48040036cac004c49771ff7bfdc12676_JaffaCakes118

General

Target

48040036cac004c49771ff7bfdc12676_JaffaCakes118
Size

128KB
MD5

48040036cac004c49771ff7bfdc12676
SHA1

46372b718ae030df3142ce6b712f747f929fe19d
SHA256

c4cb37b88e86f2a25c5df0505b5b3d78784fd4621c53f60bf1b332c1ddc42bfd
SHA512

d4fc1345a84bf9d562ba11e99bb89908fe3b79f768cd6f2d74e2df07d3397644b046e1add3162407539e5ef8048f264e2a325c9e14691f38241a4c396d87a43d
SSDEEP

3072:+VFa9SHBp98aq4G6AKxP3fL1Orhayv1Y:+HOSHh8aq4G0PzGFv1Y

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
48040036cac004c49771ff7bfdc12676_JaffaCakes118

Files

48040036cac004c49771ff7bfdc12676_JaffaCakes118
.exe windows:4 windows x86 arch:x86

be7cb76295804725386795725f3ff0fc

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

C:\Uki\Gepyl\Modyfa\Ocyfo\Mywe\Cibi.pdb

Imports

ole32

CoCreateInstance
CLSIDFromString
CoInitialize
CoTaskMemFree
CoTaskMemAlloc

avifil32

AVIFileOpenW
AVIFileExit
AVIFileWriteData
AVIFileInit

oleacc

AccessibleObjectFromEvent
GetStateTextW

kernel32

GetCurrentThreadId
GetCurrentProcessId
GetSystemTimeAsFileTime
QueryPerformanceCounter
GetTickCount
SetFilePointer
VirtualQuery
InterlockedExchange
RtlUnwind
CloseHandle
WriteFile
GetFileSize
CreateFileW
DeleteCriticalSection
SetTapePosition
LocalFree
LocalAlloc
ExitProcess
GetProcAddress
GetModuleHandleA
TerminateProcess
GetCurrentProcess
Sleep
LockFile
UnlockFile
GetLastError
GetFileType
GetVersionExA
SetStdHandle
SetHandleCount
GetStdHandle
GetStartupInfoA
SetEndOfFile
ReadFile
GetModuleFileNameA
UnhandledExceptionFilter
GetModuleFileNameW
FreeEnvironmentStringsA
MultiByteToWideChar
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineA
GetCommandLineW
HeapDestroy
HeapCreate
VirtualFree
HeapFree
HeapReAlloc
HeapAlloc
HeapSize
LoadLibraryA
VirtualAlloc
IsBadWritePtr

Sections

.text
Size: 24KB - Virtual size: 21KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 60KB - Virtual size: 59KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 40KB - Virtual size: 482KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

be7cb76295804725386795725f3ff0fc

Headers

File Characteristics

PDB Paths

Imports

ole32

avifil32

oleacc

kernel32

Sections

.text Size: 24KB - Virtual size: 21KB

.rdata Size: 60KB - Virtual size: 59KB

.data Size: 40KB - Virtual size: 482KB

.text
Size: 24KB - Virtual size: 21KB

.rdata
Size: 60KB - Virtual size: 59KB

.data
Size: 40KB - Virtual size: 482KB