21718da46712ea198b2a94008bccb7ce_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

21718da46712ea198b2a94008bccb7ce_JaffaCakes118
Size

163KB
MD5

21718da46712ea198b2a94008bccb7ce
SHA1

03d9c3f7eb911d7f452340b22f9b142b812bb9a0
SHA256

4909022a6a40b813fcc01d29c756c9c4ef83f391562ce097ca33cd2873cd4049
SHA512

294fab06006c73ba03c80ae00eee3c4d5e1525b28e8502bc15c3ec88302eaf63df6dec38692f20008f1eda3c6c05aa438552a94622f0c857b5a3f78f0dace068
SSDEEP

3072:ORlbYdqU27llhYnKbcXEGyVnK0zeVrF7CSZAhne5BdGXS:UNeRKwsQdkSZAhne5BdGXS

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
21718da46712ea198b2a94008bccb7ce_JaffaCakes118

Files

21718da46712ea198b2a94008bccb7ce_JaffaCakes118
.exe windows:4 windows x86 arch:x86

5f39d29b6059ca5758f5f510b1686480

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrlenA
LocalAlloc
QueryDosDeviceW
LocalFree
GetProcessId
SetFilePointer
CreateFileMappingA
Sleep
GetFileSize
GlobalSize
WriteFile
CreateFileA
EnumResourceTypesA
ProcessIdToSessionId
UnmapViewOfFile
MapViewOfFile
ExitProcess
GlobalAlloc
ReadFile
CloseHandle
DisableThreadLibraryCalls
GlobalFree

avifil32

AVIStreamGetFrameClose
AVIStreamRelease
AVIStreamInfoA
AVIFileGetStream
AVIStreamGetFrameOpen
AVISaveOptions
AVIStreamGetFrame
AVIFileRelease
AVIFileInit
AVIStreamSetFormat
AVIFileCreateStreamA
AVIFileOpenA
AVIStreamWrite
AVIMakeCompressedStream

comctl32

CreateToolbarEx

avicap32

capCreateCaptureWindowA
capGetDriverDescriptionA

msvfw32

ICDecompress
ICOpen
ICSendMessage
ICClose

gdi32

CombineRgn
CreateRectRgn
SetDIBitsToDevice
StretchDIBits
FillRgn
DeleteObject
SetStretchBltMode
GetObjectA
DeleteDC
GetStockObject
SelectObject
SetDIBColorTable
CreateCompatibleDC
GetCurrentObject
CreateDIBSection
BitBlt
StretchBlt

user32

SubtractRect
InvalidateRect
CreateWindowExA
LoadCursorA
ReleaseCapture
SetCursor
TranslateMessage
SetWindowLongA
RegisterClassA
IsWindow
GetWindowRect
EndPaint
CallWindowProcA
UpdateWindow
LoadIconA
DestroyWindow
SendMessageA
DefWindowProcA
wvsprintfA
GetKeyState
ShowWindow
MoveWindow
BeginPaint
GetWindowLongA
SetFocus
SetWindowTextA
OffsetRect
ScreenToClient
MessageBoxA
wsprintfA
GetFocus
GetMessageA
GetClientRect
PeekMessageA
DispatchMessageA
GetClassLongA
SetCapture

Sections

.text
Size: 96KB - Virtual size: 95KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 62KB - Virtual size: 62KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 1024B - Virtual size: 96KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

5f39d29b6059ca5758f5f510b1686480

Headers

File Characteristics

Imports

kernel32

avifil32

comctl32

avicap32

msvfw32

gdi32

user32

Sections

.text Size: 96KB - Virtual size: 95KB

.rdata Size: 3KB - Virtual size: 2KB

.data Size: 62KB - Virtual size: 62KB

.tls Size: 1024B - Virtual size: 96KB

.text
Size: 96KB - Virtual size: 95KB

.rdata
Size: 3KB - Virtual size: 2KB

.data
Size: 62KB - Virtual size: 62KB

.tls
Size: 1024B - Virtual size: 96KB