71cb31cb924ac88baddb8c6765d05f58_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

71cb31cb924ac88baddb8c6765d05f58_JaffaCakes118
Size

193KB
MD5

71cb31cb924ac88baddb8c6765d05f58
SHA1

0ab6971c714763f2c8e461cdb141df1837c2647c
SHA256

fa306bdffcf1810cdc147220baecb131a64f9d23b05916ccbb94a25da6ff1d62
SHA512

bad2e317abffa0ceed5de9eceecf436504d3afef09682122c5d85bc4b993627517013abff8653cab1627743cd5ba1f8a5050600aa8472eb01f94c6a896a8ab35
SSDEEP

6144:Ghslwrwk5xGkeS0duCyR14HYty3opAht:GhsqrwmGkgYz4HYW

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
71cb31cb924ac88baddb8c6765d05f58_JaffaCakes118

Files

71cb31cb924ac88baddb8c6765d05f58_JaffaCakes118
.exe windows:4 windows x86 arch:x86

88bfbd68f4a3ac8bae0e08ab370a31e9

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

avifil32

AVISaveOptions
AVIMakeCompressedStream

kernel32

SetEvent
FileTimeToSystemTime
EnterCriticalSection
FindClose
WaitForSingleObject
GetACP
GlobalLock
GetCurrentProcessId
ReplaceFileW
GetThreadLocale
CloseHandle
GetProcessId
GetVersionExW
GetModuleHandleW
GetDriveTypeW
FreeLibrary
GlobalReAlloc
InitializeCriticalSection
CreateThread
GetFullPathNameW
lstrlenW
Sleep
GlobalUnlock
GetLocaleInfoA
GetLastError
InterlockedDecrement
QueryPerformanceCounter
ResetEvent
MultiByteToWideChar
EnumResourceTypesA
FileTimeToLocalFileTime
FindFirstChangeNotificationW
GetModuleFileNameA
DisableThreadLibraryCalls
MulDiv
GetSystemTimeAsFileTime
FindNextChangeNotification
lstrlenA
LeaveCriticalSection
GlobalAlloc
ExitProcess
GetTickCount
lstrcpynW
FindFirstFileW
DeleteCriticalSection
GetProcAddress
FindCloseChangeNotification
WideCharToMultiByte
GetCurrentThreadId
InterlockedExchange
CreateEventW
InterlockedIncrement
GetVersionExA

ole32

StringFromGUID2
OleInitialize
CoCreateInstance
OleUninitialize
CoFreeUnusedLibraries
CoUninitialize
CoInitialize

advapi32

RegCreateKeyW
RegCloseKey
RegSetValueExW
RegSetValueW
RegEnumKeyExW
RegOpenKeyExW
RegDeleteKeyW

user32

ScreenToClient
SetCursor
ReleaseDC
GetSysColorBrush
SetCapture
IsWindowVisible
EqualRect
KillTimer
GetSystemMetrics
IsRectEmpty
SetRect
SetRectEmpty
FindWindowExW
GetCursorPos
SetForegroundWindow
GetWindowRect
CopyRect
GetParent
InflateRect
PtInRect
SetWindowLongW
GetDesktopWindow
GetDC
FillRect
SetTimer
FrameRect
CreatePopupMenu
IsWindow
wsprintfW
DrawTextW
DefWindowProcW
TrackPopupMenuEx
ReleaseCapture
PostMessageW
SendMessageW
DrawFocusRect
IntersectRect
LoadImageW
BringWindowToTop
LoadCursorW
EnableWindow
DestroyMenu
OffsetRect
GetClientRect
UpdateWindow
GetActiveWindow
UnionRect
ShowScrollBar
GetWindowLongW
ClientToScreen
SetFocus
GetSysColor
InvalidateRect

shell32

SHGetDesktopFolder
SHGetMalloc
DragQueryFileW
SHGetPathFromIDListW
SHGetSpecialFolderLocation
SHGetFileInfoW

Sections

.text
Size: 108KB - Virtual size: 108KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: 79KB - Virtual size: 79KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 1024B - Virtual size: 356KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

88bfbd68f4a3ac8bae0e08ab370a31e9

Headers

File Characteristics

Imports

avifil32

kernel32

ole32

advapi32

user32

shell32

Sections

.text Size: 108KB - Virtual size: 108KB

.rdata Size: 3KB - Virtual size: 3KB

.bss Size: 79KB - Virtual size: 79KB

.tls Size: 1024B - Virtual size: 356KB

.text
Size: 108KB - Virtual size: 108KB

.rdata
Size: 3KB - Virtual size: 3KB

.bss
Size: 79KB - Virtual size: 79KB

.tls
Size: 1024B - Virtual size: 356KB