1837b17098fbe554359ab5a8477c2721_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

1837b17098fbe554359ab5a8477c2721_JaffaCakes118
Size

700KB
MD5

1837b17098fbe554359ab5a8477c2721
SHA1

0d0da346743444fa43d16a6a88efeaf1e36dcf69
SHA256

3a2689a4a4a96435e7c3fad2d01d7df6b69ae70dfbc5394b63455cd17a8d9de7
SHA512

2170531f50b3bbaa691770adc7066e056520caf295a32c37fafeba929ba71dc6ea97bc241d3835c5826ee4cb91fe01d2f6cffabfaa5babf171afbb4975139de5
SSDEEP

12288:k5YacHrEqPxy0zQWStwir0vGpHO7wEFzFduQX4WqFXTBY3amvMEr8d:kavHrEsxycSthrwgH9EFT4WqFXTBikE

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1837b17098fbe554359ab5a8477c2721_JaffaCakes118

Files

1837b17098fbe554359ab5a8477c2721_JaffaCakes118
.exe windows:4 windows x86 arch:x86

cd9c264331e2a2d97172c7e9be88c820

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

avifil32

AVIFileInfoA

winmm

mmioOpenA
mmioAscend
waveInOpen
mmioClose

user32

CharNextW
CopyImage
CheckDlgButton
CharPrevA
CheckMenuRadioItem
DefMDIChildProcA
DdeFreeStringHandle
DispatchMessageW
DdeDisconnect
DestroyCaret
GetFocus
CopyRect
EnumWindows
GetClientRect
GetKeyboardLayout
LoadMenuW
DrawEdge
GetClassInfoA
GetKeyboardLayoutList
GetWindow
GetWindowThreadProcessId
GetIconInfo
GetMenuItemInfoA
GetKeyNameTextA
IsDlgButtonChecked
GetDlgItemTextW
InsertMenuA
GetMenuItemCount
IsWindowVisible
ScreenToClient
PostQuitMessage
KillTimer
SetScrollPos
LoadStringA
GetQueueStatus
SystemParametersInfoA
SendMessageTimeoutA
SetKeyboardState
ShowCaret
RedrawWindow
InsertMenuItemA
MessageBoxA
UnregisterHotKey
RegisterClassA
wsprintfA
ScrollDC
SetFocus

imm32

ImmGetCompositionStringA
ImmSetCompositionWindow
ImmSetCompositionFontA
ImmGetCompositionStringW

msvfw32

MCIWndCreateA

version

GetFileVersionInfoA
VerQueryValueA
GetFileVersionInfoSizeA

Sections

.text
Size: 684KB - Virtual size: 684KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.itext
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bss
Size: - Virtual size: 2.8MB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: - Virtual size: 56B

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 24B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 512B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.rsrc
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

cd9c264331e2a2d97172c7e9be88c820

Headers

File Characteristics

Imports

avifil32

winmm

user32

imm32

msvfw32

version

Sections

.text Size: 684KB - Virtual size: 684KB

.itext Size: 3KB - Virtual size: 3KB

.data Size: 3KB - Virtual size: 2KB

.bss Size: - Virtual size: 2.8MB

.idata Size: 2KB - Virtual size: 1KB

.tls Size: - Virtual size: 56B

.rdata Size: 512B - Virtual size: 24B

.reloc Size: 512B - Virtual size: 512B

.rsrc Size: 5KB - Virtual size: 5KB

.text
Size: 684KB - Virtual size: 684KB

.itext
Size: 3KB - Virtual size: 3KB

.data
Size: 3KB - Virtual size: 2KB

.bss
Size: - Virtual size: 2.8MB

.idata
Size: 2KB - Virtual size: 1KB

.tls
Size: - Virtual size: 56B

.rdata
Size: 512B - Virtual size: 24B

.reloc
Size: 512B - Virtual size: 512B

.rsrc
Size: 5KB - Virtual size: 5KB