767fac510dcddd5aa76ded857842cac0_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

767fac510dcddd5aa76ded857842cac0_JaffaCakes118
Size

194KB
MD5

767fac510dcddd5aa76ded857842cac0
SHA1

e21686d4add4b4b4e8b85c2a49f8339dd0eab8e3
SHA256

dca6d384ee5191d5f0f0a3748b5afb6105df46545bc893d6d2bc7f34d59f13c1
SHA512

242b950fe2f527947fb0185cd2498a30d608d57882b104f1135dfc508299547ca799a46afd6ad3897209c3c59d72392af1f9f2d093fa6b50511fab0748f63da5
SSDEEP

3072:WyXQZiPpWs/E9qKzzX+glzBhrj/drl43bxImLhhtcwZyuC/SgA2yJ:WkPjc9qKXXdtBxQGyywfC/a2yJ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
767fac510dcddd5aa76ded857842cac0_JaffaCakes118

Files

767fac510dcddd5aa76ded857842cac0_JaffaCakes118
.exe windows:4 windows x86 arch:x86

d13ba86580a8d6f925f9a0254e60db9c

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CloseHandle
GetSystemTimeAsFileTime
WideCharToMultiByte
LeaveCriticalSection
GetLastError
FileTimeToLocalFileTime
GetCurrentProcessId
Sleep
WaitForMultipleObjectsEx
lstrlenA
GetModuleFileNameA
GlobalAlloc
SetEvent
lstrcpynW
FindCloseChangeNotification
GetModuleHandleW
FindFirstFileW
MultiByteToWideChar
GetVersionExW
GetProcessId
GetFullPathNameW
DeleteCriticalSection
QueryPerformanceCounter
EnterCriticalSection
FindNextChangeNotification
GetTickCount
EnumResourceTypesW
InterlockedIncrement
GetCurrentThreadId
CreateEventW
GlobalUnlock
FreeLibrary
GetACP
MulDiv
GlobalReAlloc
ExitProcess
WaitForSingleObject
GetThreadLocale
FindClose
GlobalLock
ResetEvent
DisableThreadLibraryCalls
FileTimeToSystemTime
InterlockedDecrement
InitializeCriticalSection
GetProcAddress
lstrlenW
CreateThread
InterlockedExchange
GetLocaleInfoA
FindFirstChangeNotificationW
GetDriveTypeW
GetVersionExA

ole32

CoFreeUnusedLibraries
StringFromGUID2
OleUninitialize
CoCreateInstance
OleInitialize
CoUninitialize
CoInitialize

avifil32

AVISaveOptions
AVIMakeCompressedStream

shell32

SHGetMalloc
SHGetSpecialFolderLocation
SHGetDesktopFolder
SHGetPathFromIDListW
DragQueryFileW
SHGetFileInfoW

advapi32

RegEnumKeyExW
RegOpenKeyExW
RegSetValueW
RegCloseKey
RegSetValueExW
RegCreateKeyW
RegDeleteKeyW

user32

EnableWindow
ClientToScreen
UpdateWindow
SetCapture
GetDC
FindWindowExW
ReleaseDC
EqualRect
SetCursor
IsWindowVisible
DestroyMenu
SetForegroundWindow
FillRect
GetClientRect
wsprintfW
PtInRect
SetRectEmpty
IntersectRect
TrackPopupMenuEx
SetWindowLongW
GetSysColorBrush
GetWindowLongW
GetSystemMetrics
GetParent
InflateRect
OffsetRect
SetRect
ReleaseCapture
DrawTextW
GetDesktopWindow
CreatePopupMenu
LoadImageW
ShowScrollBar
GetSysColor
PostMessageW
ScreenToClient
SetFocus
DefWindowProcW
GetWindowRect
SendMessageW
FrameRect
DrawFocusRect
SetTimer
BringWindowToTop
LoadCursorW
IsRectEmpty
UnionRect
CopyRect
GetActiveWindow
GetCursorPos
KillTimer
IsWindow
InvalidateRect

Sections

.text
Size: 110KB - Virtual size: 109KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: 79KB - Virtual size: 78KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 1024B - Virtual size: 224KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d13ba86580a8d6f925f9a0254e60db9c

Headers

File Characteristics

Imports

kernel32

ole32

avifil32

shell32

advapi32

user32

Sections

.text Size: 110KB - Virtual size: 109KB

.rdata Size: 3KB - Virtual size: 3KB

.bss Size: 79KB - Virtual size: 78KB

.tls Size: 1024B - Virtual size: 224KB

.text
Size: 110KB - Virtual size: 109KB

.rdata
Size: 3KB - Virtual size: 3KB

.bss
Size: 79KB - Virtual size: 78KB

.tls
Size: 1024B - Virtual size: 224KB