274442ff832fc49906cee21eaedd6e5a_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

274442ff832fc49906cee21eaedd6e5a_JaffaCakes118
Size

182KB
MD5

274442ff832fc49906cee21eaedd6e5a
SHA1

6eb2a4bc43b37474ec5cbd09d236e11234243374
SHA256

1d872e6bfe30f50be785cc6ef61bae06c74a6b9a0399d971eab90a261912eb0b
SHA512

45e48d49e02b01bbfee0ba83a6d781866b8f474d7549d03c75267c2ec4a8f50b1dfb0a4f038683bfdd0e81f8fc34048c5a5b9b1c175529fa7a6af411025fbdfc
SSDEEP

3072:il5exzEbLHIL84ImNmRP03sP5LMbe/pkHDCSsTy350KKPNX3k3uYD/UfmlRn:kW4Uel03O/KjfsTyu3q9h

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
274442ff832fc49906cee21eaedd6e5a_JaffaCakes118

Files

274442ff832fc49906cee21eaedd6e5a_JaffaCakes118
.exe windows:4 windows x86 arch:x86

3a8e1e1c786c66384731f712480777e3

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RegEnumKeyExW
RegCreateKeyW
RegOpenKeyExW
RegCloseKey
RegSetValueExW
RegSetValueW
RegDeleteKeyW

user32

SetForegroundWindow
CopyRect
GetDesktopWindow
GetParent
FindWindowExW
GetSysColor
SetWindowLongW
UpdateWindow
SetTimer
UnionRect
InflateRect
ReleaseDC
FillRect
IsWindowVisible
GetClientRect
IntersectRect
GetCursorPos
FrameRect
ShowScrollBar
SetFocus
GetSystemMetrics
SetRect
KillTimer
BringWindowToTop
ClientToScreen
IsWindow
GetWindowRect
TrackPopupMenuEx
DrawTextW
SetRectEmpty
CreatePopupMenu
LoadCursorW
DefWindowProcW
PostMessageW
GetSysColorBrush
EnableWindow
LoadImageW
PtInRect
GetDC
SendMessageW
ReleaseCapture
GetActiveWindow
wsprintfW
DrawFocusRect
SetCursor
SetCapture
IsRectEmpty
GetWindowLongW
EqualRect
OffsetRect
DestroyMenu
ScreenToClient
InvalidateRect

ole32

OleUninitialize
OleInitialize
CoUninitialize
CoCreateInstance
CoFreeUnusedLibraries
StringFromGUID2
CoInitialize

avifil32

AVISaveOptions
AVIMakeCompressedStream

shell32

SHGetSpecialFolderLocation
SHGetPathFromIDListW
SHGetMalloc
SHGetDesktopFolder
DragQueryFileW
SHGetFileInfoW

kernel32

GetCurrentProcessId
LeaveCriticalSection
GetThreadLocale
ReplaceFileW
GetModuleFileNameA
GlobalReAlloc
DisableThreadLibraryCalls
GetTickCount
FindFirstChangeNotificationW
GetCurrentThreadId
GlobalUnlock
GetSystemTimeAsFileTime
MultiByteToWideChar
GetProcessId
lstrcpynW
GlobalAlloc
EnterCriticalSection
GetProcAddress
GetLastError
GetVersionExW
FindNextChangeNotification
lstrlenW
EnumResourceTypesA
MulDiv
FindFirstFileW
CreateThread
GlobalLock
GetFullPathNameW
FindClose
ResetEvent
lstrlenA
GetACP
FreeLibrary
FileTimeToLocalFileTime
FindCloseChangeNotification
Sleep
ExitProcess
CloseHandle
SetEvent
GetModuleHandleW
GetDriveTypeW
InterlockedExchange
FileTimeToSystemTime
QueryPerformanceCounter
CreateEventW
InterlockedDecrement
InitializeCriticalSection
DeleteCriticalSection
WaitForSingleObject
InterlockedIncrement
WideCharToMultiByte
GetLocaleInfoA
GetVersionExA

Sections

.text
Size: 105KB - Virtual size: 104KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: 71KB - Virtual size: 71KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 1024B - Virtual size: 124KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

3a8e1e1c786c66384731f712480777e3

Headers

File Characteristics

Imports

advapi32

user32

ole32

avifil32

shell32

kernel32

Sections

.text Size: 105KB - Virtual size: 104KB

.rdata Size: 3KB - Virtual size: 3KB

.bss Size: 71KB - Virtual size: 71KB

.tls Size: 1024B - Virtual size: 124KB

.text
Size: 105KB - Virtual size: 104KB

.rdata
Size: 3KB - Virtual size: 3KB

.bss
Size: 71KB - Virtual size: 71KB

.tls
Size: 1024B - Virtual size: 124KB