1943ae57f41f533ea7ada58e3a839412_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

1943ae57f41f533ea7ada58e3a839412_JaffaCakes118
Size

358KB
MD5

1943ae57f41f533ea7ada58e3a839412
SHA1

ab0a5e859532b2016e93a18ba918be58eea9619f
SHA256

9526593c511813b31584bbe9bb9857c59d2a858969a1d30445907ed84ba02af2
SHA512

561722e06bac59720261ce2b8eb0e764326c7a8195eec4488ec9c545f71f56d1e79a0b488147a692f59efe658296c833740e6ca41e5ec422e32dce06c988dcf2
SSDEEP

6144:TPaFs96v3vlYLDDC1OFRMVYTw7KnM/JQEh95F3C+mkKcN06:eO96PvlIPEOvvlM/y0fxJKcq6

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1943ae57f41f533ea7ada58e3a839412_JaffaCakes118

Files

1943ae57f41f533ea7ada58e3a839412_JaffaCakes118
.exe windows:5 windows x86 arch:x86

4642384822e4dbb52759e63685b804a6

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

avifil32

AVIStreamGetFrameOpen
AVIFileOpen
AVIMakeCompressedStream
AVISaveA
AVIFileInfo
AVIStreamFindSample
AVIStreamTimeToSample
AVIPutFileOnClipboard
AVIStreamInfoW
AVIStreamReadFormat
AVIFileCreateStreamA
AVIStreamSetFormat
AVIStreamOpenFromFileW
AVIStreamInfoA
AVIFileOpenA
EditStreamSetInfoW
CreateEditableStream
AVIStreamEndStreaming
AVISaveOptionsFree
AVIStreamWriteData
AVIFileExit
EditStreamSetNameW
AVIFileInit
AVIFileInfoW

crtdll

wcscspn
tan
clearerr
_cpumode_dll
_ftol
strcat
_ismbcl2
_CIcos
_fputwchar
_pctype_dll
_heapset
_popen
_mbctombb
ferror
_tzname
iswspace
ungetc
_isnan
_mbsupr
_ismbcl1
__toascii
iswcntrl
acos
_sopen

kernel32

BackupRead
DeactivateActCtx
FindFirstFileExA
HeapCreate
GetConsoleMode
GetThreadSelectorEntry
GetFileAttributesExW
GetCurrentThread
GetStartupInfoA
VirtualAlloc
GetWindowsDirectoryW
AddConsoleAliasA
WriteConsoleOutputCharacterA
GetDiskFreeSpaceExA
HeapFree
GetUserGeoID
IsProcessorFeaturePresent
MoveFileExA
PeekConsoleInputW
LoadLibraryA
FindActCtxSectionGuid
lstrcmpiW
GetVolumeInformationW
MoveFileWithProgressW
OpenFileMappingA
ExitProcess
ClearCommBreak
CreateJobObjectA
OutputDebugStringA

rasser

PortCompressionSetInfo
PortSend
PortReceiveComplete
PortGetStatistics
PortSetFraming
PortTestSignalState
PortGetInfo
PortEnum
PortGetPortState
PortInit
PortClearStatistics
PortConnect
PortClose
PortChangeCallback
PortSetINetCfg
PortOpen
PortDisconnect
PortReceive
PortSetInfo

Sections

.text
Size: 345KB - Virtual size: 345KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1KB - Virtual size: 333KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 480B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

4642384822e4dbb52759e63685b804a6

Headers

DLL Characteristics

File Characteristics

Imports

avifil32

crtdll

kernel32

rasser

Sections

.text Size: 345KB - Virtual size: 345KB

.rdata Size: 3KB - Virtual size: 2KB

.data Size: 1KB - Virtual size: 333KB

.rsrc Size: 7KB - Virtual size: 6KB

.reloc Size: 512B - Virtual size: 480B

.text
Size: 345KB - Virtual size: 345KB

.rdata
Size: 3KB - Virtual size: 2KB

.data
Size: 1KB - Virtual size: 333KB

.rsrc
Size: 7KB - Virtual size: 6KB

.reloc
Size: 512B - Virtual size: 480B