683c9fc423554d30a096f4427f2683fb_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

683c9fc423554d30a096f4427f2683fb_JaffaCakes118
Size

172KB
MD5

683c9fc423554d30a096f4427f2683fb
SHA1

c095e6da993aaade911966147726be2b489d2f3c
SHA256

1a42edd3511e1478373678eca398ff64b8032e01769152ef2c90550e2f862b19
SHA512

82f685efd79254da1428c6a246d7374312e0a3ac11da66cc38eda0f75cab35339cf2026fd9de45bdd4da07084581108f3448510c3b939a9c90b4dce458a75e21
SSDEEP

3072:Px1pyUfu4r3Wg+B46mU8mg4nmK94rydZAVgl8fIk7kxOt8paj/:PxyUf99+W6r6ywuTk7kxOCpaj

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
683c9fc423554d30a096f4427f2683fb_JaffaCakes118

Files

683c9fc423554d30a096f4427f2683fb_JaffaCakes118
.exe windows:4 windows x86 arch:x86

8cecbedd47510f70f9e0620df440dcb5

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

avifil32

AVISaveOptions
AVIMakeCompressedStream

shell32

SHGetMalloc
DragQueryFileW
SHGetPathFromIDListW
SHGetDesktopFolder
SHGetSpecialFolderLocation
SHGetFileInfoW

ole32

StringFromGUID2
OleInitialize
CoFreeUnusedLibraries
CoUninitialize
CoCreateInstance
OleUninitialize
CoInitialize

advapi32

RegOpenKeyExW
RegSetValueExW
RegSetValueW
RegCreateKeyW
RegCloseKey
RegEnumKeyExW
RegDeleteKeyW

kernel32

InitializeCriticalSection
GetTickCount
DisableThreadLibraryCalls
ResetEvent
WaitForMultipleObjectsEx
DeleteCriticalSection
GetThreadLocale
FindFirstFileW
SetEvent
GetDriveTypeW
GetProcAddress
Sleep
GetProcessId
LeaveCriticalSection
GetModuleHandleW
GetACP
MultiByteToWideChar
FindCloseChangeNotification
GetVersionExW
GetFullPathNameW
WaitForSingleObject
GetModuleFileNameA
GetCurrentProcessId
CloseHandle
EnterCriticalSection
lstrcpynW
CreateEventW
FreeLibrary
QueryPerformanceCounter
GlobalLock
EnumResourceTypesW
MulDiv
GetLocaleInfoA
ExitProcess
CreateThread
GetLastError
GlobalAlloc
InterlockedDecrement
GlobalUnlock
lstrlenW
FindNextChangeNotification
WideCharToMultiByte
FindClose
GlobalReAlloc
GetCurrentThreadId
InterlockedIncrement
FileTimeToLocalFileTime
FileTimeToSystemTime
FindFirstChangeNotificationW
GetSystemTimeAsFileTime
InterlockedExchange
lstrlenA
GetVersionExA

user32

SetRect
DefWindowProcW
SetCapture
LoadCursorW
ShowScrollBar
wsprintfW
ClientToScreen
IsWindow
ReleaseDC
InflateRect
SetFocus
SetCursor
FindWindowExW
SendMessageW
DrawFocusRect
IsWindowVisible
UpdateWindow
IntersectRect
PtInRect
GetSysColorBrush
OffsetRect
SetWindowLongW
GetSysColor
ReleaseCapture
GetWindowRect
LoadImageW
GetClientRect
GetActiveWindow
GetCursorPos
GetDC
KillTimer
PostMessageW
GetParent
GetWindowLongW
FrameRect
GetDesktopWindow
FillRect
UnionRect
IsRectEmpty
CreatePopupMenu
GetSystemMetrics
DestroyMenu
TrackPopupMenuEx
ScreenToClient
EnableWindow
SetRectEmpty
CopyRect
SetForegroundWindow
SetTimer
BringWindowToTop
EqualRect
DrawTextW
InvalidateRect

Sections

.text
Size: 101KB - Virtual size: 100KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: 65KB - Virtual size: 65KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 1024B - Virtual size: 252KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

8cecbedd47510f70f9e0620df440dcb5

Headers

File Characteristics

Imports

avifil32

shell32

ole32

advapi32

kernel32

user32

Sections

.text Size: 101KB - Virtual size: 100KB

.rdata Size: 3KB - Virtual size: 3KB

.bss Size: 65KB - Virtual size: 65KB

.tls Size: 1024B - Virtual size: 252KB

.text
Size: 101KB - Virtual size: 100KB

.rdata
Size: 3KB - Virtual size: 3KB

.bss
Size: 65KB - Virtual size: 65KB

.tls
Size: 1024B - Virtual size: 252KB