5adbc357e27a08c54d94b45ff73c1b16_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

5adbc357e27a08c54d94b45ff73c1b16_JaffaCakes118
Size

175KB
MD5

5adbc357e27a08c54d94b45ff73c1b16
SHA1

92431d8684523e6ddaae04bb06bd27364e331b40
SHA256

44d3acf909ccefd85218494b70b1f86545d0c4429762bb21c8f9bbc90ac51425
SHA512

642f35ecd8eb8c849f493b1a376fde2161d27437951c9e2d175e83b5149340e6d18adcb3fb4b66ea364c5fdb1be32a196d18c25523e306501ce70701d62e5dce
SSDEEP

3072:Ay7xwWdfhKQQmhZ2A8XUQS27RoM+2kCxpmK7qj8Be5d:Ay7lImTh8A2FoM+Cx8KmIBeL

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5adbc357e27a08c54d94b45ff73c1b16_JaffaCakes118

Files

5adbc357e27a08c54d94b45ff73c1b16_JaffaCakes118
.exe windows:4 windows x86 arch:x86

34515f972bfd676c196f1dedc63eb4c3

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

WaitForMultipleObjectsEx
InterlockedExchange
InitializeCriticalSection
FindFirstChangeNotificationW
lstrlenA
FileTimeToSystemTime
GetFullPathNameW
SetEvent
FreeLibrary
GetLocaleInfoA
CreateEventW
InterlockedIncrement
QueryPerformanceCounter
CloseHandle
FindCloseChangeNotification
WaitForSingleObject
MulDiv
GetModuleFileNameA
GetProcessId
FileTimeToLocalFileTime
GetSystemTimeAsFileTime
LeaveCriticalSection
FindFirstFileW
GetACP
GetModuleHandleW
GetThreadLocale
GetCurrentThreadId
FindNextChangeNotification
GetLastError
GlobalReAlloc
GlobalLock
EnumResourceTypesW
GlobalAlloc
lstrcpynW
WideCharToMultiByte
ExitProcess
lstrlenW
DisableThreadLibraryCalls
ResetEvent
MultiByteToWideChar
FindClose
GetCurrentProcessId
DeleteCriticalSection
GetDriveTypeW
GlobalUnlock
GetProcAddress
CreateThread
GetVersionExW
EnterCriticalSection
GetTickCount
InterlockedDecrement
Sleep
GetVersionExA

ole32

OleInitialize
StringFromGUID2
CoUninitialize
OleUninitialize
CoFreeUnusedLibraries
CoCreateInstance
CoInitialize

avifil32

AVISaveOptions
AVIMakeCompressedStream

advapi32

RegSetValueW
RegSetValueExW
RegCreateKeyW
RegCloseKey
RegOpenKeyExW
RegEnumKeyExW
RegDeleteKeyW

shell32

SHGetSpecialFolderLocation
SHGetMalloc
DragQueryFileW
SHGetPathFromIDListW
SHGetDesktopFolder
SHGetFileInfoW

user32

ShowScrollBar
BringWindowToTop
UpdateWindow
LoadImageW
GetSysColorBrush
FillRect
CopyRect
SetRectEmpty
UnionRect
SetFocus
wsprintfW
SetWindowLongW
FindWindowExW
GetSysColor
SetCursor
FrameRect
GetActiveWindow
DefWindowProcW
IsRectEmpty
OffsetRect
GetDC
CreatePopupMenu
DrawFocusRect
DrawTextW
InflateRect
GetSystemMetrics
DestroyMenu
GetDesktopWindow
ReleaseCapture
IsWindowVisible
GetCursorPos
GetWindowLongW
ScreenToClient
GetParent
ReleaseDC
EnableWindow
IsWindow
PtInRect
GetClientRect
SetRect
SetCapture
LoadCursorW
SendMessageW
IntersectRect
ClientToScreen
SetForegroundWindow
GetWindowRect
PostMessageW
SetTimer
TrackPopupMenuEx
EqualRect
KillTimer
InvalidateRect

Sections

.text
Size: 100KB - Virtual size: 99KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: 70KB - Virtual size: 69KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 1024B - Virtual size: 380KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

34515f972bfd676c196f1dedc63eb4c3

Headers

File Characteristics

Imports

kernel32

ole32

avifil32

advapi32

shell32

user32

Sections

.text Size: 100KB - Virtual size: 99KB

.rdata Size: 3KB - Virtual size: 3KB

.bss Size: 70KB - Virtual size: 69KB

.tls Size: 1024B - Virtual size: 380KB

.text
Size: 100KB - Virtual size: 99KB

.rdata
Size: 3KB - Virtual size: 3KB

.bss
Size: 70KB - Virtual size: 69KB

.tls
Size: 1024B - Virtual size: 380KB