441549ac9429948218737d833c33cd41_JaffaCakes118

General

Target

441549ac9429948218737d833c33cd41_JaffaCakes118
Size

181KB
MD5

441549ac9429948218737d833c33cd41
SHA1

c973c618826dc8017289e3c47db62a0f01824f08
SHA256

798ea17c31c98209e12fda9c7ffe91d0d46d43bd8062a16db27cb5eceaffbc09
SHA512

6645be87879e3fc6b8b76be5cf468d5db52fd80dd1c5a77917dee53fa26897604ebba8e36555f7188ae0799e884597a6f8464740961e3f055e8e518b4577524b
SSDEEP

3072:xshifHNs0jsCcPjbkIY7/jXUhQcq0V3u7iRh2MNQpAEcI44R+aoYc3SZ81kFMy:x5fiEsVbFY7b2P3pycTfZ3SZ8GFMy

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
441549ac9429948218737d833c33cd41_JaffaCakes118

Files

441549ac9429948218737d833c33cd41_JaffaCakes118
.exe windows:4 windows x86 arch:x86

f76919cbf699b92ff023833bfd05f7eb

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

winmm

timeGetTime

avifil32

AVISaveOptions
AVIMakeCompressedStream

user32

SetRectEmpty
TranslateMessage
PeekMessageW
FillRect
CopyRect
GetDC
ReleaseDC
GetClientRect
DispatchMessageW
IsRectEmpty
wsprintfW
OffsetRect
GetWindowRect

kernel32

LocalFree
GetProcAddress
GetSystemTime
FindNextFileW
InterlockedExchange
InterlockedDecrement
FindClose
OutputDebugStringA
GetTickCount
LoadLibraryW
GetShortPathNameA
MulDiv
WaitForSingleObject
InterlockedIncrement
GetCurrentThreadId
SetFileAttributesA
DisableThreadLibraryCalls
GetProcessAffinityMask
CreateFileA
InitializeCriticalSection
CreateDirectoryW
DeleteFileW
ReleaseMutex
lstrlenW
GetLocaleInfoA
CreateMutexA
LocalAlloc
DeleteFileA
SetFilePointer
GetVersionExW
GetCurrentProcessId
CloseHandle
QueryPerformanceCounter
CreateDirectoryA
EnumResourceTypesW
OutputDebugStringW
GetModuleFileNameA
DeleteCriticalSection
FindFirstFileW
WriteFile
GetTempFileNameA
GetVersionExA
LeaveCriticalSection
GetTempPathW
FreeLibrary
GetFileAttributesA
GetModuleFileNameW
MultiByteToWideChar
GetTempFileNameW
TerminateProcess
GetACP
SetFileAttributesW
lstrlenA
GetLastError
CopyFileA
GetTempPathA
WideCharToMultiByte
EnterCriticalSection
Sleep
GetThreadLocale
ReadFile
RemoveDirectoryW
GetSystemTimeAsFileTime

Sections

.text
Size: 101KB - Virtual size: 101KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: 75KB - Virtual size: 74KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 1024B - Virtual size: 124KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f76919cbf699b92ff023833bfd05f7eb

Headers

File Characteristics

Imports

winmm

avifil32

user32

kernel32

Sections

.text Size: 101KB - Virtual size: 101KB

.rdata Size: 2KB - Virtual size: 2KB

.bss Size: 75KB - Virtual size: 74KB

.tls Size: 1024B - Virtual size: 124KB

.text
Size: 101KB - Virtual size: 101KB

.rdata
Size: 2KB - Virtual size: 2KB

.bss
Size: 75KB - Virtual size: 74KB

.tls
Size: 1024B - Virtual size: 124KB