JaffaCakes118_a898e3fa3c2223f50db5d5e8188cfcac

Sharing

Copy URL

Twitter E-mail

General

Target

JaffaCakes118_a898e3fa3c2223f50db5d5e8188cfcac
Size

190KB
MD5

a898e3fa3c2223f50db5d5e8188cfcac
SHA1

eda122796fd556240473fa4ea04e64242700664e
SHA256

4e8a25a81a35fd1db81abd379a3230301540fff1f7fb856199cb7be9a6733a75
SHA512

426c7ec7aa23f50a5670cb8b4fcd79b4bf63c8cd7a4e8ce105bfea67367834dd70f66f117085ad389e72dd0019db5099685e0e91ada4a4a8d2ea8944be32d09c
SSDEEP

3072:NRRbG0T2diTHlFzfVybKDT1wfbh2R/OQmcFSn8zfgYe4GBsdhVPrD4NcpSLk+GpI:NR/BDlFzvqNo2PcF7etsdhRHhkGSAC

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
JaffaCakes118_a898e3fa3c2223f50db5d5e8188cfcac

Files

JaffaCakes118_a898e3fa3c2223f50db5d5e8188cfcac
.exe windows:4 windows x86 arch:x86

1ce37e01a8aafc1db8ca5c08ac963ff4

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_DEBUG_STRIPPED

Imports

version

GetFileVersionInfoA
VerQueryValueA
GetFileVersionInfoSizeA

user32

SetCursor
MoveWindow
SetWindowLongA
SetWindowPos
FillRect
GetDlgItem
GetDC
GetWindowInfo
IsWindow
LoadCursorA
ReleaseDC
GetSysColor
ReleaseCapture
GetWindowLongA
SetCapture

gdi32

GetStockObject
DeleteObject
RestoreDC
CreateRectRgn
EnumFontFamiliesExA
CreateFontIndirectA
BitBlt
SaveDC
CreateSolidBrush
TextOutA
SelectObject
Rectangle
DeleteMetaFile
GetTextExtentPoint32A
SetBkMode
SetTextColor
GetDeviceCaps
GetObjectA
DeleteDC
CreateCompatibleDC
CreateCompatibleBitmap

shell32

SHGetPathFromIDListA
SHGetMalloc
SHGetSpecialFolderLocation

winmm

mciSendCommandA
sndPlaySoundA

oleacc

LresultFromObject
CreateStdAccessibleObject

kernel32

SetTapePosition
GetCurrentProcessId
ClearCommError
InterlockedExchange
GetWindowsDirectoryA
GetLocalTime
GetVersion
EnumResourceNamesA
FatalExit
FindClose
Sleep
FindFirstFileA

advapi32

RegDeleteKeyA
RegOpenKeyExA
RegEnumKeyExA
RegCreateKeyExA
RegOpenKeyA
RegCloseKey
RegQueryValueExA
RegSetValueExA

ole32

CoTaskMemFree
ProgIDFromCLSID
StringFromCLSID

Sections

.text
Size: 163KB - Virtual size: 163KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 23KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.lib
Size: 512B - Virtual size: 356KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

1ce37e01a8aafc1db8ca5c08ac963ff4

Headers

File Characteristics

Imports

version

user32

gdi32

shell32

winmm

oleacc

kernel32

advapi32

ole32

Sections

.text Size: 163KB - Virtual size: 163KB

.rdata Size: 2KB - Virtual size: 2KB

.data Size: 23KB - Virtual size: 22KB

.lib Size: 512B - Virtual size: 356KB

.text
Size: 163KB - Virtual size: 163KB

.rdata
Size: 2KB - Virtual size: 2KB

.data
Size: 23KB - Virtual size: 22KB

.lib
Size: 512B - Virtual size: 356KB