b8be94eb7b9aa8b468051af5879bdf27_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

b8be94eb7b9aa8b468051af5879bdf27_JaffaCakes118
Size

166KB
MD5

b8be94eb7b9aa8b468051af5879bdf27
SHA1

f178d4b7c6759606b8ea2425866145c9a1aaa657
SHA256

2d0631885a6107a4e4d3043a4510a792c8dffd44d694d391fbd6b16ba6c9f4d9
SHA512

0ce8fc5e04af94bcf1273be9970fcf5c73a1537440d6a2941629af837b149e7c1373f66d840b58e4dbdf40c969e85e4d7126d6bf28bf7b917877acf675230328
SSDEEP

3072:jtGqRRuT30UGeSgItLM3oNG2+o78g8ze8grXqz8mIMAJDYlIyYBoXFBkm:QqRRuT30HtAYNv9Yg8zdz8mcJD+IFBoZ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b8be94eb7b9aa8b468051af5879bdf27_JaffaCakes118

Files

b8be94eb7b9aa8b468051af5879bdf27_JaffaCakes118
.exe windows:4 windows x86 arch:x86

c5c5fc842aba4af091403e864dd902ad

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

avifil32

AVISaveOptions
AVIMakeCompressedStream

advapi32

RegQueryValueExW
RegSetValueExW
RegSetValueExA
RegDeleteKeyW
RegSetValueW
RegCreateKeyW
RegEnumKeyExW
RegQueryValueExA
RegOpenKeyExW
RegCloseKey
RegOpenKeyExA
RegCreateKeyExA
RegDeleteKeyA

gdi32

SelectObject
CreateBitmap
GetDIBits
GetObjectType
DeleteDC
StretchBlt
CreateCompatibleBitmap
GetObjectW
CreateCompatibleDC
CreateSolidBrush
SetBrushOrgEx
BitBlt
CreateDCW
CreateDIBSection
SetBkColor
DeleteObject
SetStretchBltMode

kernel32

CopyFileA
ReleaseMutex
GetTempPathW
GetSystemTime
DeleteFileW
WaitForMultipleObjects
LoadLibraryW
QueryPerformanceCounter
lstrlenW
GetLocaleInfoA
InterlockedExchange
SetFilePointer
GetTempFileNameA
CreateDirectoryW
FindFirstFileW
CreateFileA
GetModuleFileNameW
GetFileAttributesA
Sleep
InterlockedIncrement
GetProcessPriorityBoost
FindNextFileW
WriteFile
DeleteCriticalSection
GetACP
SetFileAttributesW
EnumResourceTypesW
DisableThreadLibraryCalls
GetTickCount
CreateMutexA
GetThreadLocale
InterlockedDecrement
GetTempPathA
OutputDebugStringA
CloseHandle
MultiByteToWideChar
GetVersionExA
MulDiv
ExitProcess
GetCurrentProcessId
GetTempFileNameW
ReadFile
FindClose
LeaveCriticalSection
WaitForSingleObject
lstrlenA
CreateDirectoryA
InitializeCriticalSection
RemoveDirectoryW
LocalAlloc
GetModuleFileNameA
WideCharToMultiByte
GetVersionExW
EnterCriticalSection
LocalFree
GetCurrentThreadId
GetProcAddress
SetFileAttributesA
OutputDebugStringW
FreeLibrary
DeleteFileA
GetLastError
GetSystemTimeAsFileTime

shell32

SHGetSpecialFolderPathA

shlwapi

PathRenameExtensionW
PathFileExistsA
PathAddBackslashW
PathRemoveBackslashW
PathIsDirectoryW
PathFileExistsW
PathCombineW
PathAppendW
PathRemoveFileSpecW

user32

TranslateMessage
CopyRect
OffsetRect
SetRectEmpty
GetClientRect
IsRectEmpty
ReleaseDC
GetDC
DispatchMessageW
wsprintfW
FillRect
PeekMessageW
GetWindowRect

winmm

timeGetTime

ole32

CoCreateInstance
StringFromGUID2
CoFreeUnusedLibraries
CoUninitialize
CoInitialize

Sections

.text
Size: 96KB - Virtual size: 96KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: 64KB - Virtual size: 64KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 1024B - Virtual size: 100KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

c5c5fc842aba4af091403e864dd902ad

Headers

File Characteristics

Imports

avifil32

advapi32

gdi32

kernel32

shell32

shlwapi

user32

winmm

ole32

Sections

.text Size: 96KB - Virtual size: 96KB

.rdata Size: 3KB - Virtual size: 3KB

.bss Size: 64KB - Virtual size: 64KB

.tls Size: 1024B - Virtual size: 100KB

.text
Size: 96KB - Virtual size: 96KB

.rdata
Size: 3KB - Virtual size: 3KB

.bss
Size: 64KB - Virtual size: 64KB

.tls
Size: 1024B - Virtual size: 100KB