eccbe490fb41dc883626c85e7065dc0f_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

eccbe490fb41dc883626c85e7065dc0f_JaffaCakes118
Size

191KB
MD5

eccbe490fb41dc883626c85e7065dc0f
SHA1

d3f8275a4f69ccef789f0246a4d1ef8a896f9b50
SHA256

e9e9cb0a25c9b0577cd3349ab6687bd6246a57c8d4b59403fdb91fccad218d59
SHA512

99cb80c33e9f8992f8ef85a5b569ea498f4bf4cb4bdfc9d83b85c978fb9a6f945a57ab5cfa288e37e1ad88af934d20253ed3d3155c907a62b4961e70c0814639
SSDEEP

3072:ciZ4oyrL5lVlgWTRRAcWiNdyeUBhGNlXoXrbHG9KuPwhXnOzTWHY:c68rNlr7TRRB1+BhC2blX0TEY

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
eccbe490fb41dc883626c85e7065dc0f_JaffaCakes118

Files

eccbe490fb41dc883626c85e7065dc0f_JaffaCakes118
.exe windows:4 windows x86 arch:x86

cf094d424e2195a79c9175972808bd5f

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

comctl32

CreateToolbarEx

kernel32

QueryDosDeviceW
GetFileSize
CreateFileA
GlobalSize
SetFilePointer
WriteFile
GetProcessId
lstrlenA
CloseHandle
DisableThreadLibraryCalls
EnumResourceTypesA
LocalFree
ProcessIdToSessionId
UnmapViewOfFile
MapViewOfFile
ExitProcess
ReadFile
Sleep
GlobalAlloc
LocalAlloc
CreateFileMappingA
GlobalFree

gdi32

GetObjectA
CreateDIBSection
CombineRgn
CreateRectRgn
FillRgn
GetStockObject
SetDIBitsToDevice
StretchDIBits
SetDIBColorTable
CreateCompatibleDC
DeleteObject
SelectObject
BitBlt
DeleteDC
GetCurrentObject
SetStretchBltMode
StretchBlt

msvfw32

ICDecompress
ICOpen
ICSendMessage
ICClose

avicap32

capCreateCaptureWindowA
capGetDriverDescriptionA

avifil32

AVIStreamGetFrameOpen
AVIStreamSetFormat
AVIStreamGetFrameClose
AVIStreamInfoA
AVIStreamWrite
AVIFileRelease
AVIStreamRelease
AVIFileCreateStreamA
AVIFileInit
AVISaveOptions
AVIFileOpenA
AVIStreamGetFrame
AVIFileGetStream
AVIMakeCompressedStream

user32

ScreenToClient
GetClassLongA
LoadIconA
CallWindowProcA
OffsetRect
CreateWindowExA
GetWindowLongA
ShowWindow
GetMessageA
wsprintfA
BeginPaint
TranslateMessage
InvalidateRect
MessageBoxA
SetWindowLongA
GetKeyState
ReleaseCapture
DefWindowProcA
SetFocus
IsWindow
EndPaint
wvsprintfA
DispatchMessageA
GetWindowRect
RegisterClassA
UpdateWindow
LoadCursorA
GetClientRect
MoveWindow
SubtractRect
PeekMessageA
SetCursor
SetWindowTextA
GetFocus
DestroyWindow
SendMessageA
SetCapture

Sections

.text
Size: 108KB - Virtual size: 107KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 78KB - Virtual size: 78KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 1024B - Virtual size: 220KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

cf094d424e2195a79c9175972808bd5f

Headers

File Characteristics

Imports

comctl32

kernel32

gdi32

msvfw32

avicap32

avifil32

user32

Sections

.text Size: 108KB - Virtual size: 107KB

.rdata Size: 3KB - Virtual size: 2KB

.data Size: 78KB - Virtual size: 78KB

.tls Size: 1024B - Virtual size: 220KB

.text
Size: 108KB - Virtual size: 107KB

.rdata
Size: 3KB - Virtual size: 2KB

.data
Size: 78KB - Virtual size: 78KB

.tls
Size: 1024B - Virtual size: 220KB