b67bfe8b16791f608a0a8295ca31b9a83f2c455fa556737
SSDEEP

3072:lIotXDNcWCAV1yq5a459SF52TqlaeJTjvAqFwT:lIUXDeqvyTiSR3jvVF

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
JaffaCakes118_6acba1b2c9296394ac9065daf88da511

Files

JaffaCakes118_6acba1b2c9296394ac9065daf88da511
.exe windows:4 windows x86 arch:x86

831e3302ac3a42ad2d5e83905cc16b3a

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_DEBUG_STRIPPED

Imports

oleacc

LresultFromObject
CreateStdAccessibleObject

version

VerQueryValueA
GetFileVersionInfoA
GetFileVersionInfoSizeA

kernel32

SetTapeParameters
GetVersion
ClearCommError
Sleep
GetCurrentProcessId
InterlockedExchange
EnumResourceNamesA
GetLocalTime
GetWindowsDirectoryA
ExitProcess
FindClose
FindFirstFileA

ole32

CoTaskMemFree
ProgIDFromCLSID
StringFromCLSID

shell32

SHGetPathFromIDListA
SHGetMalloc
SHGetSpecialFolderLocation

user32

IsWindow
GetSysColor
GetWindowLongA
LoadCursorA
MoveWindow
GetDC
ReleaseDC
GetWindowInfo
SetWindowLongA
ReleaseCapture
GetDlgItem
SetWindowPos
FillRect
SetCursor
SetCapture

gdi32

DeleteMetaFile
GetObjectA
CreateFontIndirectA
Rectangle
SetTextColor
DeleteDC
DeleteObject
CreateSolidBrush
SetBkMode
BitBlt
RestoreDC
TextOutA
SelectObject
GetDeviceCaps
EnumFontFamiliesExA
SaveDC
CreateRectRgn
CreateCompatibleDC
GetStockObject
GetTextExtentPoint32A
CreateCompatibleBitmap

advapi32

RegOpenKeyA
RegEnumKeyExA
RegDeleteKeyA
RegQueryValueExA
RegCreateKeyExA
RegOpenKeyExA
RegCloseKey
RegSetValueExA

winmm

mciSendCommandA
sndPlaySoundA

Sections

.text
Size: 154KB - Virtual size: 153KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 21KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.lib
Size: 512B - Virtual size: 76KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

831e3302ac3a42ad2d5e83905cc16b3a

Headers

File Characteristics

Imports

oleacc

version

kernel32

ole32

shell32

user32

gdi32

advapi32

winmm

Sections

.text Size: 154KB - Virtual size: 153KB

.rdata Size: 2KB - Virtual size: 2KB

.data Size: 21KB - Virtual size: 21KB

.lib Size: 512B - Virtual size: 76KB

.text
Size: 154KB - Virtual size: 153KB

.rdata
Size: 2KB - Virtual size: 2KB

.data
Size: 21KB - Virtual size: 21KB

.lib
Size: 512B - Virtual size: 76KB