f3453a23b3eca80c9b23f431e18b1a6b_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

f3453a23b3eca80c9b23f431e18b1a6b_JaffaCakes118
Size

170KB
MD5

f3453a23b3eca80c9b23f431e18b1a6b
SHA1

d9ba00e8c04f4778add792ae0bc3b4c30d90e265
SHA256

e5cbe603efea80df3e1b65a5962aecca6fde3708c097c7f103d907339407fc24
SHA512

02ca71e0da788200c82b1e609beec7b59513e7a76bfffff772d23d0a93006dbb3eb732ce8f3f46f9cc9484ac37306633b80cb7a0c43b5ee608c6c3de6b8832e7
SSDEEP

3072:JV+aAENaF+D7OCXyBKZME8+q9n32VIlU/0wLVrTilw2:q7EooOwXTm2upcUj

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f3453a23b3eca80c9b23f431e18b1a6b_JaffaCakes118

Files

f3453a23b3eca80c9b23f431e18b1a6b_JaffaCakes118
.exe windows:4 windows x86 arch:x86

4c0fbcadd51c1dc20f5caff25d198856

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

shlwapi

PathFileExistsA
PathFileExistsW
StrStrIW

kernel32

DeviceIoControl
DeleteFileA
ReleaseMutex
WaitForMultipleObjects
SetFilePointer
VirtualAlloc
QueryPerformanceCounter
CreateFileW
GetFileSize
GetSystemTimeAsFileTime
GetPriorityClass
GetSystemTime
LocalFree
GetFileAttributesA
GetModuleFileNameA
GetVersionExA
CreateDirectoryA
ReadFile
VirtualFree
GetTempPathA
GetModuleFileNameW
GetTickCount
LocalAlloc
EnumResourceTypesW
GlobalFree
CreateMutexA
WideCharToMultiByte
CreateFileA
GlobalLock
InitializeCriticalSection
GetTempFileNameA
Sleep
GetVolumeInformationA
ExitProcess
GlobalUnlock
DisableThreadLibraryCalls
GetCurrentProcessId
lstrlenA
WaitForSingleObject
InterlockedDecrement
SetFileAttributesA
MultiByteToWideChar
GetCurrentThreadId
CloseHandle
CopyFileA
GetLastError
InterlockedIncrement
DeleteCriticalSection
FreeLibrary

user32

RegisterClassA
InvalidateRect
FillRect
PostMessageA
GetDC
ReleaseDC
BringWindowToTop
GetDesktopWindow
AttachThreadInput
EqualRect
InflateRect
CopyRect
TranslateMessage
wsprintfA
SetRect
DispatchMessageA
SetParent
PeekMessageA
EnableWindow
IsWindow
GetClientRect
SendMessageA
DefWindowProcA
UnregisterClassA

avifil32

AVISaveOptions
AVIMakeCompressedStream

gdi32

CreateDCA
GetStockObject
DeleteObject
CreateCompatibleDC
PatBlt
CreateCompatibleBitmap
BitBlt
GetObjectA
CreateDIBSection
DeleteDC
SelectObject
StretchBlt
SetStretchBltMode
SetDIBits

Sections

.text
Size: 100KB - Virtual size: 100KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: 65KB - Virtual size: 65KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 1024B - Virtual size: 252KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

4c0fbcadd51c1dc20f5caff25d198856

Headers

File Characteristics

Imports

shlwapi

kernel32

user32

avifil32

gdi32

Sections

.text Size: 100KB - Virtual size: 100KB

.rdata Size: 2KB - Virtual size: 2KB

.bss Size: 65KB - Virtual size: 65KB

.tls Size: 1024B - Virtual size: 252KB

.text
Size: 100KB - Virtual size: 100KB

.rdata
Size: 2KB - Virtual size: 2KB

.bss
Size: 65KB - Virtual size: 65KB

.tls
Size: 1024B - Virtual size: 252KB