ae8cb84c59c8d159fc7b6f1c44e8a78b_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

ae8cb84c59c8d159fc7b6f1c44e8a78b_JaffaCakes118
Size

84KB
MD5

ae8cb84c59c8d159fc7b6f1c44e8a78b
SHA1

5b11174742c925fd796af8e6c81d852e1113b076
SHA256

3d641e73d6fa6977c25f01e332767bd808e84b5a4378bc1ab7f121094af66e79
SHA512

cb38136b3489dcb25e7b86a98cd9cc8317ad00975e31ef02552be7086910ff08cfa91a078405345c3e1921f33d9aeab9530e7c8b4c3683099ffe5d6f29c3b6e5
SSDEEP

1536:kRoOfV+ZVBRswbE73GoJw2wfxThQ1Mp7/TO8H/H+vOf55wTMm3f:soOfV+zB7qGdVRhQeprTOeHvC

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ae8cb84c59c8d159fc7b6f1c44e8a78b_JaffaCakes118

Files

ae8cb84c59c8d159fc7b6f1c44e8a78b_JaffaCakes118
.exe windows:4 windows x86 arch:x86

446dc42dbe4c0c5873260a2fd3717a5e

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

setupapi

SetupCloseInfFile

user32

MessageBoxA

avifil32

AVIFileOpenW

ntdll

RtlUnwind

kernel32

lstrcpyA
GetStartupInfoA
WaitForMultipleObjects
LeaveCriticalSection
InterlockedIncrement
HeapCreate
LocalFree
GetModuleHandleA
WideCharToMultiByte
lstrcpynA
GetUserDefaultLCID
LoadLibraryW
RaiseException
InitializeCriticalSection
GetProcAddress
GetACP
OutputDebugStringA
DeleteCriticalSection
CreateEventA
InterlockedExchange
SetFilePointer
FormatMessageA
GetEnvironmentStringsW
DeleteFileA
FreeLibrary
CreateFileA
SetLastError
FreeEnvironmentStringsW
WriteFile
LCMapStringA
IsValidCodePage
VirtualProtect
GetLocaleInfoA
LocalAlloc
GetSystemInfo
EnterCriticalSection
CloseHandle
HeapFree
GetThreadLocale
ReleaseMutex
IsDBCSLeadByte
FlushFileBuffers
GetProcessHeap
VirtualFree
LoadLibraryA
GetLocaleInfoW
SetEvent
MultiByteToWideChar
GetWindowsDirectoryA
SetFileAttributesA
FreeEnvironmentStringsA
UnmapViewOfFile
VirtualAlloc
GetCurrentDirectoryW
GetStringTypeW
HeapDestroy
MapViewOfFile
GetEnvironmentStrings
EnumSystemLocalesA
GetOEMCP
WaitForSingleObject
GetModuleFileNameA
CreateMutexA
SetCurrentDirectoryW
SetStdHandle
HeapReAlloc
SetThreadLocale
GetCPInfo
GetStringTypeA
lstrlenA
VirtualQuery
LCMapStringW
IsValidLocale
GetLastError

activeds

FreeADsMem

Sections

.textbss
Size: - Virtual size: 448KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 81KB - Virtual size: 81KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 4B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.text
Size: 512B - Virtual size: 416B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 32B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

446dc42dbe4c0c5873260a2fd3717a5e

Headers

File Characteristics

Imports

setupapi

user32

avifil32

ntdll

kernel32

activeds

Sections

.textbss Size: - Virtual size: 448KB

.idata Size: 81KB - Virtual size: 81KB

.rdata Size: 512B - Virtual size: 4B

.text Size: 512B - Virtual size: 416B

.rsrc Size: 512B - Virtual size: 32B

.textbss
Size: - Virtual size: 448KB

.idata
Size: 81KB - Virtual size: 81KB

.rdata
Size: 512B - Virtual size: 4B

.text
Size: 512B - Virtual size: 416B

.rsrc
Size: 512B - Virtual size: 32B