675789c3839fabb5a3ed6d7f33f8c160_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

675789c3839fabb5a3ed6d7f33f8c160_JaffaCakes118
Size

182KB
MD5

675789c3839fabb5a3ed6d7f33f8c160
SHA1

24b54b9fb2ff1db63eef6f2292869370f0e47db2
SHA256

28c404f3b207e3187032190fa025f9f513a3afa4dff1e3766dc787a397c059ef
SHA512

dd3950bd5e3b39f4d78a2fe74bc94790d527e717c6c049eadab7f2548a0e76572d7defdf22cdcc66796ceb2a7cb6f084fb2e2dcbda5d35f0fbd5bfd6991bcda1
SSDEEP

3072:sM9Jgkes77bVZur+i/fFPGfjpKTom+yYNTbyw/phvMvrg0V5JnxobvdxyU1AQF4:sMb7pZuK65GLYTojvbyw/phOrB9ODXAQ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
675789c3839fabb5a3ed6d7f33f8c160_JaffaCakes118

Files

675789c3839fabb5a3ed6d7f33f8c160_JaffaCakes118
.exe windows:4 windows x86 arch:x86

98ace2af199d9073a3cd73fa72499e69

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

ole32

StringFromGUID2
CoFreeUnusedLibraries
CoCreateInstance
CoUninitialize
CoInitialize

winmm

timeGetTime

avifil32

AVISaveOptions
AVIMakeCompressedStream

shell32

SHGetSpecialFolderPathA

shlwapi

PathAppendW
PathRemoveBackslashW
PathAddBackslashW
PathCombineW
PathFileExistsA
PathRenameExtensionW
PathIsDirectoryW
PathFileExistsW
PathRemoveFileSpecW

gdi32

SetBrushOrgEx
BitBlt
CreateDIBSection
SelectObject
CreateDCW
GetObjectType
GetDIBits
CreateCompatibleDC
StretchBlt
GetObjectW
CreateBitmap
DeleteObject
CreateSolidBrush
SetBkColor
DeleteDC
CreateCompatibleBitmap
SetStretchBltMode

user32

IsRectEmpty
GetClientRect
wsprintfW
GetDC
PeekMessageW
FillRect
SetRectEmpty
DispatchMessageW
CopyRect
OffsetRect
TranslateMessage
ReleaseDC
GetWindowRect

kernel32

InterlockedDecrement
InterlockedExchange
LeaveCriticalSection
GetTempFileNameA
FreeLibrary
InitializeCriticalSection
GetModuleFileNameA
GetLastError
WaitNamedPipeA
SetFilePointer
GetCurrentThreadId
MultiByteToWideChar
GetModuleFileNameW
MulDiv
OutputDebugStringW
GetProcessAffinityMask
lstrlenW
WriteFile
CreateDirectoryW
SetFileAttributesW
DeleteCriticalSection
GetTempPathW
ReleaseMutex
OutputDebugStringA
GetVersionExA
CreateMutexA
GetACP
WaitForSingleObject
SetFileAttributesA
EnumResourceTypesW
DeleteFileA
DeleteFileW
GetTickCount
LocalAlloc
FindClose
GetCurrentProcessId
GetSystemTime
CloseHandle
ExitProcess
GetVersionExW
lstrlenA
GetTempFileNameW
DisableThreadLibraryCalls
LocalFree
FindNextFileW
GetLocaleInfoA
GetProcAddress
EnterCriticalSection
LoadLibraryW
CreateDirectoryA
CopyFileA
QueryPerformanceCounter
WideCharToMultiByte
RemoveDirectoryW
CreateFileA
InterlockedIncrement
Sleep
GetFileAttributesA
GetThreadLocale
ReadFile
GetTempPathA
FindFirstFileW
GetSystemTimeAsFileTime

advapi32

RegCreateKeyW
RegSetValueExA
RegOpenKeyExA
RegCloseKey
RegEnumKeyExW
RegOpenKeyExW
RegQueryValueExA
RegSetValueExW
RegSetValueW
RegQueryValueExW
RegCreateKeyExA
RegDeleteKeyW
RegDeleteKeyA

Sections

.text
Size: 103KB - Virtual size: 102KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: 73KB - Virtual size: 73KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 1024B - Virtual size: 124KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

98ace2af199d9073a3cd73fa72499e69

Headers

File Characteristics

Imports

ole32

winmm

avifil32

shell32

shlwapi

gdi32

user32

kernel32

advapi32

Sections

.text Size: 103KB - Virtual size: 102KB

.rdata Size: 3KB - Virtual size: 3KB

.bss Size: 73KB - Virtual size: 73KB

.tls Size: 1024B - Virtual size: 124KB

.text
Size: 103KB - Virtual size: 102KB

.rdata
Size: 3KB - Virtual size: 3KB

.bss
Size: 73KB - Virtual size: 73KB

.tls
Size: 1024B - Virtual size: 124KB